Odoo Forum

Odoo - OpenERP - How to increase the security of Odoo ?

Support
Support
5000
| 2 1 2
Asked on 9/9/15, 4:01 PM
0
vote
4598 Views

suggested following steps to secure your Odoo.

  • Set private ssh key for your Odoo server.

  • Start your Odoo in SSL mode.

  • Install Nginx in your Ubuntu Server.

  • Stop access of all unnecessary ports from firewall of your Ubuntu Server.

  • Set proper data access rights & access rules into your Odoo instance.

  • Set proper authentication method for your PostgreSQL database user.

  • Set tricky password for PostgreSQL user.

  • Apply encryption on Database and Odoo user passwords.

  • Set Tricky password for Super Admin.

  • Request all your ERP users to set difficult password.

  • Give FTP access for your ERP users and don't allow them to create files out of their directory on your Ubuntu Server.

  • Set proper access rights on your custom addons and default Odoo addons via chmod and chown commands.

  • Have a look on /var/log/postgresql/postgresql-9.1-main.log file for malware attack on your database.

  • Manage your Odoo log file properly.

  • Transfer database & custom addons backup to remote place at frequent amount of time.

  • Change and set tricky password for detault postgres user in your database server.

  • Stop xmlrpc if you don't want your ERP to connect from 3rd party systems. ( set xmlrpc=False in your config file )

  • Remove "Manage Database" link from home page of your live Odoo instance. ( it's suggestion only )

  • Ignore installation of Odoo where multiple other websites are hosted.

  • We highly recommend to ignore creation of any kind of demo database in Live Odoo instance. 

  • Ignore to host your Odoo in Web hosting servers, always host Odoo in trusted VPS sites. ( Amazon, Raskspace, DigitalOcen, Myhosting etc..)

  • Monitor Incoming and outgoing TCP/IP traffics in your Ubuntu Server.  Few of our customers for whom we have implemented Odoo for more then 150+ users, they hired their own server administrator to monitor incoming and outgoing TCP/IP traffics. ( Visit this link )

  • Never give full access of your server to your Odoo service providers, always give them folder access of their own custom addons with their separate user. ( It's advisable to not share root user password to anyone. )

  • If customer can afford healthy cost, we always suggest them to set up their own in-house hosting server instead of VPS.

Support
Support
5000
| 2 1 2
Answered on 9/9/15, 4:02 PM
0
vote

Your answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

Ask a Question

Keep Informed

About This Forum

This forum is for HiTechnologia Employees & just Odoo general knowledge purpose only.

Read Guidelines

Question tools

3 follower(s)

Stats

Asked: 9/9/15, 4:01 PM
Seen: 4598 times
Last updated: 9/9/15, 4:02 PM