How to increase the security of Odoo ?
From our vast experience on Odoo implementations so far, we suggest following steps to secure your Odoo :
- Set private ssh key for your Odoo server.
- Start your Odoo in SSL mode.
- Install Nginx in your Ubuntu Server.
- Stop access of all unnecessary ports from firewall of your Ubuntu Server.
- Set proper data access rights & access rules into your Odoo instance.
- Set proper authentication method for your PostgreSQL database user.
- Set tricky password for PostgreSQL user.
- Apply encryption on Database and Odoo user passwords.
- Set Tricky password for Super Admin.
- Request all your ERP users to set difficult password for their accounts in Odoo.
- Provide FTP access for your ERP users and don't allow them to create files out of their directory on your Ubuntu Server.
- Set proper access rights on your custom addons and default Odoo addons via chmod and chown commands.
- Have a look on /var/log/postgresql/postgresql-9.1-main.log file for malware attack on your database.
- Manage your Odoo log file properly.
- Transfer database & custom addons backup to remote place at frequent amount of time.
- Change and set tricky password for detault postgres user in your database server.
- Stop XMLRPC if you don't want your ERP to connect from 3rd party systems. ( set xmlrpc=False in your config file )
- Remove "Manage Database" link from home page of your live Odoo instance. ( it's suggestion only )
- Ignore installation of Odoo where multiple other websites are hosted.
- We highly recommend to ignore creation of any kind of demo database in Live Odoo instance.
- Ignore to host your Odoo in Web hosting servers, always host Odoo in trusted VPS sites. ( Amazon, Raskspace, DigitalOcen, Myhosting etc..)
- Monitor Incoming and outgoing TCP/IP traffics in your Ubuntu Server. Few of our customers for whom we have implemented Odoo for more then 150+ users, they hired their own server administrator to monitor incoming and outgoing TCP/IP traffics. ( Visit this link )
- Never give full access of your server to your Odoo service providers, always give them folder access of their own custom addons with their separate user. ( It's advisable to not share root user password to anyone. )
- If customer can afford healthy cost, we always suggest them to set up their own in-house hosting server instead of VPS.
Being an emerging leader in IT market since 2011, Emipro Technologies Pvt. Ltd. has been providing a wide range of business solutions in Odoo & Magento. We are pleased to have a large pool of contented customers with our meticulous work in the domain of ERP & e-Commerce. A ray of relief & satisfaction to our customers heart by our successful deployment in their organization, purely represents our success in Odoo platform. Hence, we take pride for being an Odoo partner with a vision of expanding our strategic alliances with our customers to offer them high value-added, trustworthy & cost effective solutions. We are just an inch away from you by email firstname.lastname@example.org or a tweet to @EmiproTech
Being an emerging leader in IT market since 2011, Emipro Technologies Pvt. Ltd. has been providing a wide range of business solutions in Odoo & Magento. We are pleased to have a large pool of contented customers with our meticulous work in the domain of ERP & e-Commerce. Our customers are companies of all sizes ranging from startups to large enterprises who realize that they need a professional internet solution to generate revenue streams, establish proper communication channels, to achieve desired goals and streamline business operations. [....] Read More