Changes

Jump to navigation Jump to search

Security information (view source)

Revision as of 14:27, 2 February 2020

350 bytes added ,  4 years ago
m
→‎File:art.png Features
Line 81: Line 81:  
*No passwords in logs, even in technical logs <sup>[*7]</sup>.
 
*No passwords in logs, even in technical logs <sup>[*7]</sup>.
 
*Internal logger to save permanently all Dolibarr events about user's administration and successful or failed logins or administration events (user or group or permission changes).
 
*Internal logger to save permanently all Dolibarr events about user's administration and successful or failed logins or administration events (user or group or permission changes).
 +
*Can output a log record into a log file (module Debug Log must be enabled with at least level 5 - LOG_NOTICE) after success or failed login attempt so you can add a fail2ban rule to lock brute force cracking. You can check record with syntax :
 +
"YYYY-MM-DD HH:MM:SS NOTICE    ip functions_dolibarr::check_user_password_dolibarr Authentication ko"
 +
    
'''Viruses'''
 
'''Viruses'''
Retrieved from "https://wiki.dolibarr.org/index.php?title=Special:MobileDiff/45759"

Navigation menu