29,048
edits
Changes
Jump to navigation
Jump to search
m
→File:art.png Security Features
Line 96:
Line 96:
*Restrict access to backoffice for some IP only <sup>[*7]</sup>.
*Restrict access to backoffice for some IP only <sup>[*7]</sup>.
*No passwords in logs, even in technical logs <sup>[*7]</sup>.
*No passwords in logs, even in technical logs <sup>[*7]</sup>.
−*Internal logger to save permanently all Dolibarr events about user's administration and successful or failed logins or administration events (user or group or permission changes).
+*Internal logger to save permanently all Dolibarr events about user's administration and successful or failed logins or administration events (like user or group or permission changes).
*Can output a log record into a log file (module Debug Log must be enabled with at least level 5-LOG_NOTICE on production server, higher on development server) after success or failed login attempt so you can add a fail2ban rule to lock brute force cracking. You can check record with syntax :
*Can output a log record into a log file (module Debug Log must be enabled with at least level 5-LOG_NOTICE on production server, higher on development server) after success or failed login attempt so you can add a fail2ban rule to lock brute force cracking. You can check record with syntax :