Security information

Page waiting for translation. To translate, create an account, go back and clic on "Modify".
Page en attente de traduction. Pour traduire, créez un compte, revenez et cliquez sur "Modifier".
Página a traducir. Para traducirla, cree una cuenta, vuelva a la página y haga clic en "editar".
Pagina da tradurre. Per tradurla, crea un utente, torna indietro e clicca su "modifica".
Página a aguardar por tradução. Para traduzir, crie uma conta, volte atrás e clique em "Modificar".
Seite wartet auf Übersetzung. Um Übersetzung zu erstellen, richte einen Account ein, geh zurück und klicke auf "bearbeiten".
页面等待翻译。若要翻译本页，先创建一个帐户、登录并返回本页后单击“编辑”。

Alerts

No security bugs known at the moment.

Features

Dolibarr implements a several security features. Among them :

No passwords in logs, even technical logs.
Passwords can be crypted in database.
Password can be encoded in the Dolibarr configuration file (conf.php).
Anti SQL injection mechanism.
Support or not ofr PHP safe_mode.
Files saved by application are stored in a different root directory than web application (so they can not be downloaded without passing by the Dolibarr wrapper).
Pages and contents are protected by permissions by groups or by users for each functionnal module (this feature is the only module you can't disable in Dolibarr).
Delay anti brute force cracking on login page.
Graphical code against robots on login page.
Logger to save permanently all Dolibarr events, like successful or failed logins.
Possibility to force HTTPS.
Possibility to run an anti-virus on every uploaded file.