콘텐츠로 건너뛰기
커뮤니티에 참여하려면 회원 가입을 하시기 바랍니다.
모든 게시물 사용자 배지
태그 (모두 보기)
odoo accounting v14 pos v15
게시판 정보
신고된 질문입니다
securityinternetodoo
1 회신
4741 화면
아바타
MONEO Tomasz Serwanski

Hello,


Not sure if it was discussed before - I am wondering how odoo looks from the point of view of security; considering that there are odoo instances running in public internet (accessible from any place in the world), was there anybody facing problems because of that?

For example, exposing windows to internet is not good idea :) is there anyone who is running odoo available from internet and faced problems (mean odoo running on linux, not windows)? or maybe there is anybody who is running such an instance for lon time, and never faced any problems from internet? To make long story short, I am just looking for an opinion (based on experience, not on 'I think') - is it safe to run odoo with direct internet address/domain? or only safe method is to hide it behind vpn?


regards

Tomasz

아바타
취소
Ermin Trevisan

Please respect the forum guidelines and do ask specific questions for specific help. Use the mailing lists for general discussions, where this topic already has been discussed widely by the way.

아바타
Steven Segers
베스트 답변

I'm running a publicly accessible Odoo instance for years and have never had any security-issues (that I'm aware of). There are in fact thousands of Odoo instances publicly accessible. The whole Odoo cloud for starters. But does that help answer your question? What is your definition of "Safe"?

I know Odoo floated the idea of having an external security audit done some time ago but I don't think that ever materialized. So you have to see it like this: the people that designed the system are pretty smart and aware of how to build a secure system, so it is safe to assume there are no fundamental security flaws in the system. Also they send out notifications of vulnerabilities that get discovered and patched from time to time, so it is something they are actively monitoring.

So without going into "I think" land my conclusion would be that it is "pretty safe", but if you want something super-hardened than this is not it.

아바타
취소
MONEO Tomasz Serwanski
작성자

this is somehow answer I was looking for; trying to explain my question bit more - there are other software packages like joomla for example; it is also open source, developed by smart people, monitored, but..! there were at least few big vulnerabilities found last years, which leaded to several systems being hacked; root of my question is: are there any known similar cases, when vulnerability found in odoo was not pached quick enough and because of that (or because of other reason) many odoo instances were hacked at same time; considering your answer as based on experience - I believe there is no any known case like joomla one. great :)

obviously if anyone elsa had different experiences - please share

regards

Tomasz

관련 게시물 답글 화면 활동
How to increase the security of Odoo ? 해결 완료
security odoo
아바타
아바타
아바타
2
9월 23
26905
Security File Issue
security odoo
아바타
0
3월 15
4303
[8] How to inherit or delete rule 해결 완료
security rules odoo
아바타
아바타
아바타
2
12월 19
15418
Bruteforce preventing using CSF (Config File Server Firewall) custom regex in the login form.
security odoo login security
아바타
0
4월 18
3893
Odoo Qweb Report render securely HTML with allowed Tags
security qweb odoo
아바타
아바타
1
4월 17
4373