3. Steps to fortify VTiger security

Question

Is there any security issue if VTiger is running on older php versions

Answer

Kindly, make sure to take the following precautionary measures (sorted by the most important first) to make your CRM system more secure

  1. Do not easy to guess user/pass: admin/admin, test/test, demo/demo, etc..

  2. Deactivate any test/developer/temporary users.

  3. Not use the same 'admin' password across multiple instances

  4. Do not use your own email to test MailConverter, MailManager, Outgoing EMail Server. (This is extremely important. If someone breaches your vtiger instance && there is an email account, they can download/search messages for certain strings to locate other instances).

  5. Have proper .htaccess restrictions, where folders cannot be viewed

  6. Add 2-FA through Cloudflare

If you had #6 added (2faCloudflaree), everything else would not matter, because Cloudflare 2fa works as a VPN without VPN's usability issues.

Extension
vTiger default

Description

Steps to fortify VTiger security

Created by

Salman (March 02, 2023)

Last updated