OTRS - Security

Moderator: crythias

Post Reply
aeg
Znuny newbie
Posts: 42
Joined: 02 Mar 2017, 15:53
Znuny Version: 5.0.4

OTRS - Security

Post by aeg »

Hi,

I'm curious how you guys make OTRS safe as possible?
jojo
Znuny guru
Posts: 15019
Joined: 26 Jan 2007, 14:50
Znuny Version: Git Master
Contact:

Re: OTRS - Security

Post by jojo »

first of all, stay with the lastest patch level....

Also I implemented on my own system 2 factor authentification and a reverse proxy which does the SSL offloading. SSH ist only available via VPN
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master

Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
coolmf
Znuny newbie
Posts: 37
Joined: 02 Nov 2015, 16:29
Znuny Version: 5.0.26

Re: OTRS - Security

Post by coolmf »

1. Hardware patched and up to date (both physical and virtual)
2. OS patched and up to date.
3. OTRS and other software patched and up to date
4. fail2ban monitors web and ssh
5. 2 factor auth for web and ssh

I also use port knocking to enable ssh access, so port 22 is closed when not in use

BACKUP...BACKUP...BACKUP...BACKUP...BACKUP...BACKUP...BACKUP...
OTRS 5.0.26 with ITSM, and FAQ module on CentOS 7 with MariaDB and Apache
Using LDAPS for customers and agents against Azure AD
schulmann
Znuny wizard
Posts: 470
Joined: 20 Nov 2011, 16:08
Znuny Version: 6.5.4
Real Name: Schulmann

Re: OTRS - Security

Post by schulmann »

And - if possible - disable ssh password authentification.
Znuny6/Debian/ESXi
Post Reply