Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
Hi Folks,
I am looking how to secure my server againt brute force attempts to log in.
I am already used fail2ban to secure the ssh access. I would like to use it to check my odoo web interface as well.
Unfortunately I am not able to find somewhere in the log (/var/log/odoo/odoo.log /var/log/auth.log, ...) a warning when a user keys a wrong password. I don't know where amend the code neither.
If you have any tip for me.
Thanks
Workaround could be to setup some reverse proxy (apache|nginx) with users ssl certificate,
and if cert is not present on users side you could redirect request to some other page/web/domain...
combined with password gives you pretty secure server
Create an account today to enjoy exclusive features and engage with our awesome community!
Sign up
1. Use the live chat to ask your questions.
2. The operator answers within a few minutes.
Take a look at openerp/addons/web/controllers/main.py - class: Home - function: web_login. Maybe that could help.
This would be a very useful module and I am sure that people would pay for this - ask Webkul to develop it.