Odoo Help


3 Answers

Fabien Pinckaers (fp) United States

--Fabien Pinckaers (fp)--
| 7 8 10
San Francisco, United States
--Fabien Pinckaers (fp)--

Odoo Founder & CEO

Fabien Pinckaers (fp) United States
8/3/15, 4:35 PM


Both approaches have advantages and disadvantages:

  1. Have a separate server for the backend and the website

  2. Have both the backend and the website on the same server

Going for two different servers allows to host your backend in a DMZ. Thus, if the website is compromised, an attacker will not have access to your private data. You may have two servers of Odoo, having different data, one for the eCommerce, one for the backend. This approach is similar to having an eCommerce synchronized with an ERP (like magento and Odoo) but the interface is much easier since you sync Odoo data with Odoo data. (you can even use the base_synchro module to help you sync data)

But this approach also has a huge disadvantage: you don't get a full integration and you only interface a few data. As with any eCommerce - ERP integration, it's complex and not super efficient. (you don't get a clean inventory in real time, you may have data conflicts, it's super complex to setup, features are limited to a few synchronized documents, etc.)

As a security point of view, the solution 2 is less efficient. But having everything fully integrated is a huge advantage for the setup, maintenance and efficiency of the users. If you go for the second solution, instead of securing two servers, you can concentrate your effort into securing one Odoo server.

Note that even if your ERP is in a private network, it still need to be open to external access for lots of different reasons: emails gateway, EDI with other software, Web-Services, customer and supplier portal, etc. Most of the current ERPs tend to be online and collaborative, and not anymore hosted in a private network and accessed by employees only. DMZ are not DMZ anymore and what matters is to secure your server, not to hide it.

So, it's a trade off and every one should choose the best solution according to their need and priority. You can also opt for a solution in-between, like putting the backend in a DMZ and setting a HTTP proxy to access to website pages only.

If you need strong integration between the backend and the frontend (e.g. an advanced customer portal), the second solution is probably better. If the security is your primary concern, I would suggest the solution 1, even if it's less efficient and much more complex to setup and maintain.

Not related, but you should have a look at our Security Policy (mostly for SaaS).

Tony Felice United States
4/8/15, 5:30 PM

Mark, unfortunately, it appears that Odoo is slow to recognize see the importance of security.  It is only very recently that the nightly apt repository has had a PGP key.  Lack of a PGP key would make it trivial in some cases for bad guys to get malicious code into some organizations' ERP systems.  Specifically on your point, I agree, this is a show stopper.  Conceptually, perhaps a separate instance of Apache or Nginx in the DMZ, which proxies traffic to the "public" pages of an Odoo instance, would be an approach.  I would think that the public-facing web proxy would refuse to proxy for any URL whose document name begins with /web.  Still, this is a kludge.  If Odoo wants to be as successful as its overall quality genuinely warrants, they need to get serious about security.

Another glaring security issue seems to be related to session management.  I have many times been startled to open up Chrome, go to one of my Odoo installations, and get right into the ERP without so much as a password challenge.  This seems to happen any time you close the browser without explicitly logging out first.  This is seriously dangerous.

Garth Lezama Trinidad and Tobago
8/6/15, 10:48 AM

Fabien, I appreciate you taking the time to comment personally. As an aside, having implemented SAP and Microsoft Dynamics let me say I like the direction Odoo is moving both as a platform and a company. I think the updated partner program is a step in the right direction and staying true to the open source ethos will bring great prosperity and success to the Odoo ecosystem.

To the specific issue of securing backend data, Mark and Tony have a valid point and I wonder if there is not a third option from an Odoo architectural standpoint. Would it not be possible to create a "slave" Odoo installation that loads modules from the "master" and connects either with a Odoo or Postgres user with reduced privileges? I know this adds some complexity to the configuration but given the proliferation of zero day exploits we have to create a multilayered defense of the core erp database as we are asking organizations to use the platform to keep all the crown jewels.

Ask a Question
Keep Informed
12 follower(s)
About This Community

This platform is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now