콘텐츠로 건너뛰기
메뉴
커뮤니티에 참여하려면 회원 가입을 하시기 바랍니다.
신고된 질문입니다

Situation:
* Odoo v12.0 CE with multicompany database.
* Webserver (Apache2 reverse proxy).
Odoo database hosts backend functionality as well as publicly accessible website(s).
Questions:
Does it make sense to implement an authentication scheme at the webserver to increase security if Odoo server also hosts publicly accessible website(s)?
For example by using authentication forwarding (https://github.com/OCA/server-auth/tree/12.0/auth_from_http_remote_user).
In case of a publicly accessible website, Odoo server has many URL endpoints that need to be served without authentication.
What are website related end-points? We see many starting with "/web" which is also start of backend related URLs.
Can we discriminate between backend and website related URLs (e.g with <Location> configuration section containers in Apache conf) or is this not feasible / a bad idea?

아바타
취소
관련 게시물 답글 화면 활동
0
6월 25
314
0
1월 25
1418
0
1월 25
1459
1
12월 24
1924
0
5월 24
1515