Hi,
I am new to suitecrm and I am using the vesion 7.9.17. I need to secure the installation as well as the site including HTTP headers.
How do I that?
Hi,
I am new to suitecrm and I am using the vesion 7.9.17. I need to secure the installation as well as the site including HTTP headers.
How do I that?
There’s nothing very specific to say about SuiteCRM in this regard: if you have a nicely secured web server, that’s all you need.
So use HTTPS, use PHP > 7.0, secure your network, lock down your file permissions appropriately, in general, follow best-practices for PHP apps and web servers.
I don’t know of specific advice I can add for SuiteCRM, unless you’re also concerned with in-app security (different users, which records they can access, etc.).
I am serving the application through HTTPS.
When I try to secure the HTTP secure like Content-Security-Policy, the login page does not render correctly.
What would be correct Content-Security-Policy that needs to be added into?
You need to check documentation about web server configuration, I’m no good at that.
I found some stuff here
that, and the rest of that chapter, probably applies to SuiteCRM to a great extent, if not completely.
But if you need more than that you’ll have to Google for it… good luck.