Post Installation

From iDempiere en
Jump to: navigation, search

Table of Contents | Running iDempiere from Installers | Post Installation

Now that you have your server configured, it is recommended to follow some security measures.

These are probably not that important if your server is not open to the internet, or if it's a demo/test server. But, if you server contains production data you are warned that iDempiere default configuration is too open and is a MUST to secure it.

Recommended minimal steps:

  • Install an http server to be used a proxy for iDempiere - most used are nginx or apache
    • Configure your proxy to publish just /webui - iDempiere by default has several other services published, and some publishing security-sensitive information (like DB password)
    • if you plan to use webservices externally you must publish also /ADInterface
  • Close ports on your server using a firewall, it's recommended to open just port https/443 and the other ports you may need for administration (i.e. ssh/22)
  • Another usual option is to install your server behind a VPN
  • Change the default passwords for the 4 default users (SuperUser/System/GardenAdmin/GardenUser)
  • Enable hashed passwords


This tutorial is brought to you by Carlos Ruiz from GlobalQSS. Feel free to improve directly or suggest using the Discussion tab.