In today's digital world, ensuring your website's and database's security is paramount.
One
potential security risk is the page that displays all the installed
apps in your database. By default, this page may be accessible to anyone
visiting your website, including potential hackers.
"We have hacked your database"
To mitigate this risk, it is essential to deactivate
the page that shows all apps. In this blog, we will guide you through
the process of deactivating this page and securing your database.
Step 1: Accessing the Website module
To
begin, you need in V15 as well as in V16 the role "Website: Editor and
Designer", giving you access to your website's backend. In V15
furthermore you need the role administration: settings or our module
samsa_web_editor_access_fix,
giving website editors certain necessary administration rights for the
website. Log in using your credentials and navigate to the page with the
URL ending /website/info, e.g. www.yourwebsite.odoo.com/website/info.
Step 2: Set "Show Odoo Information" to invisible
V15: Under Odoo information deactivate the option "Show Odoo Information"
V16: Edit mode on the page
/website/info
-> customize
Result:
the page that previously displayed all the apps in your database will appear empty and inaccessible to visitors.
Before
After
Security is never expensive it's priceless!
By following the steps outlined in this blog post, you can easily customize the visibility of this page and ensure that it remains inaccessible to unauthorized individuals. If your company faces security issues, please contact SAMSA-IT Odoo specialists. We will guide you through the process. We are an Odoo Gold Partner and guarantee the security of your Odoo database.