lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update security

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-17 09:20:49 +02:00
parent b02725832b
commit a074c4cb62
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
SECURITY.md
View File

@ -66,7 +66,8 @@ ONLY vulnerabilities discovered, when the following setup on tested platform is
* $dolibarr_main_prod must be set to 1 into conf.php
* $dolibarr_nocsrfcheck must be kept to the value 0 into conf.php (this is the default value)
* The module DebugBar must NOT be enabled (by default, this module is not enabled)
* The module DebugBar must NOT be enabled (by default, this module is not enabled. This is a developer tool)
* The module ModuleBuilder must NOT be enabled (by default, this module is not enabled. This is a developer tool)
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this protection should be enabled soon by default)
* ONLY security reports on "stable" modules are allowed (troubles into "experimental" and "developement" modules are not accepted).