This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git
commit 2c91ec843aea4b619fcbec8cddc6a4568a040cf2 Author: Jacques Le Roux <[email protected]> AuthorDate: Wed Sep 24 16:12:19 2025 +0200 Improved: remove the link to the README page on nightlies There is rather now a link there to the site security page where the info is centralised --- security.html | 4 +--- template/page/security.tpl.php | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/security.html b/security.html index 606d1aa..e42bd4b 100644 --- a/security.html +++ b/security.html @@ -122,11 +122,9 @@ Be sure to read the children pages in the left part of screen.<br> <a href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" target="external">Keeping OFBiz secure.</a> - To keep your OFBiz instance secure from exploits. Also read the children pages, notably + To keep your OFBiz instance secure from know exploits. Also read the children pages, notably <a href="//cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment" target="external">How to secure your deployment.</a><br> - <a href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" target="external">In the main online README file,</a> - best practices and security advices for OFBiz users in production. <p> </p> <p><strong>All system privileges, including access to potentially vulnerable operations, are granted to administrators</strong>. Even if we assume that administrators don't attack their own websites, it's essential to exercise extra care when granting administrator privileges. Therefore, if a security breach occurs on the administration page (webtools), it's generally not perceived as a problem. The administrator holds the power. Unless an ordinary user manages to overstep their bounds and act beyond their authority. diff --git a/template/page/security.tpl.php b/template/page/security.tpl.php index 46c1ef0..3bd1ac2 100644 --- a/template/page/security.tpl.php +++ b/template/page/security.tpl.php @@ -23,11 +23,9 @@ Be sure to read the children pages in the left part of screen.<br> <a href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" target="external">Keeping OFBiz secure.</a> - To keep your OFBiz instance secure from exploits. Also read the children pages, notably + To keep your OFBiz instance secure from know exploits. Also read the children pages, notably <a href="//cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment" target="external">How to secure your deployment.</a><br> - <a href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" target="external">In the main online README file,</a> - best practices and security advices for OFBiz users in production. <p> </p> <p><strong>All system privileges, including access to potentially vulnerable operations, are granted to administrators</strong>. Even if we assume that administrators don't attack their own websites, it's essential to exercise extra care when granting administrator privileges. Therefore, if a security breach occurs on the administration page (webtools), it's generally not perceived as a problem. The administrator holds the power. Unless an ordinary user manages to overstep their bounds and act beyond their authority.
