(ofbiz-site) branch master updated: Improved: adds a link to the "How to secure your deployment" wiki page

Fri, 17 Oct 2025 22:55:33 -0700 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ofbiz-site.git


The following commit(s) were added to refs/heads/master by this push:
     new b8e0685  Improved: adds a link to the "How to secure your deployment" 
wiki page
b8e0685 is described below

commit b8e0685ffa61877d6495837d84e0520b867e0f38
Author: Jacques Le Roux <[email protected]>
AuthorDate: Wed Sep 24 16:12:19 2025 +0200

    Improved: adds a link to the "How to secure your deployment" wiki page
    
    This page is currently augmented, WIP...
    
    Also better reading format for the security page
---
 security.html                  | 12 +++++++++---
 template/page/security.tpl.php | 12 +++++++++---
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/security.html b/security.html
index 87b86c6..606d1aa 100644
--- a/security.html
+++ b/security.html
@@ -118,9 +118,15 @@
 
              <h2>OFBiz Security</h2>
             <div class="divider"><span></span></div>
-                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions" 
target="external">OFBiz Security Model: Permissions and related.</a> Be sure to 
read the children pages in the left part of screen.<br>
-                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" 
target="external">Keeping OFBiz secure.</a> To keep your OFBiz instance secure 
from exploits. Also read the children pages.<br>
-                <a 
href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" 
target="external">In the main online README file,</a> best practices and 
security advices for OFBiz users in production.
+                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions" 
target="external">OFBiz Security Model: Permissions and related.</a>
+                     Be sure to read the children pages in the left part of 
screen.<br>
+
+                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" 
target="external">Keeping OFBiz secure.</a>
+                     To keep your OFBiz instance secure from exploits. Also 
read the children pages, notably
+                     <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment"
 target="external">How to secure your deployment.</a><br>
+
+                <a 
href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" 
target="external">In the main online README file,</a>
+                 best practices and security advices for OFBiz users in 
production.
             <p> </p>
             <p><strong>All system privileges, including access to potentially 
vulnerable operations, are granted to administrators</strong>. Even if we 
assume that administrators don't attack their own websites, it's essential to 
exercise extra care when granting administrator privileges.
                        Therefore, if a security breach occurs on the 
administration page (webtools), it's generally not perceived as a problem. The 
administrator holds the power. Unless an ordinary user manages to overstep 
their bounds and act beyond their authority.
diff --git a/template/page/security.tpl.php b/template/page/security.tpl.php
index ba7aa6d..46c1ef0 100644
--- a/template/page/security.tpl.php
+++ b/template/page/security.tpl.php
@@ -19,9 +19,15 @@
 
              <h2>OFBiz Security</h2>
             <div class="divider"><span></span></div>
-                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions" 
target="external">OFBiz Security Model: Permissions and related.</a> Be sure to 
read the children pages in the left part of screen.<br>
-                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" 
target="external">Keeping OFBiz secure.</a> To keep your OFBiz instance secure 
from exploits. Also read the children pages.<br>
-                <a 
href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" 
target="external">In the main online README file,</a> best practices and 
security advices for OFBiz users in production.
+                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions" 
target="external">OFBiz Security Model: Permissions and related.</a>
+                     Be sure to read the children pages in the left part of 
screen.<br>
+
+                <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure" 
target="external">Keeping OFBiz secure.</a>
+                     To keep your OFBiz instance secure from exploits. Also 
read the children pages, notably
+                     <a 
href="//cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment"
 target="external">How to secure your deployment.</a><br>
+
+                <a 
href="//nightlies.apache.org/ofbiz/trunk/readme/html5/README.html#security" 
target="external">In the main online README file,</a>
+                 best practices and security advices for OFBiz users in 
production.
             <p> </p>
             <p><strong>All system privileges, including access to potentially 
vulnerable operations, are granted to administrators</strong>. Even if we 
assume that administrators don't attack their own websites, it's essential to 
exercise extra care when granting administrator privileges.
                        Therefore, if a security breach occurs on the 
administration page (webtools), it's generally not perceived as a problem. The 
administrator holds the power. Unless an ordinary user manages to overstep 
their bounds and act beyond their authority.

Reply via email to