THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
This come from this archive, I copied and updated it here to be sure to have this always on hand.This is an outline of a few steps that should be taken to ensure that live deployed OFBiz systems do not leave open access for others to abuse.
...
There are a few more things you should probably do:
- Change the port ports from 8080 to 80 and 8443 to 443
- Possibly add or move a webapp to respond to "/".
- This is now also in the system "Started BeanShell telnet service on 9989, 9990, BeanShell service ports are not secure. Please protect the ports" and requires attention for deployment!
- If you loaded the demo data be sure to disable all user logins except "admin" and maybe "flexadmin" Be sure to change their passwords if you expose your server to Internet
- This page may This page coumd not be uptodate to the latest version of OFBiz at all times therefore you should always be careful and check your system for other possible holes.
- If it exists (new), set afterlogin.lastvisit.show in security.properties to true
To think about:
...
- Maybe generate a "production" script to modify and/or remove these logins for a production site Add a brief description (or a link to one) of each webapp to assist the user to determine which ones they need and which ones they don't.