Doing a demo for a client today of an OTRS setup as part of other general work we do for them. This is my first OTRS use.
The system is up and running, for something as complex it was surprisingly easy. A few false starts with overlapping features (e.g. notifications vs auto-responses), and lots of easy-to-forget issues (like all the things you need to link in when creating a new queue after the fact). But surprisingly straightforward.
So a couple of related questions...
We plan to do a fresh install for production (hopefully kept good notes), so as not to have all the testing/demo garbage in the files that cannot be deleted (unless there's a way to delete all "invalid" items?). There doesn't appear to be import/export except for very specific features; is that right? Is there any more general way to migrate all setups and settings (but omitting a few, like agents)?
As we do a final install and deploy to the internet, we of course need to secure it. Besides some obvious general things for linux and apache, is there documentation anywhere, like a "OTRS Security Checklist", much as you can find for Wordpress sites? Are there .htaccess or other settings that are generally endorsed as additional security? Are there ways (for example) to limit the admin account logins to otrs only to certain subnets (i'm not talking about ssh, etc. that's easy, talking about web access)?
Basically any documentation with general pointers? Or just "treat it like any other linux web box"?
Sanity Check - New install, demo vs final - security & migration
Moderator: crythias
-
Linwood
- Znuny newbie
- Posts: 55
- Joined: 10 Feb 2015, 15:30
- Znuny Version: 4.0.6
- Real Name: Linwood Ferguson
- Company: LE Ferguson, LLC
Sanity Check - New install, demo vs final - security & migration
Linwood Ferguson
OTRS 4.0 patch 6, ubuntu 14.04 on HyperV, MySql
OTRS 4.0 patch 6, ubuntu 14.04 on HyperV, MySql
-
crythias
- Moderator
- Posts: 10170
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: Sanity Check - New install, demo vs final - security & migration
Note that most *configuration* is done in flat files within Kernel/Config/* and Kernel/Config.pm.
If the database connection in Config.pm is set to the destination, it seems reasonable to deploy the same release level of trial OTRS at the destination, copying the configuration files.
Better, look at Upgrading docs and follow along except for the database recovery and updating steps.
If the database connection in Config.pm is set to the destination, it seems reasonable to deploy the same release level of trial OTRS at the destination, copying the configuration files.
Better, look at Upgrading docs and follow along except for the database recovery and updating steps.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
-
Linwood
- Znuny newbie
- Posts: 55
- Joined: 10 Feb 2015, 15:30
- Znuny Version: 4.0.6
- Real Name: Linwood Ferguson
- Company: LE Ferguson, LLC
Re: Sanity Check - New install, demo vs final - security & migration
Thank you, that helped. I had not realized that the changes made in the ZZZAuto.pm file, that should be helpful in rebuilding.
No general OTRS guidelines for security beyond "do what you would normally do for apache"?
No general OTRS guidelines for security beyond "do what you would normally do for apache"?
Linwood Ferguson
OTRS 4.0 patch 6, ubuntu 14.04 on HyperV, MySql
OTRS 4.0 patch 6, ubuntu 14.04 on HyperV, MySql