← Back to team overview

dhis2-users team mailing list archive

  1. dhis2-users team
  2. Mailing list archive
  3. Message #00938

Re: Secure remote access

  Thread PreviousDate PreviousThread Next 
Hi Mar,

Personally, I would be much more concerned about the security of the
server itself. I get dozens of attempted forced entry attempts on
servers I manage each day. I know servers where DHIS2 has been setup
have been taken over due to weak passwords on the server.

It really depends on the security requirements of the organization.
DHIS password requirements are pretty insecure (at least 8 characters,
one caps, one number) and well known, so of course, this is a
weakness. This of course could be changed to suit your own needs, but
would require alteration of the source code to do so. Best to get an
exact security requirement from them.

Regards,
Jason




On Fri, Mar 9, 2012 at 6:50 AM, Mark Spohr <mhspohr@xxxxxxxxx> wrote:
> Thanks for this
> Some here are worried about unauthorized  access to the system using easily
> guessed names and password combos.
> Has that been a problem?
>
> Mark Spohr MD
>
> On Mar 8, 2012 8:28 PM, "Jason Pickering" <jason.p.pickering@xxxxxxxxx>
> wrote:
>>
>> Hi Mark,
>>
>> I think you answered your own question. I use  HTTPS for end users, as
>> it does not require them to do anything, and VPN in situations where
>> direct access to the remote database may be required.
>>
>> There is some information in the user manual on setting up DHIS with
>> SSL/HTTPS.
>>
>> For Apache, some stuff is here
>>
>>
>> http://apps.dhis2.org/ci/job/dhis-documentation/ws/target/site/en/implementer/html/ch10s04.html#d5e1011
>>
>> For Nginx, some more info is here
>>
>>
>> http://apps.dhis2.org/ci/job/dhis-documentation/ws/target/site/en/implementer/html/ch08s02.html
>>
>> For VPN,I would reccomend OpenVPN . A little tricky to setup, but
>> extremely powerful and secure.
>>
>> https://openvpn.net
>>
>>
>> Regards,
>> Jason
>>
>>
>> On Fri, Mar 9, 2012 at 3:23 AM, Mark Spohr <mhspohr@xxxxxxxxx> wrote:
>> > What strategies do people use for securing DHIS over the internet?
>> > VPN?
>> > HTTPS?
>> >
>> > Mark Spohr MD
>> >
>> >
>> > _______________________________________________
>> > Mailing list: https://launchpad.net/~dhis2-users
>> > Post to     : dhis2-users@xxxxxxxxxxxxxxxxxxx
>> > Unsubscribe : https://launchpad.net/~dhis2-users
>> > More help   : https://help.launchpad.net/ListHelp
>> >

Follow ups

References

  Thread PreviousDate PreviousThread Next