← Back to team overview

openstack team mailing list archive

Re: Customer Portal Security from Hackers


The OpenStack customer-facing portal is called Horizon and is based on Django.
It's intended to be tailored and play nicely with other Django applications.  That would be the first place to start.  The rest depends on what kind of interface you want to present to your customers for your deployment.

On May 20, 2013, at 3:54 PM, "Chris Bartels" <chris@xxxxxxxxxxxxxxxxxxxxxx> wrote:

> Hi,
> I’m interested in learning more about how to implement a customer portal for an OpenStack installation, and would like to know specifically about how the customer portal is safe from would-be hackers when exposed in the wild. I don’t know if there are any additional measures I would have to add like perhaps my own login page with its own security to protect the management page, or if it comes with its own login system for example.
> How can I make the security of my VPS service a selling point when I’m using OpenStack for the backend?
> Mind you I don’t know anything about OpenStack yet, aside from what I see in videos on the OpenStack Foundation YouTube channel, and I haven’t seen anything addressing this issue as of yet. I don’t even know if OpenStack comes with a customer portal I can deploy or if I have to design one using the API.
> I hope to have servers arrive this week which I can use to build prototypes of my production setup, where I can test hardening configurations. But I don’t know where to begin. All I can think of is fail2ban, and I don’t think that would apply in this case.
> What can people tell me that would help me get a handle on this issue?
> Thanks in advance.
> -Chris
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp