Knowledgebase
VORX HelpDesk Security check list
Posted by Administrator on 09 October 2018 01:17 pm

This page intends to provide basic security tips for VORX HelpDesk administrators. In other words - how to make VORX HelpDesk more secure and less prone to attacks?

1. Keep VORX HelpDesk updated
As with any software, VORX HelpDesk evolves and receives regular bug and security updates along with feature improvements. Make sure you always use the latest stable version of VORX HelpDesk.

2. Use unique usernames and passwords
Do not use default usernames like admin, administrator, root, etc...

Never use the same password for multiple services. Try to use a password with a combination of letters (downcase and uppercase), numbers and symbols.

3. Rename /controllers/staff_controller.php
VORX HelpDesk allows you to rename this file for the access of staff and admin panel.

For example: rename /controllers/staff_controller.php to /controllers/mypanel123_controller.php
Then you can access to staff using this url:
http://yourhelpdesk.com/?v=mypanel123 (if permalinks is disable) or
http://yourhelpdesk.com/mypanel123 (if permalinks is enable)

4. Restrict allowed attachment size and types
If you expect your customers to upload images there is no need to allow uploading of .exe files.

Be conservative about what file attachments you allow:

Login to HelpDesk staff panel
Go to Settings -> Tickets -> File Types
Remove the innecessary file types and use the extensions that you will need only.