Difference between revisions of "Securing OpenEMR"
From OpenEMR Project Wiki
Bradymiller (talk | contribs) |
Bradymiller (talk | contribs) (→Apache) |
||
| Line 26: | Line 26: | ||
*General hardening of Apache, which is [http://www.learncomputer.com/secure-apache/ described here]. | *General hardening of Apache, which is [http://www.learncomputer.com/secure-apache/ described here]. | ||
*Only allow https (ie. turn off http) | *Only allow https (ie. turn off http) | ||
*Do not allow direct web access to the directories | *Do not allow direct web access to the following directories | ||
:*site/*/documents | |||
:*site/*/era | |||
:*site/*/edi | |||
*If not using portal and want to allow users to access over the internet, then consider using client-sided certificates to only allow users access to site | *If not using portal and want to allow users to access over the internet, then consider using client-sided certificates to only allow users access to site | ||
*If want to give access to the patient portals over the internet, then consider using a client-sided certificate to only allow users access to the main OpenEMR login page | *If want to give access to the patient portals over the internet, then consider using a client-sided certificate to only allow users access to the main OpenEMR login page | ||
Revision as of 20:59, 22 October 2011
Securing OpenEMR
Overview
- With the advent of the Patient Portals, the community is now addressing the issues of how to best secure OpenEMR instances that are open to the web. Doing this requires a firm understanding of securing several parts, which at least include OpenEMR itself, Apache, MySQL, PHP, firewall, router, https, certficates, etc. A forum that began to discuss this issue can be found here.
- This document is still just a work in progress; hopefully as members of the community begin securing their OpenEMR instances for the web, they will place things they learned here in order to help others.
OpenEMR
- After installation/upgrade consider removing(or ensuring no access to) to the following scripts, which are not needed for general OpenEMR use:
- acl_setup.php
- acl_upgrade.php
- sl_convert.php
- setup.php
- sql_upgrade.php
- gacl/setup.php
- ippf_upgrade.php
- admin.php
- entire contrib directory
- After installing a patch consider removing (or ensuring no access to) to the following script, which is not needed for general OpenEMR use:
- sql_patch.php
Network
- On server, consider only opening port 443 (https).
- Consider a firewall that only allows port 443 (https) traffic to the server.
Apache
- General hardening of Apache, which is described here.
- Only allow https (ie. turn off http)
- Do not allow direct web access to the following directories
- site/*/documents
- site/*/era
- site/*/edi
- If not using portal and want to allow users to access over the internet, then consider using client-sided certificates to only allow users access to site
- If want to give access to the patient portals over the internet, then consider using a client-sided certificate to only allow users access to the main OpenEMR login page
- If using third party patient portal, then consider:
- Only allowing the IP address of the third party portal to access the SOAP APIs (for patient access)
- (Also wonder if the third party portal could set up a certificate to identify their server as an option to further secure)
MySQL
- Ensure the root password is set to something.
PHP
- Follow the OpenEMR php settings recommendations
