Frappe Bench orchestrates app code, dependencies, and process configs for ERPNext/Frappe stacks. Hardening requires strict app-source control, secret handling, and service isolation.
¶ 1) Protect Bench and site credentials
- Restrict
sites/common_site_config.json and per-site config permissions.
- Keep DB credentials and encryption keys out of git.
- Rotate database and admin credentials on policy schedule.
- Restrict who can run
bench administrative commands.
¶ 2) Secure app supply chain and updates
- Use trusted Git remotes for Frappe/ERPNext/custom apps.
- Pin app branches/tags for production.
- Require review for
bench get-app sources and custom patches.
- Test updates in staging before running
bench update in production.
- Restrict Redis/MariaDB to private interfaces.
- Enforce HTTPS at reverse proxy and secure headers.
- Run workers/web under dedicated service accounts.
- Monitor background job failures and repeated login anomalies.
¶ Verification commands
bench --version
grep -R "db_host\|db_password\|encryption_key" /opt/frappe-bench/sites 2>/dev/null | head
sudo ss -tulpn | grep -E ':8000|:443|:3306|:6379'
- Frappe Bench docs: https://frappeframework.com/docs
- Bench source repository: https://github.com/frappe/bench
- Frappe security policy: https://github.com/frappe/frappe/security