FusionDirectory is an LDAP admin UI and should be treated as privileged control plane.\n\n## Web and LDAP Security\n\n- Enforce HTTPS and hardened session settings.\n- Restrict UI access by IP and role.\n- Use dedicated LDAP bind DN with limited privileges where possible.\n\n## Change and Plugin Governance\n\n- Audit plugin use and permissions.\n- Log user actions for directory changes.\n- Keep PHP stack and dependencies patched.