HESK is a lightweight PHP help desk. Security should focus on admin portal protection, email gateway hygiene, and strict filesystem permissions.\n\n## 1) Harden admin and staff authentication\n\n- enforce strong password rules and optional 2FA where available\n- restrict admin and staff access to trusted IP ranges when feasible\n- remove stale staff accounts and shared credentials\n\n## 2) Secure ticket intake and email processing\n\n- protect mail piping/POP3 credentials using secret-managed config\n- validate attachment and upload restrictions to reduce malware risk\n- apply anti-spam and captcha controls for public submission forms\n\n## 3) Harden PHP/web stack\n\n- enforce HTTPS and secure session cookies\n- keep HESK and PHP runtime patched to supported versions\n- lock down writable directories and deny script execution in uploads
Any questions?
Feel free to contact us. Find all contact information on our contact page.