EGroupware includes calendar, contacts, file manager, and workflow modules. Harden LDAP/SSO integration, module permissions, and web/PHP runtime security.
¶ 1) Enforce identity and RBAC controls
- Integrate LDAP/SSO with least-privilege group mapping.
- Limit admin rights to a minimal operations team.
- Disable registration and modules not needed by your organization.
- Enforce strong password and session policies.
¶ 2) Secure service and protocol exposure
- Enforce HTTPS and secure cookies.
- Restrict CalDAV/CardDAV and API endpoints to required clients.
- Keep database and cache services private.
- Add rate limiting and IP blocking for repeated login failures.
¶ 3) Patch and audit module behavior
- Keep EGroupware core and installed apps up to date.
- Review ACLs for files, calendars, and shared address books.
- Back up database and file storage with restore tests.
- Audit admin actions and permission changes.
- EGroupware documentation: https://www.egroupware.org/en/support/documentation.html
- EGroupware source repository: https://github.com/EGroupware/egroupware
Any questions?
Feel free to contact us. Find all contact information on our contact page.