GLPI usually stores asset inventory, procurement, tickets, and user metadata. Hardening should focus on fast patching, plugin governance, and strict role boundaries.
- Track GLPI release announcements and apply security updates quickly.
- Prioritize releases that include CVE fixes (for example 11.0.3 addresses multiple CVEs).
- Test plugin compatibility in staging before production updates.
- Keep PHP and database runtime patched together with GLPI.
¶ 2) Enforce strict RBAC and plugin control
- Restrict super-admin profiles to a minimal operator group.
- Disable unused plugins and avoid unreviewed third-party plugins.
- Review entity/profile permissions regularly.
- Rotate API keys and integration tokens on schedule.
¶ 3) Harden web and data layers
- Force HTTPS and secure cookies.
- Keep DB and internal services private.
- Restrict upload types and sizes on ticket/asset attachments.
- Encrypt backup sets containing inventory and ticket data.
- GLPI project site: https://glpi-project.org/
- GLPI source repository: https://github.com/glpi-project/glpi
- GLPI v11.0.3 security release notes: https://github.com/glpi-project/glpi/releases/tag/11.0.3
Any questions?
Feel free to contact us. Find all contact information on our contact page.