I am running Xampp on win 10. How to secure Openemr the easy way ? I already read the wiki and did the steps I could do on my own, some steps seem complicated. I don’t have a dedicated server at hand. Limited number of users. The computer is connected to the internet, but not powered on 24/7.
Here is what I have done:
1-Strong passwords in Openemr
2-2FA for Openemr users.
3-Installed Xampp on another drive than C drive, and bit-locked encrypted the drive as well as the back up drive. The computer is encrypted, UPS protected and physically locked in a safe place.
4-My LAN has a WIFI router with AES strong passwords, MAC filtering, and no port forwarding. No physical access to router.
5-Will not use portal.
6-Still trying how use https, especially on mobile phones and iPad’s.
7-Access control is very limited to users, each within his scope.
8-The Xampp configuration is set to listen to my IP range only.
9-Still trying to choose my best daily back-up method.
10-My windows installation is pretty okay in security and privacy, computer will be running in a local standard user account, but I don’t know if I will need using a firewall software.
11-Windows, Xampp, and Openemr will always be regularly patched.
Will it survive ?