Odoo Security Master | Security Command Center | Login Tracking | Brute-Force Auto-Lockout | Risk Scoring | Impossible Travel | Session Manager | MFA Policy | IP Block Allow Rules | Activity Audit | Security Incidents | 2FA Access Protection
by echoBitz IT Solutions Pvt. Ltd. https://www.echobitzit.com$ 148.65
Odoo Security Master
A comprehensive security command center for Odoo 19. Watch every login, track active sessions and user device fingerprints, automatically lock out brute-force attacks, analyze login risk levels, audit configuration changes, and manage security incidents from one responsive interactive dashboard.
Key Features
Everything required to protect, audit, and secure your Odoo environment.
A live responsive OWL dashboard with dynamic date ranges, trend charts, KPIs, alert chips, security health checklists, and an activity timeline, supporting light and dark themes.
Prevent unauthorized access by automatically locking out specific IPs or usernames after consecutive failed logins. Easily manage and release lockouts with one click.
Scores login risk (0-100) dynamically using GeoIP coordinates, recognizing new country locations, unfamiliar device profiles, and impossible travel patterns.
View and audit active client sessions with metadata (IP, browser, location) and terminate sessions server-side to instantly kick out users.
Audits changes to sensitive records, access rules, and system configuration with secret masking and automated GDPR-compliant anonymization policies.
Create sequence-prioritized block or allow rules for specific IP addresses or CIDR ranges, targeting portal logins or all HTTP requests.
Enforce security actions based on risk scores, user groups, IP ranges, or countries. Force MFA or block access dynamically with a simulator tool.
Track security events through a structured incident lifecycle (New, Investigating, Contained, Resolved) with assigned users and audit trails.
Comprehensive Security Management
Built to elevate security and compliance across your entire Odoo instance. Configure rules, monitor active threats, and audit actions natively without affecting default login experiences.
Watch It in Action
See Odoo Security Master in action. The clip shows the actual Odoo environment and Security Command Center - no mockups, no fakes.
Odoo Security Master Command Center
See how administrators can easily inspect security KPIs, manage active sessions, view audit trials, and handle auto-lockouts.
Feature Deep Dive
Explore the step-by-step visual workflow and technical specifications.
Odoo Security Master Process
Review the visual workflow showing configuration settings, dashboard metrics, access policies, active lockout blocks, session terminations, firewall rules, and security audits.
Assign the 'Security Manager' or 'Security Auditor' groups to Odoo users to control access to the Security Command Center and configuration tables.
Configure settings for login tracking, session expiry policies, rate limiting, network contexts (trusted CIDRs), impossible travel coordinate analysis, and log retention sweep cycles.
View real-time security indicators (success/failure rates, active sessions, open incidents, lockouts, unknown devices) with responsive trend charts and status checklists.
Analyze geographical login sources, top failed login accounts, action recommendations, security recommendations, and ongoing system audit highlights in one unified interface.
Automatically tracks unsuccessful authentication attempts at Odoo's login portal, capturing metadata such as IP addresses, browsers, and devices while keeping credentials secure.
Review the complete login log table auditing all login events (Successful, Failed, Blocked, Risky) with details on IP address, browser, platform, and automated risk scoring.
Analyze a single attempt detail record displaying GeoIP city/country names, latitude/longitude, client browser user agent, device footprint, risk components, and a manual button to log a security incident.
Logs critical security threats as Incidents in Odoo's backend, initialized in the 'New' state with low/medium/high severity flags and assignment attributes.
Transitions incidents to the 'Investigating' phase, allowing security managers to log investigation updates, associate multiple related attempts, and add containment procedures.
Mark investigations as resolved or false positive, recording resolution details, timestamps, and auditable actions inside Odoo's native Chatter log.
Define custom login policies (e.g. monitor high-risk admin logins, require MFA, or block certain groups) and preview matching behaviors using the built-in policy simulator.
Enforces role permissions natively, redirecting unauthorized users trying to access Odoo Security Master menu paths to a standard 403 Forbidden page.
Set rate limits to lock out IPs or users after multiple failures (e.g. 2 attempts) in monitor or enforce modes to mitigate dictionary attacks.
Display clear warning notices on the login portal when an IP or user account is temporarily blocked due to repeated login failures.
Real-time lockout tracking table showing active blocks, trigger dates, expires-at time counters, and a button to manually release the lockout.
Analyze lockout details (failure counts, trigger reason, logs) and immediately restore user access with a one-click manual release button.
Shows active lockouts reflected dynamically in dashboard metrics and indicators, warning managers of ongoing threat blocks.
List active user sessions on the Odoo server, auditing real-time status, login times, IP addresses, browsers, OS platforms, and calculated risk scores.
View session parameters (cookie hashes, login location details) and remotely terminate any active session to immediately force a server-side logout.
Immediately blocks further access and redirects the target user to Odoo's login page the moment their session is backend-terminated.
Keeps records of terminated or expired sessions highlighted in red, preserving historical audits for security verification.
Review fingerprinted browsers and client devices per user, tracking trust levels (Trusted, Blocked, Unknown) and unknown device logins.
Define deterministic whitelist/blacklist rules for individual IPs or CIDR blocks with sequence priority and optimized caches on authenticated paths.
Display custom warnings or instructions inside portal login forms when users match firewall rule parameters (e.g. developer warning message).
Define retention policies for audit logs and login attempts, automatically archiving or anonymizing security records to comply with GDPR/SOC2.
Trigger manual maintenance routines directly from the dashboard to run retention sweeps, terminate stale sessions, or release expired lockouts.
Version 19.0.1.0.0
Stable Odoo 19 release of the Odoo Security Master module. Integrates a live interactive security dashboard, multi-vector risk engine, active session manager, and CIDR block/allow firewall rules.
Key Enhancements
- Interactive OWL Security Dashboard (Light & Dark themes).
- Failed login capture with IP, browser, and GeoIP details.
- Granular security policies (MFA enforcement, block actions, rule simulator).
- Rate limiting & brute-force auto-lockout (IP or user) with manual release.
- Active session monitor with server-side remote revocation.
- Device/browser fingerprint registry with trust level controls.
- IP and CIDR Firewall rules (block/allow) with sequence-based priority.
- Auditing of sensitive system configurations and user privilege changes.
- Incident tracking with severity levels, investigation stages, and chatter logs.
- Automated GDPR-compliant retention policies and data anonymization.
Release History
Empower Your Odoo Instance with
Unified Security Insights
Protect your Odoo database from brute force, unauthorized remote sessions, and configuration tampering while retaining a secure audit log for compliance.
Talk to echoBitz About Your Security Strategy
If you need help customizing access policies, setting up complex CIDR firewall boundaries, or integrating Odoo Security logs with your SIEM/SOC, our certified engineering team is ready to assist.
Our Services
Odoo Module Setup
We configure the module settings, verify GeoIP coordinates mapping database connection, and set default lockout rules.
Odoo Deployment
Deploy security command center modules, configure administrator policies, and structure compliant data retention schemes.
Customization
Tailor custom login warning pages, integrate webhooks for incident management systems, or define custom multi-company policies.
Community Apps
Use robust apps and reusable components to expand Odoo faster without rebuilding every feature from zero.
Development Outsourcing
Dedicated Odoo developers for security enhancements, custom database audit configurations, and long-term system integrity tasks.
Support & Maintenance
Ongoing support for Odoo updates, GeoIP database upgrades, and security advisory sweeps so your instance stays secure.
Discover More Solutions by echoBitz IT
Explore our other Odoo integration apps
Ready to secure your Odoo database?
Install the Odoo Security Master module and empower your business with complete access auditing, real-time threat dashboards, and secure session management.
| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 4350 |
| Technical Name |
eb_security_master |
| License | OPL-1 |
| Website | https://www.echobitzit.com |
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module