# Security

# Recommendations

  • Regularly check for tracker and server update.
  • Use strong passwords for the tracker and server, combining letters, numbers, special characters.
  • Provide temporary access to the server via SSH or use SSH key.
  • Enable Fail2ban.
  • Do not upload filters, redirects, macros, or other scripts to the tracker that you do not trust. Thoroughly check the code of your landing pages, and do not allow PHP in local landings and offers unless you are the author of the code.
  • Use a separate domain with Cloudflare for accessing the tracker's admin panel. Do not use this domain in advertising campaigns. For other domains, prohibit access to the admin panel.


This feature is available on expert team enterprise plans

# Security FAQ

How to check who accessed to the control panel?

Read the log file /var/log/nginx/keitaro-admin.access.log.

You can check the log with the terminal the following way:

less /var/log/nginx/keitaro-admin.access.log

Or request the last logins:

tail -n 100 /var/log/nginx/keitaro-admin.access.log