RatticWeb is the website part of the Rattic password management solution, which allows you to easily manage your users and passwords.
If you decide to use RatticWeb you should take the following into account:
- The webpage should be served over HTTPS only, apart from a redirect from normal HTTP.
- The filesystem in which the database is stored should be protected with encryption.
- The access logs should be protected.
- The machine which serves RatticWeb should be protected from access.
- Tools like OSSEC are your friend.
Support and Known Issues:
- Through twitter or Github Issues
- Apache config needs to have "WSGIPassAuthorization On" for the API keys to work