Subscribe to Acqal
Get Acqal TYPO3 Support Now
Client Comments
"This is exciting news! I have worked with all three of these people and it will be great to have everything connected and working as one unit. Best of luck to Acqal... do I get free stock options for being an existing customer?"
TYPO3 Security Auditing by TYPO3 Professionals
Be concerned about the latest TYPO3 Security Bulletin regarding Information Disclosure & XSS, cross site scripting, in the TYPO3 Core. If you haven't patched your TYPO3 CMS yet, it's vitally important that you don't delay. Contact Acqal right now to get the jumpUrl security hole closed immediately. Without this quick patch, it's not a question about if, but when you'll be doing a full system recovery.
Basic enterprise content management system security audits involve nearly a 100 points investigation. Do you have the experience to know which are most important and have the balance of cost, effort, and time for your site?
Acqal can readily help you determine if your site is secure and create a program to resolve issues and keep it secure. Contact Acqal now for more security audit information.
Acqal TYPO3 Security Audit Checklist Highlights
Topic | Priority |
Secure the Install Tool | High |
Change “admin” Password | High |
Rename “admin” User | High |
Do not use “Quickstart“, “Testsite” et al. for Live Systems | High |
File System Access Rights | High |
Remove unneeded code | High |
Configure TYPO3 Security Options | High |
Avoid config.baseURL=1 | High |
Restrict Special Content Elements usage | High |
Choose Personal User Names for Backend Access | High |
Logging / Auditing | High |
Consider Using SSL for Backend Access | Medium |
FE User Security | Medium |
Error Handling | Medium |
Use Trusted / Reviewed Extensions | Medium |
Subscribe to TYPO3-Announce, Apply Fixes | High |