In our previous blog post, we’ve touched on most elements of Content Security Policy (CSP) to mitigate any kind of injection via Cross-Site-Scripting. Now, let’s dive into the practical part on how to make your TYPO3 site more secure by sending CSP Headers by default.
b13 Blog
Sharing what we’ve learned while delivering client projects online for more than 20 years and being leading contributors to TYPO3 is part of who we are.
We choose widely-adopted open-source technologies because we can fix, extend, and improve them while building on the experience and support of thousands of our peers. In our blog, we share with you the knowledge we’ve gained along the way for you to build on.
Read on!
Categories Security
Find out how Content Security Policy can protect your websites from malicious attacks. Cross-Site Scripting exploits vulnerabilities in CMS architecture—but with the right security policy, you can keep your websites safe.
Enterprises now have many software delivery channel options to choose from. With software-as-a-service (SaaS) and cloud-based implementation models on the rise, you might be trying to figure out the best software delivery channel to support your enterprise’s digital strategy. If you don’t have an internal IT department, SaaS can be tempting, but when you also have stringent data compliance needs, an on-premises (or on-prem for short) solution is your best bet.
We talk about the rate limiting feature in TYPO3 v11 and the flexibility it offers for configuring backend login restrictions.
Security has always been a key factor for TYPO3. To improve user account security, TYPO3 v11 includes an additional security feature called multi-factor authentication (MFA).
The new multi-factor authentication feature is shipped with the latest version of TYPO3. Here’s an overview of what’s included.