Foswiki on GitHub is open for business! Next release meeting: Monday September 29, 1300Z

Foswiki security overview

We are dedicated to make Foswiki as secure as possible.

For instance, with Foswiki 1.0.6 we have introduced a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the Open Web Application Security Project (OWASP) project has been used. This is the same algorithm used by several major banks and other security-conscious institutions.

Features to protect against attacks

Foswiki has a range of features designed to protect sites against exploits like SPAM, phishing, cross-site scripting (XSS), eavesdropping, cross-site request forgery (CSRF), and code injection. Security Features has more details. This is recommended reading for all Foswiki administrators, but is readable for non techies as well.

Security issue process

Our Security Task Team coordinates and solves incoming security issues.

Keeping your site safe

Topic revision: r2 - 10 Oct 2009, ArthurClemens
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License