Foswiki security overview
We are dedicated to make Foswiki as secure as possible.
For instance, with Foswiki 1.0.6 we have introduced a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the Open Web Application Security Project (OWASP)
project has been used. This is the same algorithm used by several major banks and other security-conscious institutions.
Features to protect against attacks
Foswiki has a range of features designed to protect sites against exploits like SPAM, phishing, cross-site scripting (XSS), eavesdropping, cross-site request forgery (CSRF), and code injection. Security Features
has more details. This is recommended reading for all Foswiki administrators, but is readable for non techies as well.
Security issue process
Our Security Task Team
coordinates and solves incoming security issues.
Keeping your site safe