Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CMS Security - Ruth Cheesley - CMS Africa 2014

1,411 views

Published on

This talk was delivered at the first CMS Africa summit in Nairobi, Kenya which was held between 7-8 March 2014. The talk explores basic security precautions to take when considering using a Content Management System.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

CMS Security - Ruth Cheesley - CMS Africa 2014

  1. 1. CMS Security Ruth Cheesley - @RCheesley
  2. 2. Laying the foundations
  3. 3. Understand permissions
  4. 4. Understand permissions World (The world, the universe, and everything) Group (A set of users) Owner (owns the file)
  5. 5. Understand permissions Read (r) Write (w) Can view the file Chmod +r / -r Numerical value = 4 Can make changes or modify the file Chmod +w / -w Numerical value = 2 Execute (x) Can run the file (generally applicable at command line) Chmod +x / -x Numerical value = 1 NOTE: Folders cannot be listed and files within can't be accessed if the folder does not have execute permissions
  6. 6. Joomla! permissions Owner Group World 7 (Read + Write + Execute) rwx 5 (Read + Execute) r-x 5 (Read + Execute) r-x 6 (Read + Write) rw- 4 (Read) (r--) 4 (Read) (r--)
  7. 7. Your weakest link © James Steidl - Fotolia.com
  8. 8. Keep up to date © iQoncept - Fotolia.com
  9. 9. Sell ethically to your clients © puckillustrations - Fotolia.com
  10. 10. Modern security practices © James Steidl - Fotolia.com
  11. 11. Implement 2 Factor Authentication
  12. 12. Web application firewalls
  13. 13. Test your backups
  14. 14. Plan for disaster
  15. 15. To find more information magazine.joomla.org docs.joomla.org Ruth Cheesley - @RCheesley

×