< CMS Certified Integrator 12 LTS

Security best practices in TYPO3

TYPO3

Show in app

Description

As a TYPO3 integrator I know the different types of security vulnerabilities and how to secure a TYPO3 installation.

Goals

  • I know the security-related configuration options in the TYPO3 Admin Tool (Install Tool), such as SSL, MFA, notifications, etc.
  • I know how to configure backend users and secure logins.
  • I know how to prevent SQL injections in TypoScript.
  • I know where I find information about security updates for the TYPO3 Core and for third-party extensions.
  • I know which log files I can review to analyse attacks and hack attempts.
  • I know how to configure the Content Security Policy (CSP), for example to protect files in fileadmin.
  • I know the required actions if I find a security vulnerability.
  • I know the required actions if my TYPO3 instance appears to be compromised.

Maintainer

Oliver Thiele Web Development Oliver Thiele