Details
-
Sub-task
-
Resolution: Fixed
-
Critical
-
None
-
None
-
None
Description
Write best practices and tips for Magnolia security. Examples:
- Use physically separate permanent storage (databases) for author and public instances
- Change the default superuser passsword!
- You will eventually lock superuser out by accident. Fixes:
- If you remember superuser's password, use Re-enabling a locked-out account
- If you don't remember superuser's password, use Reset superuser account
- If your security configuration is messed up, use Rescue Security Support. The wiki page title matches content poorly, please edit the page and make it read like a procedure.
- Create secure, usable passwords. Link to Usability of Passwords
- Block the AdminCentral URI /.magnolia with Apache another Web server on a permanent basis for anybody else except users inside the local network. If you have authors outside the local network this is not appropriate.