About Features Downloads Getting Started Documentation Events Support GitHub

Site Tools


administration:security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
administration:security [2020/06/04 17:29]
demiankatz [Changing the Solr Port Number]
administration:security [2020/06/29 12:11] (current)
demiankatz
Line 66: Line 66:
  
 VuFind stores some user information in its database. ​ Starting with VuFind 2.0RC1, you have the option to perform extra hashing/​encryption to protect these credentials. ​ The settings are off by default in [[configuration:​files:​config.ini]],​ but they can be enabled through VuFind'​s auto-configuration pages. ​ Enabling security is highly recommended. VuFind stores some user information in its database. ​ Starting with VuFind 2.0RC1, you have the option to perform extra hashing/​encryption to protect these credentials. ​ The settings are off by default in [[configuration:​files:​config.ini]],​ but they can be enabled through VuFind'​s auto-configuration pages. ​ Enabling security is highly recommended.
 +
 +===== Using a Content Security Policy =====
 +
 +Starting with VuFind 7.0, you can configure a [[administration:​security:​content_security_policy|content security policy]] to protect against cross-site scripting and other vulnerabilities. See the [[administration:​security:​content_security_policy|content security policy]] page for more details.
administration/security.txt · Last modified: 2020/06/29 12:11 by demiankatz