This is an old revision of the document!
Table of Contents
Security
The VuFind® project takes security seriously, and the code is written with security in mind. However, every application can have unanticipated security holes, and even a carefully-designed system can be insecure if configured incorrectly. This page collects security-related resources in one place.
Best Practices
See the Security for VuFind® Administrators page for step-by-step instructions on common security-related configuration needs as well as important best practice advice.
Reporting a Security Issue
If you have discovered a security flaw in VuFind®, or if you have specific security-related concerns, please contact info@vufind.org to reach the Project Management Committee. The PMC will work with you to reach a satisfactory solution to your problem and make responsible disclosures to the community where necessary.
Other Resources
- The results of a 2023 security audit were discussed as part of the 2023 VuFind® Summit. Recordings and associated documentation can be found on the page for the event.