[Typo3] Security information? (admin path, pass encryption, etc)
John
john at fayandjohn.com
Sat Feb 19 16:36:09 CET 2005
Hi all,
I've been looking for some documentation on some typo3 security options,
such as:
1) - How does one change the domain/typo3 back-end admin path?
2) - What is the default password authentication method for both front-end
and back-end logins?
a) are there options to change this to something else or use encryption?
3) - Is it recommended practice to change the back-end admin path, or to set
all login pages to forced HTTPS?
I have done some digging but not come up with much. The typo.com features
list at typo3.com says:
"Furthermore TYPO3 can run under SSL, different ports than port 80 and from
alternative admin-directories if you are very paranoid."
But I could only find an old list message suggesting an apache alias
statement and a broken link referring to some code changes which could do
this.
Is there a manual or security doc referring to these things which I have
missed (best security practices, etc)? Can anyone refer me to any useful
link(s) or documentation for these subjects with respect to typo3?
Thanks...
Johnny
More information about the TYPO3-english
mailing list