The ImpressCMS Project (www.impresscms.org) proudly announces a stable release of ImpressCMS 1.1.3. This release is a security update for the PHP OpenID and Smarty libraries included with the ImpressCMS core, no new features have been introduced.
Since its beginning, the developers of ImpressCMS have made security a priority – continually auditing existing code and testing new code for stronger security measures.
Some of the security ‘best practices' that have made their way into ImpressCMS are:
- Creating a trust_path outside the web root (when possible) during installation, making sensitive database credentials inaccessible to a web browser
- Using a 2-part encryption key to protect passwords stored in the database
- Using HTML Purifier to filter input and output and remove malicious and unauthorized code
- Providing a version checker for the core, allowing you to keep your site up-to-date much easier
- Providing multiple methods of password encryption to increases the difficulty of decrypting passwords
I'm a tech geek that began CMS Critic in 2008 to help focus on the Content Management Industry. Since that time, the industry has changed and this site has changed with it. Here you'll find my personal musings, rants and raves, reviews and more on all sorts of topics.