The ImpressCMS Project (www.impresscms.org) proudly announces a stable release of ImpressCMS 1.1.3. This release is a security update for the PHP OpenID and Smarty libraries included with the ImpressCMS core, no new features have been introduced.
Since its beginning, the developers of ImpressCMS have made security a priority – continually auditing existing code and testing new code for stronger security measures.
Some of the security ‘best practices' that have made their way into ImpressCMS are:
- Creating a trust_path outside the web root (when possible) during installation, making sensitive database credentials inaccessible to a web browser
- Using a 2-part encryption key to protect passwords stored in the database
- Using HTML Purifier to filter input and output and remove malicious and unauthorized code
- Providing a version checker for the core, allowing you to keep your site up-to-date much easier
- Providing multiple methods of password encryption to increases the difficulty of decrypting passwords
Source: http://www.impresscms.org
