Loading...
 

Keep Tiki Secure


Be Notified of New Releases

New Tiki releases are announced in many places.

Tips to Enhance Security

  1. Keep your Tiki up to date. This is often overlooked! You may want to use one of the auto-installers.
  2. Check your server configuration with a script like phpsecinfo.
  3. Check your server & installation using: doc.tiki.org/security+admin.
  4. Have your server professionally installed and keep PHP, Apache, Linux, etc., up to date.
  5. Use strong passwords and set a password policy.
  6. Enable the password blacklist to prevent easily guessable passwords.
  7. Only activate the features you need. Each feature is a potential security vulnerability. If the feature is turned off, it can't be used.
  8. If you are using permissions to restrict certain parts of the site, make sure to test. It's an advanced feature and it can be misconfigured.

Manage Tiki Effectively

  1. Setup and test a backup procedure.
  2. Use Tiki Remote Instance Manager to manage a large number of Tiki instances.