Foswiki security overview
We are dedicated to make Foswiki as secure as possible.
For instance, with Foswiki 1.0.6 we have introduced a major security enhancement, protecting against Cross-Site Request Forgery. The extra safe "double submit" algorithm, as recommended by the
Open Web Application Security Project (OWASP) project has been used. This is the same algorithm used by several major banks and other security-conscious institutions.
Features to protect against attacks
Foswiki has a range of features designed to protect sites against exploits like SPAM, phishing, cross-site scripting (XSS), eavesdropping, cross-site request forgery (CSRF), and code injection.
Security Features has more details. This is recommended reading for all Foswiki administrators, but is readable for non techies as well.
Security issue process
Our
Security Task Team coordinates and solves incoming security issues.
Keeping your site safe