CMSB SECURITY AND ACCESS CONTROL - Mar 23rd, 2015


Updating privileges for each Section Editor are controlled and protected by an unlimited series of user names and
passwords.

Access to specific editors can be assigned to specific users with varying levels of permissions. (Manager,
Administrator, or Writer (Author)) Only those pages and content areas that are associated with a particular user name
and password combination are accessible to be updated by that user.

Access rights can be changed or reassigned by the administrator at any time.

Another concern is that of hackers and your CMSB website.

The discussion seems to center around 2 areas. Passwords and File Permissions.

Dave Edis of Interactive Tools weighed in with these thoughts.

Our site is constantly being scanned for vulnerable scripts. It adds thousands of lines to our 404 log.

My advice would be to not use dictionary words for passwords (add a number and special character !@# for added
security).

I suggested it might not be a bad idea to change passwords on both FTP access and CMSB access on a regular basis.

On the topic of file permissions, while a file permission of 777 may be OK for installation, it’s not really a secure
enough permission to remain on your web site unattended. Many feel that a 755 permission is more secure.

WILL CMS BUILDER WORK WITH THE 755 PERMISSION

On that topic, Dave Edis, Senior programmer at Interactive tools had this to say:

Basically, if you (can) change permissions on /data/settings.dat.php and then you can update: Admin > General > Program
Name, it means everything works.

So lower away, but don’t forget to check to make sure that you won’t have issues later on.



The materials on this web site have been created for use with CMS Builder content management software. CMS Builder software is published and licensed for use by InteractiveTools.com. Please contact Interactive Tools for information on the downloading of the software or the purchasing of licenses.


Terms of Service