General rules

All “general rules” for a system administrator also apply for a TYPO3 integrator. One of the most important rules is to change the username and password of the “admin” account immediately after a TYPO3 CMS system was handed over from a system administrator to an integrator, if not already done. The same applies to the Install Tool password, see below.

In addition, the following general rules apply for a TYPO3 integrator:

  1. Ensure backend users only have the permissions they need to do their work, nothing more – and especially no administrator privileges, see explanations below.
  2. Ensure, the TYPO3 sites they are responsible for, always run a stable and secure TYPO3 core version and always contain secure extensions (integrators update them immediately if a vulnerability has been discovered).
  3. Stay informed about TYPO3 core updates. Integrators should know the changes when new TYPO3 major versions are released and should be aware of the impacts and risks of an update.
  4. Integrators check for extension updates regularly and/or they know how to configure a TYPO3 system to notify them about new extension versions.