.. You may want to use the usual include line. Uncomment and adjust the path. .. include:: ../Includes.txt =================== EXT: Security Check =================== :Author: Axel Jung :Created: 2006-08-22T17:16:00 :Changed by: Axel Jung :Changed: 2007-01-10T18:13:11 :Author: Axel Jung :Email: info@jung-newmedia.de :Info 3: :Info 4: .. _EXT-Security-Check: EXT: Security Check =================== Extension Key: **security\_check** Copyright 2066, Axel Jung, This document is published under the Open Content License available from http://www.opencontent.org/opl.shtml The content of this document is related to TYPO3 \- a GNU/GPL CMS/Framework available from www.typo3.com .. _Table-of-Contents: Table of Contents ----------------- **EXT: Security Check 1** **Introduction 1** What does it do? 1 **Adminstration 2** **To-Do 2** .. _Introduction: Introduction ------------ This Extension pass some Security Checks on your Typo3 Installation. It does not check the Code. It only check the human Mistakes. .. _What-does-it-do: What does it do? ^^^^^^^^^^^^^^^^ - Php Ini Check - Test if the Setting open\_basedir is set - Is the PHP Setting "error\_log" is set? - Is the PHP Setting "register\_globals" off? - Is the PHP Setting "display\_errors" off? - Is the PHP Setting "magic\_quotes\_gpc" off? - - Database Check - Test the access to mysql config Database - Test the Host Restrictions of the Mysql User - Test the Mysql User passwords - loacalconf - Is the encryptionkey set? - Are the Filerights on creation of new Files to hight? - Are the Filerights on creation of new Folder to hight? - Is the Installtool Password changed? - Is the Option lockSSL active? - Is the Security level the highest? - Is a Warning E-Mail Address inserted? - Is the Session Timeout to hight? - Is the SQL-Debug Feature disabled? - Is the Display of Errors disabled? - Is the Option to install global Extension disabled? - Is the Flag "disable\_exec\_function" activated? - Is the Option to edit of Extensions disabled? - Backend Access - Is the access to Typo3 Backend protected? - Is the access to Typo3 Install Tool protected? - Files Check - Are there Backup Files on the Server? - Are there CVS Files on the Server? - Are there Files without Extension on the Server? - Are there CVS Files on the Server? - Are there Readme Files on the Server? - Are there Subversion Files on the Server? - Typo3 - Is the standard Password used? - Checks if insecure Extensions loaded. - Is Typo3 up to Date? - External Tools - Search PHP-Info Outputs. - File rights - Checks the Rights of Folders. - Checks the Rights of Files. .. _Adminstration: Adminstration ------------- To install use the extension manager. .. _To-Do: To-Do ----- - Check the 404 Handling - Check the mod spelling - Check the PHP Version - Check the Error Level .. _Change-Log: Change Log ---------- - 0.1.4 - Differs between System and Local Extensions - Add French Translation |img-1| EXT: Security Check - 3 .. ######CUTTER_MARK_IMAGES###### .. |img-1| image:: img-1.png .. :align: left .. :border: 0 .. :height: 32 .. :id: Graphic1 .. :name: Graphic1 .. :width: 102