Data security is an increasingly important topic, and while Movable Type has a strong track record, there are steps you can take to harden your system.
To make this as straightforward as possible, we created the document “Securing Movable Type” to gather some important strategies in one place. Please review it and consider how you or your organization can improve security.
The document covers:
- Use the latest version of Movable Type
- Encrypt communication
- Use HTTP Basic Authentication
- Change CGI script names
- Disable unused scripts
- Use strong passwords
- Utilize the lockout function
- Disable part or all of the Data API
- Monitor logs
- Managed solutions
We hope this information is helpful, but feel free to comment on “Securing Movable Type” if anything about the document is unclear.
Charlie joined Six Apart as a Japan based product manager for Movable Type in February 2014 after spending two years as a developer for 601am. Previously he was the web director of The Badger Herald while studying biochemistry at the University of Wisconsin-Madison.