Magnolia Security Best Practices

Access security
Data security
Security policies
Security fixes
Summary and resources

Magnolia users frequently ask us about our security best practices. While most of the information is available in our documentation, I’d like to provide a summary of the key things you need to know and top resources to consult.

Access security

Create automated tasks in your Magnolia project to ensure basic security configurations are applied.
Deactivate the superuser account and change the default password. Create a new account with the superuser role. Use a name that isn’t easy to guess.
The OS user that executes the webserver (Tomcat) should have read-only access and should not run commands/scripts on the OS level
preventing the injection of Java code to execute commands on the OS level.
On production instances
block access to Magnolia AdminCentral from outside your company network. Use a VPN to access AdminCentral remotely and securely.
Non-public instances
such as the Magnolia author instance
and non-production instances should not be accessible via the public internet either.
While this is the default
verify that the anonymous role is denied access to Magnolia AdminCentral.
When you create interfaces
such as REST endpoints
for your project
set access rights appropriately.
If you use custom APIs
do not share user/password combinations. Use tokens provided by an identity provider (IDP)
like Azure
Keycloak
or Okta
instead.
Enforce secure passwords. Thomas Baeddal’s article ‘The Usability of Passwords’ covers the subject in depth.
If you use local user accounts in Magnolia
you can provide a custom field validator to enforce password rules.
Consider implementing SSO for non-trivial infrastructures to manage users in a central place.
If using SSO and if your IDP supports it
implement a password blacklist.
Be careful when creating custom forwards and redirects to other sites.

Data security

Implement a backup concept and test it regularly.
Keep your Magnolia instances up to date.
If your project allows
use separate databases for author and public instances.
The repository and all files referenced from Magnolia properties must live outside the web app. You should be able to clean the Magnolia web artifact without losing any data or keys.

External User Management and SSO with Magnolia

Single Sign-On (SSO) allows users to log in to applications using the same credentials for multiple applications, making it easier to manage user accounts across your IT landscape.

Read now

Security policies

Read Magnolia’s security policy to learn how we ensure that Magnolia is a secure platform for your project.
Review the OWASP Top 10 Web Application Security Risks.

Security fixes

Consult the Magnolia release notes.
Follow the Magnolia announcements.
Keep your Magnolia instances up to date.

Summary and resources

We recommend you implement these best practices before pushing your project live. In addition, you can review the documentation below for more details: