Magnolia security best practices
Magnolia in action
Take 12 minutes and a coffee break to discover how Magnolia can elevate your digital experience.
Magnolia users frequently ask us about our security best practices. While most of the information is available in our documentation, I’d like to provide a summary of the key things you need to know and top resources to consult.
Access security
-
Create automated tasks in your Magnolia project to ensure basic security configurations are applied.
-
Deactivate the superuser account and change the default password. Create a new account with the superuser role. Use a name that isn’t easy to guess.
The OS user that executes the webserver (Tomcat) should have read-only access and should not run commands/scripts on the OS level, preventing the injection of Java code to execute commands on the OS level.
On production instances, block access to Magnolia AdminCentral from outside your company network. Use a VPN to access AdminCentral remotely and securely.
Non-public instances, such as the Magnolia author instance, and non-production instances should not be accessible via the public internet either.
While this is the default, verify that the anonymous role is denied access to Magnolia AdminCentral.
When you create interfaces for your project, such as REST endpoints, set access rights appropriately.
If you use custom APIs, do not share user/password combinations. Use tokens provided by an identity provider (IDP), like Azure, Keycloak or Okta instead.
Enforce secure passwords. Thomas Baeddal’s article ‘The Usability of Passwords’ covers the subject in depth.
If you use local user accounts in Magnolia, you can provide a custom field validator to enforce password rules.
Consider implementing SSO for non-trivial infrastructures to manage users in a central place.
If using SSO and if your IDP supports it, implement a password blacklist.
Be careful when creating custom forwards and redirects to other sites.
Data security
Implement a backup concept and test it regularly.
Keep your Magnolia instances up to date.
If your project allows, use separate databases for author and public instances.
The repository and all files referenced from Magnolia properties must live outside the web app. You should be able to clean the Magnolia web artifact without losing any data or keys.
External User Management and SSO with Magnolia
Single Sign-On (SSO) allows users to log in to applications using the same credentials for multiple applications, making it easier to manage user accounts across your IT landscape.
Security policies
Read Magnolia’s security policy to learn how we ensure that Magnolia is a secure platform for your project.
Review the OWASP Top 10 Web Application Security Risks.
Security fixes
Consult the Magnolia release notes.
Follow the Magnolia announcements.
Keep your Magnolia instances up to date.
Summary and resources
We recommend you implement these best practices before pushing your project live. In addition, you can review the documentation below for more details: