ProcessWire is a PHP CMS and framework with flexible field modeling. Security depends on admin URL protection, module trust, and strict template output handling.
¶ 1) Protect secrets and administrative access
- customize and protect admin URL and enforce MFA and strong auth for backend users
- keep site config secrets and DB credentials protected
¶ 2) Control extensions and update cadence
- audit third-party modules before installation and remove unused modules
- patch core and modules on release schedule
¶ 3) Harden runtime and deployment perimeter
- sanitize template output consistently to prevent XSS
- enforce HTTPS and secure session settings
- ProcessWire docs: https://processwire.com/docs/
- ProcessWire source: https://github.com/processwire/processwire
Any questions?
Feel free to contact us. Find all contact information on our contact page.