As we have shown, a WCMS is an application built on top of existing web technology by web development companies. Like other web applications, a WCMS is subject to the same security threats and operation process vulnerabilities as other web applications. In this section, we discuss the common security concerns and ways they can be mitigated.
Security Concerns
Given that a WCMS is a software application, it is prone to bugs just like any other program. Vulnerabilities have been found in WCMS. As one example, a vulnerability called “absolute path traversal vulnerability” was found in the open source product OpenCms in 2006. This flaw would allow remote authenticated users to download arbitrary files3.
Another security concern lies with protection of authentication credentials when accessing a WCMS. Many WCMS products are designed primarily to solve the content management problem of websites rather than building a secure product. Some WCMS products do not provide adequate protection for logins and passwords for example, and these passwords— including the administrator password—are sent as plain text over the network.
Similarly, as part of the publishing/uploading process, a WCMS might use file transfer protocols such as FTP to transfer files from the WCMS data storage server to the web server. FTP is not a secure protocol in the sense that authentication credentials and passwords are sent as plain text over the network. In addition, because publishing is an automatic process from the WCMS to the production web server, FTP credentials might be hard-coded in certain configuration files. Usually a hard-coded login password like this will not be changed regularly. As a result, any leakage of this password could allow someone illegally access to web content on the production web server.
If the WCMS includes other modules, individual subsystems may have their own bugs and introduce their own vulnerabilities to the WCMS. For example, if the WCMS has an email module, it might be prone to the same common threats faced by email server such as email spoofing. On top of this, the backend database server of the WCMS may have its own vulnerabilities as well.
Precautionary Measures
There are a number of precautionary measures that should be done proactively to mitigate the security threats identified above:
- Follow best practices by applying the latest security patches to all web server software. Any alerts or warnings about vulnerabilities on the WCMS product being used should be addressed immediately, especially if the WCMS can be accessed directly from the Internet. Any patch management process should also address additional WCMS modules, including email subsystems, backend database servers, JAVA runtime environments, and so on.
- A strict password policy should be defined. This should include a minimum password length, initial assignments to personnel, restricted words and formats, and a limited password life cycle.
- Logins and passwords sent over the Internet should be protected by SSL / TLS, so that attackers can’t sniff them over the network. In general, access to administration pages should be further controlled and these should not be open to Internet access.
- When publishing any web content from the WCMS to the production web server, file transfer programs such as FTP should be replaced by a Secure Shell (or SSH) that protects transmission channels by encrypting data. Some SSH implementations also support a feature that controls which IP addresses are allowed to connect to the destination server.
- To enforce data security, many WCMS implementations have built-in access control whereby groups of users are segregated into editor and administrator (approver) roles. These roles and their corresponding access rights should be clearly defined and reviewed periodically.
- A good WCMS should keep an audit trail, logging all editing and approval activities. These audit trails should be retained for a period commensurate with their usefulness, and should be secured so they cannot be modified and can only be read by authorized persons.
Conclusion:
While a good WCMS can facilitate businesses to better control their web content developed by web development companies, making it more responsive in today’s dynamic business environment, end-users should also be aware of the possible security impact on the enterprise.
Article Summary:
A Web Content Management System (WCMS) is a web application that facilitates a group of users, usually from different departments in an enterprise, to collaboratively maintain and organize the content of a website in an effective manner. Over the past few years, web content management systems have grown in importance as more and more organizations communicate and publish their information via the web. Like other web based applications, WCMS’s applications are exposed to the same set of common security threats found in any network and web-based operation or process. In this paper, we will outline the common security concerns of WCMS, and provide a number precautionary consideration.
No comments:
Post a Comment