This article covers a Hippo CMS version 11. There's an updated version available that covers our most recent release.

Security Checklist

Introduction

Goal

Reach the highest possible security level in your Hippo-based solution.

Background

At Hippo, we take security very seriously. Our products follow the strictest security standards and as such, they have built-in protection against known methods of attack. When implementing a Hippo-based solution any configuration and code specific to the solution should meet the same strict security requirements. This checklist is provided to help you verify that your Hippo-based solution reaches the highest possible security level by following best practices for preventing the 10 most common attack methods as identified by the OWASP Top 10.

Please be aware that the list below is an aid and is not to be considered exhaustive. Some of the items in the OWASP Top 10 are covered at Hippo platform level (marked [✓]), others are up to the individual implementation and should be verified (marked [ ! ]). As a general practice, Hippo advises performing a security audit on all implemented solutions prior to going live.

If you discover a potentially harmful security issue in a Hippo product please do not create a JIRA issue but follow our Security Issues Procedure.

OWASP Top 10

https://www.owasp.org/index.php/Top_10_2013-Top_10

A1 - Injection

Authoring

Delivery

A2 - Broken Authentication and Session Management

Authoring

Delivery

A3 - Cross-Site Scripting (XSS)

Authoring

  • [✓] Hippo CMS has built-in protection against Cross-Site Scripting (XSS).

Delivery

  • [ ! ] Verify that your site web application's web.xml has the XSSUrlFilter configured first in the execution chain.

A4 - Insecure Direct Object References

Authoring

Delivery

  • [ ! ] Verify that your delivery tier implementation never exposes JCR identifiers (UUIDs) in URLs or otherwise.

A5 - Security Misconfiguration

Authoring

Delivery

A6 - Sensitive Data Exposure

Authoring

Delivery

A7 - Missing Function Level Access Control

Authoring

Delivery

A8 - Cross-Site Request Forgery (CSRF)

Authoring

  • [✓] Hippo CMS prevents CSRF by checking the consistency of the Origin HTTP header for all requests.

Delivery

A9 - Using Components with Known Vulnerabilities

Authoring and Delivery

  • [ ! ] Verify that your Maven project uses the centrally managed and tested Hippo CMS Release POM as parent.
  • [ ! ] Verify that your project uses the latest available Hippo CMS release.
  • [ ! ] Verify that all Maven dependencies in your project are up-to-date and do not include any components with known vulnerabilities.
  • [ ! ] Verify that all Javascript libraries used in your project are up-to-date and do not include any components with known vulnerabilities.

A10 - Unvalidated Redirects and Forwards

Authoring

  • [ ! ] Verify that only trusted users have sufficient privileges to create, modify or publish URL rewrite rules if the URL Rewriter Plugin is installed.

Delivery

  • [ ! ] Verify that no components in your implementation perform any redirects or forwards to a destination based on unverified user-submitted parameters.