Skip to Content
Last modified by Agnease on 2026/06/08 18:44
From version 3.6
edited by Agnease
on 2026/06/08 18:18
Change comment: There is no comment for this version
To version 1.8
edited by Agnease
on 2026/05/26 09:29
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -122,13 +122,6 @@
122 122   of small exceptions that nobody reviewed later.
123 123   </p>
124 124  
125 - <p>
126 - For a deeper look at this topic, see
127 - <a href="$xwiki.getURL('resources.xwiki-access-rights-governance')">why XWiki access rights need a clear governance model</a>.
128 - For a practical starting point, see
129 - <a href="$xwiki.getURL('resources.xwiki-access-rights-review')">how to start an XWiki access-rights review</a>.
130 - </p>
131 -
132 132   <h3>3. Authentication and identity management</h3>
133 133   <p>
134 134   Authentication should be reviewed beyond the simple question of whether users can log in. LDAP, Active
... ... @@ -170,15 +170,6 @@
170 170   knows what is included, how long recovery would take or whether the restore process has ever been tested.
171 171   </p>
172 172  
173 - <div class="resource-inline-cta">
174 - <p>
175 - <strong>Need a clearer view of your XWiki security posture?</strong>
176 - A structured review can check versions, access rights, authentication,
177 - extensions, custom code, infrastructure, backups and operational practices.
178 - </p>
179 - <a class="btn btn-secondary" href="$xwiki.getURL('contact.WebHome')">Request a security review</a>
180 - </div>
181 -
182 182   <h2 id="security-checklist">XWiki security review checklist</h2>
183 183  
184 184   <p>
... ... @@ -239,18 +239,6 @@
239 239   permissions, extensions, customizations and recovery procedures were configured years earlier.
240 240   </p>
241 241  
242 - <div class="resource-note">
243 - <p>
244 - <strong>Security review series:</strong>
245 - this article is the main overview. You can also read
246 - <a href="$xwiki.getURL('resources.xwiki-access-rights-governance')">why XWiki access rights need a clear governance model</a>
247 - and
248 - <a href="$xwiki.getURL('resources.xwiki-access-rights-review')">how to start an XWiki access-rights review</a>.
249 - Future topics will cover authentication and access control, script and programming rights, backup validation,
250 - extension review and operational practices.
251 - </p>
252 - </div>
253 -
254 254   <h2 id="security-review-faq">XWiki security review FAQ</h2>
255 255  
256 256   <h3>What should an XWiki security review include?</h3>
... ... @@ -290,8 +290,6 @@
290 290   <div class="resource-note">
291 291   <p>
292 292   Related resources:
293 - <a href="$xwiki.getURL('resources.xwiki-access-rights-governance')">why XWiki access rights need a clear governance model</a>,
294 - <a href="$xwiki.getURL('resources.xwiki-access-rights-review')">how to start an XWiki access-rights review</a>,
295 295   <a href="$xwiki.getURL('resources.why-upgrade-xwiki')">why regular XWiki upgrades matter</a>
296 296   and
297 297   <a href="$xwiki.getURL('resources.xwiki-custom-development')">how to keep XWiki custom development maintainable across upgrades</a>.
xwiki-security-review.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Admin
Size
... ... @@ -1,1 +1,0 @@
1 -1.3 MB
Content