Don’t screw up your web

Publish or perish. Given the large variety of information which needs to be published, you have the freedom at CERN to deploy your own web-server and put your data online on the Internet. Web content management systems like Joomla! or WordPress together with dedicated add-ons and modules make it easy to quickly create a posh look-and-feel. But hold on. With this freedom also comes responsibility!

 

Your responsibility does not stop once you have been granted Internet connectivity. No: It falls to you to ensure that your web server is continually secured. Only information which is meant to be public should be put online. Proper access protections must be put in place to secure other data, preferably using the CERN Single Sign-On portal and definitely using the HTTPS (secure HTTP) protocol when transmitting sensitive information like passwords. “Securing” also implies that the operating system as well as the content management system must be updated regularly.
 
If you are not familiar with configuring web servers or programming web applications, you can take one of our security courses on this topic. Also, we strongly encourage you to follow our security baselines which give you basic recommendations to secure your web server. If you prefer to pass this responsibility on, the IT department offers a variety of different centrally managed web content management systems, e.g. Drupal and Sharepoint, as well as frameworks for deploying web sites in Java, Perl or Python. Choose one of these, and you don’t need to worry any more about securing the operating system or updating the web framework - it comes for free!
 
For further information, check our web site or contact us at Computer.Security@cern.ch.

by Computer Security Team