security.tiki.org Open in urlscan Pro
198.27.69.145  Public Scan

Form analysis
1 forms found in the DOM

Name: loginbox — POST https://security.tiki.org/tiki-login.php

<form name="loginbox" class="form" id="loginbox-1" action="https://security.tiki.org/tiki-login.php" method="post">
  <input type="hidden" class="ticket" name="ticket" value="Eth460O2k2yx36vAk6fZJxemoubGZGHQvEEvUzXpaOc">
  <div class="user form-group row mx-0 clearfix">
    <label for="login-user_1"> Username: </label>
    <input class="form-control" type="text" name="user" id="login-user_1" autocomplete="username">
  </div>
  <div class="pass form-group row mx-0 clearfix">
    <label for="login-pass_1">Password:</label>
    <input onkeypress="capLock(event, this)" type="password" name="pass" class="form-control" id="login-pass_1" autocomplete="current-password">
    <div class="divCapson" style="display:none;">
      <span class="icon icon-error fas fa-exclamation-circle " style="vertical-align:middle;"></span> CapsLock is on.
    </div>
  </div>
  <div class="form-group text-center">
    <button class="btn btn-primary button submit" type="submit" name="login">Log in <!--i class="fa fa-arrow-circle-right"></i--></button>
  </div> &nbsp; <input type="hidden" name="stay_in_ssl_mode_present" value="y">
  <input type="hidden" name="stay_in_ssl_mode" value="y">
  <div class="social-buttons">
  </div>
</form>

Text Content

Loading...
 

Log in
Username:
Password:
CapsLock is on.
Log in
 



KEEP TIKI SECURE



BE NOTIFIED OF NEW RELEASES

New Tiki releases are announced in many places.

 * Subscribe to the Tiki News Releases.
 * Follow @tikiwiki on Twitter.
 * Subscribe to the Tiki project information on SourceForge.net.



TIPS TO ENHANCE SECURITY

 1. Keep your Tiki up to date. This is often overlooked! You may want to use one
    of the auto-installers.
 2. Check your server configuration with a script like phpsecinfo.
 3. Check your server & installation using: doc.tiki.org/security+admin.
 4. Have your server professionally installed and keep PHP, Apache, Linux, etc.,
    up to date.
 5. Use strong passwords and set a password policy.
 6. Enable the password blacklist to prevent easily guessable passwords.
 7. Only activate the features you need. Each feature is a potential security
    vulnerability. If the feature is turned off, it can't be used.
 8. If you are using permissions to restrict certain parts of the site, make
    sure to test. It's an advanced feature and it can be misconfigured.



MANAGE TIKI EFFECTIVELY

 1. Setup and test a backup procedure.
 2. Use Tiki Manager to automate operations on any number of Tiki instances.




 1. Keep Tiki secure
 2. Disclose a Vulnerability
 3. Latest security releases
 4. Contact security team