Feature #21257

Integrate Security section to Install Tool

Added by Oliver Hader about 11 years ago. Updated over 5 years ago.

Should have
Target version:
Start date:
Due date:
% Done:


PHP Version:
Sprint Focus:


In TYPO3 4.3 there are several new security related extensions and settings, like saltedpasswords, rsaauth etc. However, it is not easy to configure these features easily since they depend on preconditions - e.g. rsaauth requires openssl installed on the server, saltedpasswords requires a HTTPS connection or rsaauth installed.

A new section in the Install Tool, called "Security" shall help to configure these things by integrating a new wizzard that can perform the required checks (e.g. openssl installed) and ask the admin whether he wants to use a specific secruity related feature. Thus it would be possible to use these new features from the very beginning after installing or upgrading to 4.3, e.g.
  • RSAAuth by default
  • SaltedPasswords by default

(issue imported from #M12214)


#1 Updated by Bernhard Kraft over 10 years ago

+1 by me for such a section.

altough this breaks up the clear sorting by SYS / BE / FE etc, such a section would make sense. I thing it could be better to simply introduce a new section SEC and change all currently used keys accordingly.

(To keep compatibility this could be done from within config_default.php for 4.3 branch)

#2 Updated by Ingo Renner over 10 years ago

I'd like to ask to postpone this to 4.5. I'd then put this in a security report. with other things like checking for new TYPO3 versions and installed insecure extensions...

#3 Updated by Stefan Neufeind over 9 years ago

Would be great to have this in for 4.6 maybe ...

#4 Updated by Xavier Perseguers about 9 years ago

  • Target version deleted (4.6.0-beta1)

#5 Updated by Georg Ringer almost 6 years ago

  • Status changed from New to Needs Feedback

still valid?

we got:
  • presets in install tool
  • security section in reports module

#6 Updated by Markus Klein over 5 years ago

  • Status changed from Needs Feedback to Closed

no progress since ages.

Also available in: Atom PDF