typo3-security
CommunitySecure TYPO3 v13/v14 with best practices.
System Documentation
What problem does it solve?
TYPO3 deployments often suffer from misconfigurations and weak security practices that expose admin panels, sensitive data, and sites to attacks. This Skill provides a structured security hardening blueprint for TYPO3 v13/v14, covering core config, access controls, CSP, install tool, and ongoing audits.
Core Features & Use Cases
- Configuration hardening: Guidelines for BE/FE/SYS settings, trusted hosts, session management, encryption, logging, and error handling to reduce attack surfaces.
- Access control & MFA: Backend user authentication improvements, MFA requirements, and admin access logging to deter unauthorized access.
- Content Security Policy & defenses: CSP enablement and headers to prevent XSS, clickjacking, and data exfiltration; file upload protections.
- Go-live & maintenance checklist: Step-by-step audit for production readiness, monitoring, and regular updates.
Quick Start
Apply the TYPO3 security guidelines to your environment by editing config/system/settings.php and related config values; enable CSP via SYS features; secure the Install Tool; implement MFA and trusted hosts; then run a security audit using the provided checklist to validate the configuration.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: typo3-security Download link: https://github.com/dirnbauer/webconsulting-skills/archive/main.zip#typo3-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.