Security Steps to Protect Your DotNetNuke CMS

What to do to protect your eCommerce website

SOA eCommerce Integration and Implementation

DNN Security Out Of The Box

DNN (DotNetNuke) is already the premier CMS of the US Government due to it's robust security and integration with existing security features.  However even DNN isn't absolutely perfect out of the box, and there are many additional security features that can be put in place depending on your specific DNN eCommerce requirements. These security recommendations range from simple to complex and cover many different aspects of potential security risks. No guide can accurately assess your specific security needs. If you would like to adequately secure your DNN website, contact Clarity today.

SOA for E Commerce Platform and IntegrationIncrease Password Complexity and Use Requirements

Increasing password complexity is one of the easiest and most effective ways to significantly increase security. The most common and effective requirements are length and complexity. 8 or more characters and a minimum of one capital letter, one lowercase letter and one number is a great start. You can consider requiring a non-alphanumeric character as well as placing restrictions on how long a password may be used. Even with strong password requirements, you are only preventing against brute force attacks.

SOA for E Commerce Platform and IntegrationChange 'Host' and 'Admin' Passwords and Limit Their Use

Changing the Host and Admin password to extremely complex passwords is the single most effective step for security, as both accounts are known to exist and are the most vulnerable to brute force attacks because of that. Make sure that any password you set for these accounts exceeds the password recommendations listed above. You should also consider limiting access to these accounts, as they are the most powerful accounts and would leave your site the most vulnerable if they were compromised.

Service Oriented Architecture e-commerce solutionHash Password Storage

By default DotNetNuke uses encryption of user passwords. This provides a good level of protection, and allows you to retrieve your password as encryption is a reversible operation. However, if you do not wish to support password retrieval, or want to ensure maximum protection, you may choose to use Hashing instead. Hashing is a non-reversible operation, so even if your database is accessed or stolen, a hacker cannot reverse engineer your password.


Clarity Can Help

Security is a serious matter, and is not something that can be fully accomplished with generic steps. Clarity Ventures is a DNN Gold Partner and can help with any DNN requirements you may have. From the creation of an entirely new website and modules, to an audit of your current website. Call Clarity today for a free quote.

Get a Quote: 800.928.8160 (toll-free)

Enterprise eCommerce

Don’t get stuck with a platform that limits your range, Sell everywhere all the time with Clarity eCommerce.

image description