UMB.FYI

Articles tagged #security

UMB.FYI
2025-01-15

📰 Securing Media Files in Umbraco Without Azure Blob or CDN

Farshadudheen K discusses securing media files in Umbraco CMS by implementing custom middleware to restrict access to authenticated users. This approach enhances security by intercepting media requests, enforcing user permissions, and optionally redirecting unauthorized users. While effective for smaller sites, larger applications may benefit from Azure Blob Storage and CDN integration for improved performance and security.

#security
UMB.FYI
2024-12-25

📰 Transforming Umbraco into an Identity Provider (IDP)

In today's interconnected digital landscape, leveraging Umbraco CMS as a centralized Identity Provider (IDP) enhances security and simplifies user management. By integrating Duende IdentityServer, Umbraco enables seamless Single Sign-On (SSO) and customizable authentication flows, providing scalability and robust security for growing application ecosystems.

#authentication #security
UMB.FYI
2024-12-18

📰 What happens when a security issue is raised with Umbraco?

Liam Laverty discusses the complex process Umbraco HQ follows to create, rate, and deploy security patches, balancing stakeholder incentives. He highlights the steps taken from vulnerability disclosure to patch release, emphasizing the need for accurate severity ratings and timely deployments to mitigate security risks for a widely used open-source CMS.

@24 Days In Umbraco #security
UMB.FYI
2024-11-27

📰 Utilizing Azure Blob Storage, CDN, and Key Vault in Umbraco 13

In his blog, Jerin Jose c discusses enhancing Umbraco 13 through the integration of Azure Blob Storage, CDN, and Key Vault. This combination improves performance, scalability, and security for media handling and secret management. The article outlines setup steps for each service, culminating in a robust solution for efficient content delivery.

#performance #scalability #security
UMB.FYI
2024-10-23

📰 Security Advisory, October 22, 2024 - Patches for Umbraco CMS are now available

Umbraco versions 8.0.0 to 14.3.0 are affected by various medium-severity vulnerabilities, requiring users to upgrade to the latest minor versions for patches. Vulnerabilities include stored XSS and potential code execution risks, necessitating authenticated access for exploitation. Users are encouraged to enable automatic minor upgrades for enhanced security.

@Umbraco #security
UMB.FYI
Archive Polls Tips Firehose Privacy About

UMB.FYI is built with ❤ by the Umbraco community and is not affiliated with Umbraco HQ