Changes for page What an XWiki Security Review Should Actually Include

Last modified by Agnease on 2026/05/26 15:27

Manage
- Copy
Actions
- Export
- Print Preview
Viewers
- Source
- Siblings
- Content
- Comments
- Attachments (1)
- History
- Information
- Likes

From 1.6 to 1.5

From version 1.5

edited by Agnease
on 2026/05/26 07:48

Change comment: There is no comment for this version

To version 1.1

edited by Agnease
on 2026/05/26 07:41

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (2 modified, 0 added, 0 removed)
Objects (0 modified, 0 added, 1 removed)
- Agnease.Code.SEODetailsClass[0]

Details

Page properties

Title

@@ -1,1 +1,1 @@
--What an XWiki Security Review Should Actually Include
++xwiki-security-review

Content

@@ -1,213 +1,0 @@
--{{velocity}}
--#set ($discard = $xwiki.ssx.use('PublicWebSite.WebHome'))
--{{html clean="false"}}
--
--  <section class="resource-header" aria-labelledby="hero-title">
--    <div class="container">
--      <div class="text-center">
--        <div class="hero-kicker">
--          <i class="fa fa-shield" aria-hidden="true"></i>
--          XWiki security review
--        </div>
--      </div>
--
--      <h1 id="hero-title">What an XWiki security review should actually include</h1>
--
--      <p class="resource-summary">
--        A working XWiki instance is not automatically a secure one. A proper review should look at versions,
--        access rights, authentication, extensions, custom code, infrastructure and operational practices.
--      </p>
--    </div>
--  </section>
--
--  <section class="resource-page">
--    <div class="container">
--      <div class="resource-layout">
--
--        <aside class="resource-sidebar" aria-label="Page summary">
--          <h4>In this guide</h4>
--          <ul>
--            <li><a href="#why-it-matters">Why it matters</a></li>
--            <li><a href="#what-to-review">What to review</a></li>
--            <li><a href="#security-checklist">Security checklist</a></li>
--            <li><a href="#review-output">What the review should produce</a></li>
--            <li><a href="#when-to-review">When to run a review</a></li>
--          </ul>
--        </aside>
--
--        <article class="resource-content">
--
--          <p>
--            Many XWiki instances continue to work well from a user perspective while slowly accumulating security
--            and governance risks. Users can still log in, search, edit pages and access documents, but that does not
--            always mean the instance is properly secured or easy to maintain.
--          </p>
--
--          <p>
--            Security risks are often hidden in less visible areas: outdated versions, inherited permissions,
--            forgotten administrator accounts, overly powerful rights, old extensions, undocumented scripts,
--            weak fallback access or backup assumptions that were never tested.
--          </p>
--
--          <div class="resource-note">
--            <p>
--              <strong>The main point:</strong> an XWiki security review should not only check whether the application
--              is online. It should evaluate the platform, the access model and the operational practices around it.
--            </p>
--          </div>
--
--          <h2 id="why-it-matters">Why an XWiki security review matters</h2>
--
--          <p>
--            XWiki is often used as an internal knowledge base, intranet, documentation platform or controlled
--            document system. In these cases, the platform may contain sensitive procedures, internal decisions,
--            customer information, technical documentation, compliance records or business-critical workflows.
--          </p>
--
--          <p>
--            The more important the content becomes, the more important it is to understand who can access it, who can
--            change it, which customizations influence it and how safely the instance can be upgraded or restored.
--          </p>
--
--          <p>
--            A security review helps identify risks before they become incidents, upgrade blockers or maintenance
--            surprises. It also gives administrators a clearer view of the current state of the instance.
--          </p>
--
--          <h2 id="what-to-review">What should be reviewed</h2>
--
--          <h3>1. Version and upgrade status</h3>
--          <p>
--            The current XWiki version should be reviewed together with the target upgrade path, installed extensions
--            and infrastructure dependencies. An outdated instance is not only a maintenance concern. It can also mean
--            that security fixes, compatibility improvements and platform hardening are missing.
--          </p>
--
--          <p>
--            The review should also check whether upgrades are performed regularly or only when something breaks.
--            A repeatable upgrade process is part of the security posture of a long-running XWiki instance.
--          </p>
--
--          <h3>2. Access rights and permission model</h3>
--          <p>
--            XWiki has a powerful access-rights system, but this flexibility needs a clear governance model. A review
--            should check who has administration rights, who has script or programming rights, whether rights are
--            assigned through groups, and whether page-level exceptions are still understandable.
--          </p>
--
--          <p>
--            It is also important to review inherited rights, public areas, restricted spaces, old groups, inactive
--            users and sensitive pages. Many permission problems do not come from one obvious mistake, but from years
--            of small exceptions that nobody reviewed later.
--          </p>
--
--          <h3>3. Authentication and identity management</h3>
--          <p>
--            Authentication should be reviewed beyond the simple question of whether users can log in. LDAP, Active
--            Directory, OIDC, SAML, SSO and MFA setups all need to be checked together with group synchronization,
--            fallback login options, local administrator accounts and recovery procedures.
--          </p>
--
--          <p>
--            SSO is useful, but it does not automatically guarantee a clean access model. Authentication confirms who
--            the user is. Authorization still depends on how XWiki groups and rights are configured.
--          </p>
--
--          <h3>4. Extensions and custom code</h3>
--          <p>
--            Installed extensions, custom applications, Velocity scripts, Groovy scripts, macros, sheets, templates,
--            UI extensions and Java components are all part of the security and maintenance surface of the instance.
--          </p>
--
--          <p>
--            A review should identify what is installed, what is customized, what is still used, what is documented and
--            what needs special validation during upgrades. Custom code should be tracked, explained and tested, not
--            discovered accidentally during an incident or a production upgrade.
--          </p>
--
--          <h3>5. Configuration, infrastructure and operations</h3>
--          <p>
--            The review should also cover the environment around XWiki: HTTPS and reverse proxy configuration, database
--            access, filesystem and attachment storage, mail configuration, PDF export services, logs, monitoring,
--            server access and separation between production and staging.
--          </p>
--
--          <p>
--            Backups should be reviewed together with restore expectations. A backup strategy is incomplete if nobody
--            knows what is included, how long recovery would take or whether the restore process has ever been tested.
--          </p>
--
--          <h2 id="security-checklist">Practical XWiki security review checklist</h2>
--
--          <ul class="resource-checklist">
--            <li>Check the current XWiki version, target version and upgrade path.</li>
--            <li>Review installed extensions, outdated components and unsupported customizations.</li>
--            <li>Audit administrator, script and programming rights.</li>
--            <li>Review groups, inherited permissions and page-level exceptions.</li>
--            <li>Validate authentication, SSO, MFA, fallback access and administrator recovery options.</li>
--            <li>Identify custom scripts, templates, macros, UI extensions and Java components.</li>
--            <li>Review public, internal and restricted areas.</li>
--            <li>Check infrastructure, HTTPS, reverse proxy, database, filesystem and mail configuration.</li>
--            <li>Confirm backup coverage, restore expectations and rollback procedures.</li>
--            <li>Document findings and prioritize remediation actions.</li>
--          </ul>
--
--          <h2 id="review-output">What the review should produce</h2>
--
--          <p>
--            A useful security review should not only produce a list of problems. It should produce a practical action
--            plan. Each finding should explain the risk, the affected area, the recommended action and the priority.
--          </p>
--
--          <p>
--            Some findings may require immediate action, such as exposed administration rights or unsafe fallback
--            access. Others may become planned improvements, such as cleaning old groups, documenting custom code,
--            reviewing extensions or preparing the next upgrade.
--          </p>
--
--          <p>
--            The best outcome is a clearer, safer and more maintainable XWiki instance: one where administrators
--            understand the access model, critical features are documented and future upgrades can be planned with
--            fewer surprises.
--          </p>
--
--          <h2 id="when-to-review">When should an XWiki security review be done?</h2>
--
--          <p>
--            A review is especially useful before a major upgrade, after years of organic growth, after an authentication
--            change, before exposing the instance more broadly, after a migration, or when the wiki becomes more
--            business-critical than it was when first installed.
--          </p>
--
--          <p>
--            It is also useful when administration responsibilities change. A new team should not have to guess how
--            permissions, extensions, customizations and recovery procedures were configured years earlier.
--          </p>
--
--          <div class="resource-note">
--            <p>
--              Related resources:
--              <a href="$xwiki.getURL('resources.why-upgrade-xwiki')">why regular XWiki upgrades matter</a>
--              and
--              <a href="$xwiki.getURL('resources.xwiki-custom-development')">how to keep XWiki custom development maintainable across upgrades</a>.
--            </p>
--          </div>
--
--          <div class="resource-cta">
--            <h3>Need an XWiki security review?</h3>
--            <p>
--              If your XWiki instance has grown over time, contains sensitive content, uses custom code or depends on
--              SSO, extensions and business-critical workflows, a structured review can help identify risks and define
--              the safest next steps.
--            </p>
--            <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Request a security review</a>
--          </div>
--
--        </article>
--
--      </div>
--    </div>
--  </section>
--
--{{/html}}
--{{/velocity}}

Agnease.Code.SEODetailsClass[0]

metaDescription

...	...	@@ -1,1 +1,0 @@
1		-Learn what an XWiki security review should include: version status, access rights, authentication, extensions, custom code, infrastructure, backups and operational practices.

metaTitle

...	...	@@ -1,1 +1,0 @@
1		-What an XWiki Security Review Should Actually Include \| Agnease