Illustration of a large laptop and security person at computer.

Secure Your Website

Concrete CMS prioritizes your website's security, offering robust measures that keep your data safe and compliant with industry standards.

Schedule a Call Get Started For Free

Trusted by the best

BASF Logo
GlobalSign
US Army
ITV Media
The Home Depot Logo

Site Health - New Feature

In Concrete, there are many settings that control exactly how secure your site needs to be. These settings may change when a project is in active development vs. when it's been put into production. Additionally, settings that are unnecessary for sites at their immediate installation – like installing your SSL and setting the canonical URL – are extremely important for a secure site once that site has launched.

This goes beyond just general security; for example, block caching settings don't directly impact security, but you wouldn't want to have your overrides or block caches turned off on a site that is in production. These, however, are frequently turned off in development mode.

Run Audit Reports

  • Check Site Production Status: Scans your site and its settings to determine whether it is optimally configured for use in a live, production environment. Checks page cache settings globally and on every page to determine whether it is optimally configured for use in a live, production environment.
  • Find Custom JavaScript Report: Easily manage and troubleshoot JavaScript on your site. 
  • Audit Trail: Keep track of all changes with an extensive audit trail. This feature provides accountability and transparency, allowing you to monitor who made changes and when.

  • Logging: Access all site-generated emails and errors for better transparency and troubleshooting. Log emails, PHP errors, and MySQL errors.

Run an Audit

 

 

Tested and Supported on HackerOne

Tested and Supported on HackerOne

Our platform undergoes continuous testing and monitoring for vulnerabilities on HackerOne. This proactive approach ensures that any security issues are quickly identified and resolved.

Check Out Hacker One

Open source, but fully supported.

Concrete CMS is free and open source under the MIT license, and is fully ISO:27001 compliant out of the box. If your organization's IT and compliance groups want to manage the platform yourself, you're welcome to!

If your team would rather focus on content, the team behind Concrete can host your website for you and help you maintain a safe, secure and compliant web presence. We have a detailed understanding of compliance requirements and security is baked into our processes from the ground up. You'll be able to sleep soundly knowing our people are watching out for your public presence on the web. 

Support contracts are here to provide value & safety when you need it, but are never a requirement. You'll never get roped into some license fee you don't understand and can't control. You'll always own your content and your copy of the CMS, we're just eager to help if we can provide value. 
 

hippa.pngiso-2022-225px.png

Keep Your Users Safe

Automated Logout: Enhance session security by automatically logging out inactive users. Log users out if IP or user agent changes. Configure IP address exceptions to approve or deny.

Password Requirements: Define the complexity and strength requirements for user passwords. Specify password length, character requirements, and strength. Prevent password reuse and enforce regular password changes

Global Password Reset: Force all users to reset their passwords, enhancing security. Confirmation process for resetting passwords.

User Deactivation Settings: Manage user account deactivation based on inactivity or failed login attempts. Automatic deactivation for inactivity or failed logins.

Verification and Approvals

Content Approval: Control and verify content before it goes live with our content approval workflows. This ensures that only approved content is published, maintaining the integrity and quality of your site.

Email Verification: Secure user registrations and logins with email verification. This feature ensures that only legitimate users can create accounts and access your site.

Login History: Monitor login activities to detect suspicious behavior. The login history feature lets you track who logged in, when, and from where, helping you identify and respond to potential security threats.

Kelly Jones
A terrific partner over the last several years. The staff goes above and beyond when it comes to delivering timely services and support. Additionally, the software/services provided are user friendly and intuitive. They have done a wonderful job helping automate many of our digital processes and it's truly providing a more standardized enterprise approach.
Kelly Jones Senior Client Relations Manager, U.S Army Family and MWR

You need a CMS that saves you time.

Schedule a demo and tell us a bit about your project and we'll help you decide if Concrete CMS should be on your shortlist.

 

Schedule Now!

customer-service.png

24/7 Support

Unlimited support questions with all our hosting plans.

Support Options

education.png

Education and Certification

Grow your skills and get certified!

Get Certified

store.png

Marketplace

Concrete CMS serves a wide market of needs and solutions. 

Visit the Marketplace