Page 1 of 1

Secure Domain/capabilities in Joomla Framework version 2

Posted: Thu Feb 12, 2015 8:46 pm
by sriz786 ... admap.html

Based on above announcement, I am deeply confused even frustrated that Security domain and capabilities are not taking into account for Joomla Framework ver2.

Online companies, organizations, individuals are constantly getting hacked and their information is up for the grabs because secure domains and requirements are not considered when building applications and online/mobile presence.

What is Joomla leadership and technology teams doing to address security in the Joomla Framework and Joomla CMS.

Please advise.

Kind regards,


Re: Secure Domain/capabilities in Joomla Framework version 2

Posted: Fri Feb 13, 2015 5:25 pm
by alikon
as reported on the roadmap

"We welcome feedback and discussion .......
.... If you would like to comment on this proposal, we invite you to participate on this thread on the Framework's Google Group

Re: Secure Domain/capabilities in Joomla Framework version 2

Posted: Sat Feb 14, 2015 1:46 am
by mbabker
Would you care to elaborate on what you're referring to specifically?

As far as building an application via the Framework goes, a tool that isn't offered is an ACL system to limit user behaviors within the application (however there are plenty of alternatives in the PHP marketplace). This feature obviously exists in the CMS.

There are tools in place to enable developers to encrypt data via the Crypt and Keychain packages (with similar classes in the CMS) and the application classes support HTTPS based connections.

Compared to other framework and CMS stacks in the PHP marketplace, I'd say that what Joomla offers out of the box is on par with other vendors as far as providing various tools goes. Without knowing specifically what you feel needs to be addressed in our code base, it's difficult to give any additional feedback.

Re: Secure Domain/capabilities in Joomla Framework version 2

Posted: Mon Dec 05, 2016 4:41 pm
by sriz786
Good day all,

Does Joomla development team uses secure development platform for secure coding practices and testing code for secure development?0

There are automated tools like Veracode and HP Fortify" In addition look at below Google announcement and resource. Thank you! ... zzing.html

My hope is that Joomla will stand out for its resilient and secure coding for online communities and E-Commerce capabilities.