The highest level of security
Contentteller is not only an unbelievable powerful content management system but also a secure one. Bringing state of the art strong encryption, content validation, and full support for Content Secure Policy that all modern browsers are supporting.
Next-Generation Website Security
Strong Encryption
Contentteller is using strong encryption everywhere to protect it's code base and data. This makes it a perfect content management system for high profile websites.
The Contentteller code base is protected against backdoors and malware by the ionCube encoder. Any attempt modify or include any of the core scripts will result in a error message.
The templates, configuration files, and cache are using a strong cryptographic encryption for the data. This makes it difficult for a third party to alter any of the data outside of Contentteller.
Critical data such as email addresses and passwords are also stored with a strong encryption layer that is unique for every Contentteller installation. Even if someone is stealing you database, the email addresses are fully protected in the best possible way.
Content Validation
Contentteller comes with content validation to check the data for any external modifications. This is another security feature to make external manipulation much harder then on many other content management systems.
Every content has a checksum that will be checked during access. Any checksum mismatch will be logged and the content will be blocked for loading.
Contentteller is using content validation everywhere from publish and response content, categories, attachments, settings, user accounts, private messages, tasks, menu, usergroups, and more.
Contentteller is also including CSS and javascripts securely with the integrity tag. If someone is modifying any of the included CSS or javascripts, the browser will no longer load the scripts because of an integrity check error.
Content Security Policy
Content Security Policy (CSP) is a powerful feature on modern web browsers that helps you to reduce Cross-Site Scripting (XSS) risks by declaring, which dynamic resources are allowed to load.
The default Contentteller template set has been fully optimized to run in a strict Content Security Policy environment. You can white list external scripts, stylesheets, or fonts. There are also options to block inline script, inline style, and unsafe Javascript functions such as eval.
There is also a dry run option to test your Content Security Policy setup. This is highly recommended, especially if you are embedding an external advertisement server. You may need to adjust the setup in this case.
Every error will be logged in the CSP log file. This allows you to review the error and adjust easily the security settings for your setup.
True Private Messages
The private messaging system of Contentteller is different than in most other products. While other products are storing private message as plain text in the database, Contentteller is using once again a strong encryption layer to ensure that only the user reads this message for whom it is intended.
This makes the private message system also a perfect complement for support after critical data such as passwords can be sent quickly and secure over private message. The private message system allows also the users to download all conversations.
Private message can be limited by usergroups and user state. For example, active users or subscribers can have a higher private message storage then queued users etc.
You never have to worry about storage after the integrated private message system is not allowing full blown discussions with tons of attachments turning the whole thing into an unmoderated private message forum.
Secure Backups
Contentteller is storing all website backups in a strongly encrypted data format that can only be restored on the original website. The backup will be compressed to save disk space.
Backups can be also restored on different database systems. For example, you can create a backup of a SQLite database and then restore it to a PostgreSQL database server. This makes it easy to switch from one DBMS to another.
Contentteller supports import and exports from SQLite, MariaDB/MySQL, and PostgreSQL.
There are option to backup or restore single tables or check multiple tables to export or import the data of multiple tables.