now requires two factor authentication through Google Authenticator. Should you need assistance with the two factor authentication please report the problem via a support ticket. close

Home Documentation 2.2 Security Considerations Hardening the Content Management System


Hardening the Content Management System

Application Scanning

A web application scanner will look for typical mistakes made in PHP applications: XSS, CSRF and SQL injections, and more. We use AppScan, but many free application scanners are available. You should scan any component you code yourself, or 3rd party component, that is not part of the HUBzero release. Also, if you modify a component in a HUBzero release, you should scan it for vulnerabilities the change may have introduced. If you find a vulnerability in the HUBzero release itself, please file a ticket at!

Last modified: