CRITICAL SECURITY VERSION UPDATE:
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13

CodeIgniter & Security considerations

borgulasborgulas
edited March 2014 in News & Announcements
Hi, I'm thinking about using fuelcms as a combination of CMS + PHP Framework for my next webproject. I'm still not sure whether to use it, because CodeIgniter is no longer receiving regular updates and I wonder how secure it is to use still. I have used CodeIgniter in the past, but was thinking about switching to Laravel, only I couldn't find any good CMS combinations with that framework. What are your thoughts on this? Is codeigniter futureproof to use, also in terms of security?

Comments

  • adminadmin
    edited 8:34PM
    These are valid concerns I think given the state CodeIgniter. Although nothing is future proof, I will say that FUEL incorporates all the basic methods to prevent such things SQL injection and XSS issues and we will do our best to patch any crucial security issues when they arise. Remember though, security on an application can mean a lot of things to a lot of different people. You should never rely on a framework to fix all your security problems. Versions of PHP and Apache are all outside of the framework and should be scrutinized just as much or more.
  • borgulasborgulas
    edited 8:34PM
    Ok, thanks for the reply. Are you also planning to switch from CodeIgniter to another PHP framework, or waiting for what the future developements at ellislab will be?
  • adminadmin
    edited 8:34PM
    Our FAQ addresses that question (somewhat):
    http://www.getfuelcms.com/faq
Sign In or Register to comment.