typo3-security
TYPO3 Security Hardening
Compatibility: TYPO3 v14.x All security configurations in this skill work on TYPO3 v14.
TYPO3 API First: Always use TYPO3's built-in APIs, core features, and established conventions before creating custom implementations. Do not reinvent what TYPO3 already provides. Always verify that the APIs and methods you use exist and are not deprecated in TYPO3 v14 by checking the official TYPO3 documentation.
1. Critical Configuration Settings
config/system/settings.php (TYPO3 v14)
<?php
return [
'BE' => [
// Disable debug in production
'debug' => false,
// Session security (example hardening values — tune for proxies/load balancers)
More from dirnbauer/webconsulting-skills
document-processing
>-
187ai-search-optimization
>-
184typo3-content-blocks
>-
89typo3-ddev
Use when providing DDEV URLs, accessing TYPO3 backend in browser, performing any ddev command (e.g. start, stop, restart, describe, exec), setting up DDEV for TYPO3 extension development, or testing across multiple TYPO3 versions. Triggers on: ddev URLs, backend URLs, local development, docker environment, PHP version management, multi-version testing.
85webconsulting-branding
>-
78legal-impressum
>-
75