6119: Security Overview block - Composr CMS feature tracker

ID	Project	Category	View Status	Date Submitted	Last Update

6119	Composr	securitylogging	public	2025-01-10 21:36	2025-01-10 21:38

Reporter	PDStig	Assigned To	Guest
Priority	normal	Severity	feature
Status	new	Resolution	open

Summary	6119: Security Overview block
Description	Create a block for the Admin Zone dashboard which gives a basic security overview of the site. In general, it should be a visual representation (pie, doughnut, stepper, progress bar, whatever) of current site security. Perhaps it should be separated into two graphs, one for configuration and one for logs. The configuration “grade” considers things like: - Do all super-administrator / super-moderator usergroups have enquire on new IP enabled? - Is auto-banning enabled for hack attacks? - Is CSP enabled? - Are maintenance scripts restricted? - Do the Admin and CMS zones require confirmed sessions? - etc The audit “grade” considers things like: - The number of hack attacks in the last week (and the risk scores) (relative to weekly traffic count) - The number of failed logins in the last week (relative to site member count) - The number of times someone got an access denied screen (relative to weekly traffic count) - The number of times someone got a missing resource screen (relative to weekly traffic count) - The number of times someone used forgot password (relative to site member count) - The number of times the Admin Zone or Commandr was accessed (relative to the number of staff members) - The number of times a banned member tried to log in or a banned IP tried to access the site - The number of times rate limiting was triggered - Rootkit detection results and comparison, if possible - Traffic count / bot activity - etc Where there are concerns, offer very brief action items and links to take staff to said action items. These should be controlled by block hooks.
Tags	Roadmap: Over the horizon
Attach Tags	(Separate by ",")

Time estimation (hours)
Sponsorship open

Date Added	Member	Amount Sponsored

View Status	Private (for security issues or disclosing of private information; if you submit as a guest, you will not be able to see your submission)
Note
Upload Files Maximum size: 32,768 KiB	Attach files by dragging & dropping, selecting or pasting them.
You are not logged in	You are not logged in. This means you will not get any e-mail notifications. And if you reply, we will not know for sure you are the original poster of the issue.

Date Modified	Username	Field	Change
2025-01-10 21:36	PDStig	New Issue
2025-01-10 21:36	PDStig	Tag Attached: Roadmap: Over the horizon
2025-01-10 21:37	PDStig	Description Updated
2025-01-10 21:38	PDStig	Description Updated