Complete Vulnerability Disclosure Policy (VDP) and Security Acknowledgments system for CMS Made Simple (CMSMS). Provides secure forms for responsible vulnerability reporting, CSRF protection, rate limiting, email notifications, and comprehensive security event logging.
-
Download the Module
- Download Latest Release - Get both ZIP and XML files with one click
- Or use the Direct Download page
-
Install via CMSMS Module Manager
- Extensions → Module Manager → MAS Security → Install
-
Follow the Installation Guide for detailed setup instructions
- Vulnerability Disclosure Policy (VDP) - Professional VDP page with secure submission form
- Security Acknowledgments - Public acknowledgments page to recognize security researchers
- CSRF Protection - Built-in CSRF token validation for all form submissions
- Rate Limiting - Configurable rate limiting (default: 3 submissions per hour per IP)
- Email Notifications - Automatic email alerts to security team on report submission
- Security Event Logging - Comprehensive logging of all security-related activities
- Admin Interface - Complete admin interface for managing reports and acknowledgments
- In-Browser Editor - Edit acknowledgments directly from admin with PHP syntax highlighting
- Honeypot Protection - Bot detection via hidden honeypot fields
- Dynamic Configuration - Automatically detects domain and admin email settings
The VDP page provides a secure form for security researchers to responsibly report vulnerabilities. Features include CSRF protection, rate limiting, and automatic email notifications.
The acknowledgments page publicly recognizes security researchers who have helped improve the security of the website through responsible disclosure.
Navigate to the appropriate guide for detailed information:
| Guide | Description |
|---|---|
| Installation Guide | Step-by-step installation and initial setup |
| Configuration Guide | Module configuration and settings |
| Usage Guide | How to use module features and actions |
| Security Guide | Security features and best practices |
| Acknowledgments Guide | Managing security acknowledgments |
| Troubleshooting Guide | Common issues and solutions |
| Development Guide | For developers and contributors |
| Releases Guide | How to create and manage GitHub releases |
- CMSMS Version: 2.2.0 or higher
- PHP Version: 7.4 - 8.6
- Server: Apache, Nginx, or LiteSpeed (OpenLiteSpeed/LiteSpeed Enterprise)
Visit the Releases Page to download:
MAS_Security.zip- Module installation packageMAS_Security-1.0.0.xml- Module definition file
Use the download page to download both files with a single click.
- Download the latest release files (ZIP and XML)
- Log in to your CMSMS admin panel
- Navigate to Extensions → Module Manager
- Click Upload Module or use Install Module
- Upload the
MAS_Security-1.0.0.xmlfile - Follow the Installation Guide for complete setup
- Author: master3395
- Email: info [at] newstargeted [dot] com
- Website: https://newstargeted.com
This module is licensed under the MIT License. See the LICENSE file for details.
See CHANGELOG.md for version history and changes.
Note: This module follows security-first development practices. All security features are enabled by default to ensure maximum protection for your CMSMS installation.