CMS Plugin: Security FAQ
Do I need to log in to use the CMS Plugin?
Yes, you will need to log in with Siteimprove user credentials. Only Siteimprove users configured on the Siteimprove Intelligence Platform (SIP) can access data via the CMS Plugin.
The Siteimprove CMS Plugin is an entry point to the SIP and can be considered as a compact version of the SIP, which is visible when using your content management system.
If a user is currently logged into the SIP, with a session cookie, they will not be required to authenticate again to use the CMS Plugin. Learn more about Siteimprove Security and Data Protection.
How can I protect my website when using plugins?
You should always download plugins, including the Siteimprove CMS Plugin, from a trusted source. For example, the CMS provider plugin repository. Links to repositories for CMS supplier, on which the plugin is supported, is available on the Siteimprove CMS Plugin page.
Does the CMS Plugin have access to unpublished content?
No, content must be published for the SIP and CMS Plugin to have access.
What data is transferred between my site and the plugin when I order a check?
Three pieces of data are transferred via a secure HTTPS connection:
- The URL of the page you are checking
- The type of data request, e.g. get page data, get site data, check page, check site
- A unique token used to authorize the use of the service
Note: The content of the page is not transferred during any request. When the request is received in the SIP, the data is only transferred if the user/platform is allowed access to the content of the URL.
For pages behind a login to be checked, access to the page must be configured in advance by Siteimprove.
I’d like to know more. What exactly is the CMS Plugin code doing?
To dig deeper you can check out the resources on the Siteimprove developer’s website. Here you will find the Siteimprove CMS plugin integration Cookbook and CMS plugin Markdown detailing the functions carried out when using the CMS Plugin.
Did you find it helpful?Send feedback