SilverStripe is great. I am really enjoying this CMS and learning how to use it. Honestly, I don't have much of a site yet, all I did was go through the tutorials with version 2.4.3 and so I have the resulting content and pages, plus installed the Blog module, and I added an e-mail field to page comments as outlined in this tutorial:
http://archive.ssbits.com/adding-fields-to-page-comments/
Anyway, is there a list of security steps I need to consider after I complete the tutorial? I ran across this post about SQL injection, is that somethig I should be concerned about, I have no idea what inputs I am supposed to be validating or controller actions I should be allowing:
http://www.ssbits.com/snippets/2010/securing-your-site/
I just want to be sure I am doing things right and taking into account the proper security considerations, so I guess I am asking is what I should do to secure my site after completing the tutorial, is there a basic list for newbies?
THANKS!