Security Alerts

To get informed on security problems within Bluewater MVC please subscribe to the Bluewater MVC project (be sure to allow subscriber emails). You need an LaunchPad Account for that. All security issues are now available in the bugtracking system.

Security Disclosures

If you find a security issue with Bluewater MVC, please contact the maintainers in private first.

* Lead developer:

You might alternatively want to consider reporting a bug, but that’s in the public space. It’s usually safer to report a security issue in private so we can address it before it becomes common knowledge.

General PHP Settings

A good read on locking down PHP in general is Chapter 3 of Apache Security, available in PDF form for free here.