Get started

Security

How Wagtail helps you secure your content

With built-in security features, enterprise-level permissions, and regular security releases, Wagtail is a CMS for organizations that want strong security for their content.

Why people feel safe with Wagtail

I have no worries with Wagtail, whereas with any given Wordpress site there are at least 20 different plug-ins that could suddenly become de-supported or a security problem.

Tim White, Motley Fool

"Wagtail gives us the multilingual capabilities and security we need, while being intuitive enough for our team to manage quickly during emergencies. It's the platform that allows us to act without delay."

Edd Rhodes, Medical Aid for Palestinians

Wagtail has a robust security foundation

Wagtail is built on top of a security-minded web framework called Django. Here are just some of the security features that Wagtail gets from choosing to use Django at our core:

Security procedures you can count on

How we handle Wagtail security issues

The Wagtail security team has standard procedures for reviewing reported security issues and notifying users to prevent bad actors from exploiting bugs. When there is confirmed security issue, we put out security releases in a timely manner and issue advisories to encourage everyone to install the patches.