Introduction

I hope you've purchased this book before having a security problem rather than after. As I relate in Chapter 1, being the target of an attack is not a fun situation. Especially online, attacks can be painful: The stakes are often surprisingly high. Attackers can ruin images and text that took months to create, blemish your reputation as a reliable site, and steal users' private information; the result of nearly all of these problems is ultimately the loss of money.

You got into Drupal because it helps save time and money: It's a powerful tool available for free that anyone can use to build great sites (although, of course, there is the chance that you got into Drupal because your boss told you to!). Does the danger of an attack mean that using Drupal will be worse than using a homegrown solution? Fortunately, the answer is no. By default, Drupal provides great security protection and has an API that makes it easier for developers to avoid and eliminate security problems.

Who Should Read This Book?

This book was written with three major audiences in mind: Drupal site admins, professional developers/themers, and IT sysadmins/security generalists. Hopefully you identify with one of these three groups.

Drupal Site Admin

Perhaps the biggest group of people who will benefit from reading this book is Drupal site admins. These are people who have a site or a few sites that they maintain. They may know how to do a little bit of HTML, CSS, and/or PHP but are really more comfortable ...

Get Cracking Drupal®: A Drop in the Bucket now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.