Chapter 3. Protecting Your Site with Configuration
Modules and Site Configurations that help enhance your site's security
At this point you should have a picture of the most common vulnerabilities that face a Drupal site administrator. Now let's talk about some steps you should take and practices you should follow to protect your site and mitigate the weaknesses.
Remember, many of these steps involve trade-offs in convenience for security and therefore are not necessarily appropriate for every site.
While the majority of this book talks about code—how to identify and exploit vulnerable code and how to write secure code—this chapter is not about code. Making good decisions as a site admin in configuring your server, updating your site, and using the right modules is the first step toward a safe site. Without an up-to-date Drupal installation, the rest of this book doesn't matter. So while it may seem useful only to system admins, the advice in this chapter is important regardless of whether you are a programmer or a system admin.
Get Cracking Drupal®: A Drop in the Bucket now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
