O'Reilly logo

Drupal® 7 Bible by Brice Dunwoodie, Ric Shreves

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 31. Securing Your Site

IN THIS CHAPTER

  • Security best practices

  • Keeping up with security notices

Site security is one of the most critical issues faced by Web site owners and administrators. Open-source software like Drupal is neither more nor less secure than any other type of software. The issues that face open-source systems are essentially the same issues that face all software users. Similarly, the steps you need to take to secure your site are common to most server-based software installations.

Site owners who rely on technology alone for their security are doomed to failure. Though I emphasize it throughout the chapter, it is worth mentioning again: People are your biggest risk. To keep your site secure, you must educate users and administrators, and you need to consistently implement common-sense practices and policies.

This chapter looks at security best practices for Drupal and provides advice and tips on how to make your Drupal site secure and how to keep it secure.

Security Best Practices

Creating and maintaining a secure Web site requires attention to a variety of issues. The process starts at server setup and continues throughout the life of the site. There is no such thing as a site you can create and forget and no such thing as a site that takes care of itself. To keep your site safe, you must take affirmative steps and develop an awareness of the issues. While you cannot protect yourself from every conceivable threat, you can reduce the vulnerability of your site ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required