How we applied SA-CORE-2018-002 for several dozen Drupal-powered sites

drupal securityHere is a brief account of how we applied the most critical Drupal security update in the past couple of years to web projects we support and monitor.

admin Mon, 04/09/2018 - 09:41

Making your Drupal web server secure, step by step

Submitted by admin on Fri, 01/12/2018 - 06:53

In the previous article, we covered How to stay out of SPAM folder? and today we will learn how to secure our Drupal web server.

Setting up Firewall

So, we have Debian OS powering our Drupal web server, and we need to make it secure, adjust everything so as to minimize all risks. First of, we want to configure the firewall. Basic stuff. Our "weapon of choice" here is IPTables.

Drupal-powered websites security audit

Submitted by admin on Mon, 03/20/2017 - 09:45

Drupal security audit

Security of a website is a crucial thing that sometimes does not receive the attention it should.

Today, I’d like to share the routines we apply when checking up security of a Drupal-powered website. For the most part, this article is a summary of the report Dmitry Kochetov, our Drupal security specialist, made at DrupalCamp Krasnodar 2016.