How we applied SA-CORE-2018-002 for several dozen Drupal-powered sites
Here is a brief account of how we applied the most critical Drupal security update in the past couple of years to web projects we support and monitor.
Security
Making your Drupal web server secure, step by step
In the previous article, we covered How to stay out of SPAM folder? and today we will learn how to secure our Drupal web server.
Setting up Firewall
So, we have Debian OS powering our Drupal web server, and we need to make it secure, adjust everything so as to minimize all risks. First of, we want to configure the firewall. Basic stuff. Our "weapon of choice" here is IPTables.
Drupal-powered websites security audit
Security of a website is a crucial thing that sometimes does not receive the attention it should.
Today, I’d like to share the routines we apply when checking up security of a Drupal-powered website. For the most part, this article is a summary of the report Dmitry Kochetov, our Drupal security specialist, made at DrupalCamp Krasnodar 2016.