Page 36 - Cyber Warnings
P. 36
Drupal Security Measures
Drupal is a very popular Content Management System (CMS) on the Internet today. Drupal
sites, especially ones running older versions of the CMS or it’s modules are a ripe target for
attackers.
In this post, we’ve taken some time to detail a few measures which can be taken to address the
basic security holes or malpractices that are commonly present in thousands of Drupal sites.
Running the Latest Version of Drupal
Running the latest version of any software is probably the most obvious first security measure to
take. However, with millions of sites still running old and vulnerable versions of the CMS, this
point is still one that needs to be stressed.
Updates of Drupal not only bring with them new features, but more importantly, bugfixes and
security fixes are made available. Updates help your site remain safe against common, easy-to-
exploit vulnerabilities.
Running the Latest Versions of modules
Running the latest version of Drupal alone is not enough to secure your site. Modules you install
on your Drupal site that contain vulnerabilities will undoubtedly increase your site’s attack
surface.
Therefore, making sure that your Drupal modules are up-to-date is essential. In doing so, you
can make sure your site is covered with the latest security updates by the extension’s author.
36 Cyber Warnings E-Magazine – March 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
