Results 1 to 2 of 2

Thread: Tips to Enhance Drupal based site security

  1. #1
    Join Date
    Mar 2011

    Tips to Enhance Drupal based site security

    Drupal is a widely use CMS that offer you different ways to create effective site. It also has ample of good plug-in which can help you to enhance your site output. Drupal is versatile in usage. But making and customizing site is not just enough on the same. There is lot more other thing you have to do to make it better. And the most important thing lies with the security. If security is not proper then you won't be able to get maximum satisfaction from your site. There are some basic loopholes that can cause major issue in future. There are many other CMS which deal with such problem and that is the reason they give you regular updates. This update add more security and also enhance the performance of the system. Today I am going to cover ample of tips that will help you to make your Drupal site more secure. Remember some changes might cause issue with performance. So it is always to take a full website backup before moving ahead. So that in case if you have any issue it will be easier for you to restore the site back to its actual settings.

    Install latest Drupal Update -

    Drupal Update

    It is very important that you must never skip a update. That really matters a lot. Drupal is an extensive CMS and it has lot of things in it. Most of the settings you won't be using. So the first thing you must always practice is updates. And this is not just limited to the cms update. You also have to take care about the plug-in and other stuff that you are using in the system. Without which update won't be working very well. Always remove plug-in that are not getting any update, because they can leave a security hole in the site. Instead of that find a proper alternative. You will get a directly notification in the admin panel if any new update is released in the market.

    Working on the Password -


    It is a good habit always to use a very strong password. A password which is not easy to guess. And using a multiple characters on the same that include capital and small letter, numbers, symbols, etc. A better password is always complicated to hack. Regular text or numeric characters are not safe at all. If you find this complicated then you can try using LastPass. It is an tiny but very effective plug-in that help you to create strong password and secure your login details from all angle. It will also help you to generate a password that you can apply on your website.

  2. #2
    Join Date
    Mar 2011

    Re: Tips to Enhance Drupal based site security

    HTTPS -

    By default Drupal works over HTTP. That means a bit of less security where your login details are carried forward in plain text. It is good to use the entire site over HTTPS so that your login details remained maximum secure and others won't be able to access the same. It is not a very complicated process. For that you just have to enable secure login in your Drupal CMS. This does not hamper site performance or cause any issue. It is one of the most basic security settings that must be active.

    Working on Web Server Permission -

    File Permission

    One of the biggest reason behind major site attacks is the web server file permission. It is necessary that you must read about the file permission which matters really a lot. You must checkout the list of all important files of Drupal and permission applied to the same. Sometime after done with the installation you might face issue with it as the permission is not applied by default. So here you must disable the permission manually. You can also do the same using a FTP software. Some directories of Drupal by default has 777 which means it is readable and writable for everyone. You must limit the same.

    Using readymade security plug-in -

    The good part of using Drupal type of cms is that it has a huge plug-in directory. From where you can find ample of things for your requirement. I will recommend you to simply get a plug-in if you are not really sure about doing things manually. That will help you a lot. There are tons of great plug-in that you can find on web. Some are paid where you get more tech support if you land on some kind of problem. So better keep a plug-in active on your site so that you won't be facing any problem with that.

    Backup Plug-in -

    With a security plug-in do not forget to add a backup plug-in also. This also quiet matters a lot. Backup plug-in will help you to get regular files stored on the server and incase if there is any problem with the site through the backup you can still restore things back again. So here it is necessary that you find some good backup plug-in and apply the same on the site. And use that for proper backup purpose. You can try using third party plains or you can generate backup manually from cpanel also.

Similar Threads

  1. Dns based adult site blocking
    By cech in forum Networking & Security
    Replies: 4
    Last Post: 25-09-2013, 02:23 PM
  2. How to enhance endpoint security on windows
    By rooter in forum Windows Security
    Replies: 8
    Last Post: 06-02-2012, 10:54 PM
  3. Replies: 1
    Last Post: 26-04-2011, 06:51 PM
  4. How to enhance the security of my browser?
    By Maadhav in forum Technology & Internet
    Replies: 4
    Last Post: 16-03-2010, 03:35 AM
  5. How to enhance WEB server, IIS 5 security
    By Lawford in forum Technology & Internet
    Replies: 5
    Last Post: 16-02-2010, 04:37 AM

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
Page generated in 1,720,841,305.88702 seconds with 17 queries