Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
1.2 release improves file permissions check, adds check for PHP filter, passwords in email, and corrected minor bugs. Fixed issue with symlinked directories.
Check system split to separate file. If you've implemented hook_security_checks() consult the API.txt for compatibility.
Release 1.1 of the Security Review module for Drupal 6. It is recommended that all 1.0 users upgrade to this release for new features and bug fixes. This release includes several new checks and better processing of the checklist.
To upgrade you should disable and uninstall your existing Security Review module, taking care to record which checks you have skipped, if any, and which roles you have marked as untrusted. Once uninstalled copy over the new module's files and enable.
Changelog:
* Issue #746400 Add administer nodes permission check
* Feature #725902 by coltrane: Give warnings about Views without any access control
* Issue #993942 by coltrane and greggles: Check Filefield extensions
* Issue #755766 by coltrane Better handling of time outs
* Issue #830970 by greggles and coltrane: Test password strength by comparing password to username
* Issue #1087116 by greggles and coltrane: Check dblog module is enabled before providing SQL checks
* Issue #755766 by coltrane: Provide batch processing.
* Updated unsafe tags to include video and audio
* Expanded drush integration
* Drush support for rainbow table password check
* Allow for help when Security Review defines checks on behalf of other modules.
* Issue #989314 by coltrane: Fixed Subsite installation: 'Run checklist' timeout, opendir fails.