Add functionality and customize your Drupal application with thousands of projects contributed by our amazing community.
A module is code that extends Drupal's by altering existing functionality or adding new features. You can use modules contributed by others or create your own. Learn more about creating and using Drupal modules.
This module provides Drush commands for auditing Headless/Decoupled API routes.
ZENCAPTCHA protects forms from abuse by bots and unfair users. Reduces spam, blocks fake and disposable email addresses and increases your user base quality without the use of cookies. GDPR compliant.
Add the X-Originating-IP header to all outgoing emails to assist with investigation of the sources for spam and unsolicited bulk email.
A standard Drupal install sends email as if it was originating from the web server when in fact, the email originated with a person's web browser. Use this module to include information in the outgoing email header about the IP address of the person who submitted a request to a Drupal website.
Without this module, Drupal effectively becomes an anonymizing service because the standard email headers will have the email origin listed as the web server IP address instead of the user elsewhere on the Internet. By using the information from X-Originating-IP, you can track down individuals who send undesirable communications through contact or webforms.
X-Originating-IP: [xxx.xxx.xxx.xxx]
The originating IP is based on the ip_address()
Drupal API function.
If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's. The actual header name can be configured by the reverse_proxy_header variable.
Security best practices (and indeed the NIST 800-53 security controls) require users who have not used a system in a defined period of time to be deactivated (blocked, in Drupal parlance.)
GoAway is a dirt-simple, light-weight "Ban By IP" module. It works by redirecting offending anonymous users to a local page or remote URL specified by the admin.
Introduction
The SVG Upload Sanitizer module provides a simple way to sanitize
uploaded svg.
Every uploaded svg is automatically sanitize.
AWS Secrets Manager
This Drupal module adds a new key provider for the Key module - it allows you to encrypt data using AWS Secrets Manager.
The main goal of this module is to prevent the use of disposable emails (DEA) when registering and updating a user profile.
This module enhances any module that adds the CSP header to a site, by providing a reporting endpoint, custom storage and aggregated reports that can be used to trace issues or adapt the CSP header
Experimental module. Provides a "Public Key Credential Source" entity type for use in Webauthn flows.
This module converts existing Drupal login form to OTP login using Twilio SMS gateway. User can provide mobile number and after receiving OTP, provide the OTP in next page.
Drubom - Drupal Bill of Materials
What is Drubom ?
This isn't an official GovCMS project.
This module provides an alternative captcha security, where the user can use
a keypad to be to enter simple captcha numbers.
The keypad can be configured to shuffle the keys, improving difficulty of
automated bots to click on the right button.
Project ABANDONED: The API server became a financial burden in 2020 and has since been abandoned.
This module provides extra functionalities for the Vitals module.
The main goal of this module is to fully integrate Yandex SmartCaptcha antibot protection with Drupal forms.
Overview
Access Filter module provides access control with paths/uri and IP addresses.
Set Client-IP from arbitrary header per consumer.
- This module performs a server-side validation for the extension.
- It works on the upload type file field used in any entity.
Notifies the user by e-mail when their e-mail address has been changed.
Pages