TIP: Drupal6/7 permissions setup compatible with DSO (mod_php) 'nobody' web server mode on CentOS+WHM/cPanel under Drush maintenance

Some context

So why might you, if you are operating a cPanel-based VPS for your own Drupal sites, want to consider switching from suPHP to DSO ?

"Your Drupal site got hacked ? Well it's entirely your own fault ! You should always do your updates ! You've only got yourself to blame (and don't dare blame the security holes in that older Drupal code) !!!"

Drupal 8: Writing secure code

Know about a security issue? Please alert the security team.

Whether you are writing a PHP snippet or an entire module, it is important to keep your code secure.

Accepting Payments Online: Drupal and PCI Compliance

The Payment Card Industry (PCI) has defined a number of Data Security Standards when accepting sensitive information such as credit card numbers over the web. While these are not Drupal-specific, they are important for any Drupal developer of site administrator of an e-commerce site to be aware of.

Installation and usage

Use Guardr as the base for a new Drupal project

Download Guardr 7.x-2.x-dev or use drush $ drush dl guardr.

Install Drupal using the Guardr codebase as you would normally, but make sure to select the Guardr profile during the installation process.

Building a Guardr instance for development and testing

Download the Guardr profile.

High performance Guardr

Barracuda is a bash script to install and/or upgrade, tuned for high performance, Aegir Master Instance with all related system services.

The maintainers of Barracuda have chosen to include Guardr as a distribution install option. This is a fantastic partnership to provide both secure and high performance Drupal instances.


Subscribe with RSS Subscribe to RSS - Drupal security