TIP: Drupal6/7 permissions setup compatible with DSO (mod_php) 'nobody' web server mode on CentOS+WHM/cPanel under Drush maintenance

Some context

So why might you, if you are operating a cPanel-based VPS for your own Drupal sites, want to consider switching from suPHP to DSO ?

"Your Drupal site got hacked ? Well it's entirely your own fault ! You should always do your updates ! You've only got yourself to blame (and don't dare blame the security holes in that older Drupal code) !!!"

Accepting Payments Online: Drupal and PCI Compliance

The Payment Card Industry (PCI) has defined a number of Data Security Standards when accepting sensitive information such as credit card numbers over the web. While these are not Drupal-specific, they are important for any Drupal developer of site administrator of an e-commerce site to be aware of.

Installation and usage

Use Guardr as the base for a new Drupal project

Download Guardr 7.x-2.x-dev or use drush $ drush dl guardr.

Install Drupal using the Guardr codebase as you would normally, but make sure to select the Guardr profile during the installation process.

Building a Guardr instance for development and testing

Download the Guardr profile.

High performance Guardr

Barracuda is a bash script to install and/or upgrade, tuned for high performance, Aegir Master Instance with all related system services.

The maintainers of Barracuda have chosen to include Guardr as a distribution install option. This is a fantastic partnership to provide both secure and high performance Drupal instances.

A note about Coder

Coder Review is a useful modules for identifying potential security issues, however it is not part of the Guardr distribution. Guardr is intended to be part of a layered sub-distribution. Due to a bug in Drupal 7, using drush with coder_review installed in more than one directory can cause fatal conflicts. It is recommended to add Coder to your installation.


Subscribe with RSS Subscribe to RSS - Drupal security