Help protect the website from attackers or bad actors, by identifying, preventing, or mitigating security vulnerabilities.

OpenID Synchronization Framework

logo_openid.png

Description

Need to add a list of admin OpenIDs to many websites and not lose sanity while maintaining that list across all servers? This module is for you.

You can still maintain arbitrary list of OpenIDs on each site, but the framework ensures a list of allowed and banned OpenIDs (for the "admin" user), in addition to the local list.

This tool is for Drupal service-providers that maintain many websites and need to give admin access to a number of people, across multiple websites, for maintenance and support purposes.

Requirements

  1. Install Libraries module (D5 version has a "safe" backport embedded): http://drupal.org/project/libraries
  2. Download YAML library from: http://code.google.com/p/spyc/
    Extract zip file and install spyc.php under "spyc" sub-folder of sites/all/libraries (or sites/sitename/libraries).

Also, please make sure to read README.txt accompanying the module, for installation and configuration instructions.

Maturity Status

Both client and server modules of the framework have been thoroughly tested in development and have no known issues. However, these modules are new, and have been used in production, only for a limited duration.

Credits

Categories: Actively maintained, Maintenance fixes only, Administration tools, Security

SSH Key

README.png

Manages OpenSSH public keys for Drupal accounts.

Categories: Actively maintained, Under active development, Security

Paranoid Form Validator

Paranoid Form Validator can be used to prevent security attacks (cross-site scripting, SQL injection) carried out by submitting forms with malicious data in some cases. It works by adding extra validation to forms and raising error if unsafe data were submitted in form fields.

Categories: Minimally maintained, Maintenance fixes only, Security

Country Ban

Country Ban can be used to set entire countries to "read only" or to ban their access completely. Setting a country to "read only" disables all account access for that region, automatically logging out any user which resides there and preventing new accounts from being generated. Websites set to 'read only' will still be able to be viewed anonymously. The website admin may also set a "complete ban", which will block the website entirely for all users of the configured region.

Country Ban is dependent upon IP-based Determination of a Visitor's Country as well as Country Codes API. These modules provide the country of origin that Country Ban requires to filter properly.

Categories: Minimally maintained, Maintenance fixes only, Site structure, Security, Access control

Spanish LOPD

This module implements some aspects that helps your site to be compliant to the Spanish LOPD Law about personal data management.

Categories: Unsupported, No further development, Security, Access control, Developer tools

Password Sentry

This project is no longer maintained. See the issue about its status for more information.

Categories: Unsupported, No further development, Administration tools, Security

Pages

Subscribe with RSS Subscribe to RSS - Security