Drupal Basic Security

Drupal has the reputation of being one of the CMS most concerned about security. You still need to do a security maintenance on your website.

If you secure your website, you secure your business. And is there are dangers on your website like phishing, or any of the infections that can kill your website and your reputation.

7 Tips to Improve Your Drupal Security

1- Keep Drupal and its components up to date

You must find the time to update both Drupal and all the components you use. Drupal regularly posts all the updates here.

One of the easiest ways to stay current is to follow the twitter where Drupal publishes its updates.

2- Delete any Drupal file, theme or component that is not strictly necessary

Once you’ve carried out the previous step, you should ideally remove any vulnerable points to be the gateway to infections and viruses. You must remove old backups, Drupal versions and components that you no longer use.

3- Backup your website (clean copies, please)

Before any possible infection, it is crucial that you keep copies of your website periodically. Here you can find a tool that can be useful for backups in Drupal.

4- Strong and complex user names and passwords

Practices such as not using admin in the admin user or using passwords generated based on their complexity, can be key to prevent them from infecting or hacking your web.

With this component of Drupal to generate secure passwords, you will have much easier to be protected from possible thefts or attacks by brute force. And to help you remembering complex and secure passwords we always recommend using free tools like KeePass.

5- Secure the login process

For this a good practice is the use of CAPTCHA. With this module we will validate that everything that completes our forms is a person.

Another way to protect your registry is to use mechanisms such as double user authentication or two-factor authentication. Here you will find a way to implement two-factor in Drupal.

6- Choose your hosting provider correctly

Your hosting provider must meet basic hosting and security conditions. It is true that security depends a lot on you, but your hosting provider has a lot to do with the security of your Drupal. Especially if you use a shared hosting.

7- Protect your website from hackers

It is very important not only that you check and eliminate possible malware frequently but prevent it. Protecting your website in a preventive way to attacks, viruses and hackers is fundamental to ensure the success of your online business and your brand.

Drupal Basic Security was last modified: June 16th, 2017 by WeSecur