Drupal security best practices

•

1 gefällt mir•735 views

Drupal is one of the most secure open source CMS Systems and applications framworks - If you treat it well. If not it can be open(ed) for everyone. This session will show the most important best practices to keep Drupal sites secure in every stage of a project's lifecycle, which are: - Development (code) - Sitebuilding (configuration) - Hosting and Operation - Maintenance - Patch management As modern open source software, and Drupal in particular, is more and more based on other open source libraries this slides present a workflow and tools to establish continuous security for Drupal (and other library based open source software) with integration into development and QA processes.

best practices

●
●
○
○
○
We‘re hiring!

Enjoy sleepless nights!
#youhavebeenhacked

➔
➔
➔
➔
➔

➔
➔
➔

➔
➔
➔
➔
➔
➔
➔

➔
➔

➔
➔
☝

➔
➔

➔
➔
➔
➔
➔
➔
➔

➔
➔
➔
…
➔
➔

➔
➔
➔
➔
❕

➔
➔
➔
➔

●
●
●
●
●
● ……

➔
➔
➔
➔
➔
➔
➔

➔
➔
➔

➔
➔
➔
➔
➔

➔
➔

❗
❗
→
❗

➔
➔
➔
➔

➔
➔
➔
➔ →
➔

➔
➔
➔

➔
➔
➔

➔
◆
◆
◆
➔
➔
➔
➔
◆

➔
➔
➔
➔

➔
➔

➔
➔
➔

Thank You !

Weitere ähnliche Inhalte

Mehr von Manuel Pistner

Building Drupal sites that content authors love

Building Drupal sites that content authors love

Building Drupal sites that content authors loveManuel Pistner

How to automate your DevSecOps successfully

How to automate your DevSecOps successfully

How to automate your DevSecOps successfullyManuel Pistner

Marketing automation with Drupal

Marketing automation with Drupal

Marketing automation with DrupalManuel Pistner

KonM 40 digital - Der schlanke Weg zur Digitalen Transformation

KonM 40 digital - Der schlanke Weg zur Digitalen Transformation

KonM 40 digital - Der schlanke Weg zur Digitalen TransformationManuel Pistner

Digitale Innovation und neue Geschäftsmodelle

Digitale Innovation und neue Geschäftsmodelle

Digitale Innovation und neue GeschäftsmodelleManuel Pistner

Drupal business applications

Drupal business applications

Drupal business applications Manuel Pistner

Working in distributed remote teams

Working in distributed remote teams

Working in distributed remote teamsManuel Pistner

Cyber physische Produktion von CNC Fräsprodukten

Cyber physische Produktion von CNC Fräsprodukten

Cyber physische Produktion von CNC FräsproduktenManuel Pistner

Drupal integration best practises

Drupal integration best practises

Drupal integration best practisesManuel Pistner

Open source business apps

Open source business apps

Open source business appsManuel Pistner

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimieren

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimieren

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimierenManuel Pistner

Cross enterprise CMS integration

Cross enterprise CMS integration

Cross enterprise CMS integrationManuel Pistner

ERPAL for Service Providers - Vortrag TIZ

ERPAL for Service Providers - Vortrag TIZ

ERPAL for Service Providers - Vortrag TIZManuel Pistner

Erpal Platform - Preview of the Drupal business application framework

Erpal Platform - Preview of the Drupal business application framework

Erpal Platform - Preview of the Drupal business application frameworkManuel Pistner

Drupal cross enterprise integration on an example of Sharepoint

Drupal cross enterprise integration on an example of Sharepoint

Drupal cross enterprise integration on an example of SharepointManuel Pistner

ERPAL - The project management distribution

ERPAL - The project management distribution

ERPAL - The project management distributionManuel Pistner

Agile and fixed price Drupal projects

Agile and fixed price Drupal projects

Agile and fixed price Drupal projectsManuel Pistner

Mehr von Manuel Pistner (17)

Building Drupal sites that content authors love

Building Drupal sites that content authors love

Building Drupal sites that content authors love

How to automate your DevSecOps successfully

How to automate your DevSecOps successfully

How to automate your DevSecOps successfully

Marketing automation with Drupal

Marketing automation with Drupal

Marketing automation with Drupal

KonM 40 digital - Der schlanke Weg zur Digitalen Transformation

KonM 40 digital - Der schlanke Weg zur Digitalen Transformation

KonM 40 digital - Der schlanke Weg zur Digitalen Transformation

Digitale Innovation und neue Geschäftsmodelle

Digitale Innovation und neue Geschäftsmodelle

Digitale Innovation und neue Geschäftsmodelle

Drupal business applications

Drupal business applications

Drupal business applications

Working in distributed remote teams

Working in distributed remote teams

Working in distributed remote teams

Cyber physische Produktion von CNC Fräsprodukten

Cyber physische Produktion von CNC Fräsprodukten

Cyber physische Produktion von CNC Fräsprodukten

Drupal integration best practises

Drupal integration best practises

Drupal integration best practises

Open source business apps

Open source business apps

Open source business apps

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimieren

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimieren

Wie Web und Mobile-Technologien Service- und Vertriebsprozesse optimieren

Cross enterprise CMS integration

Cross enterprise CMS integration

Cross enterprise CMS integration

ERPAL for Service Providers - Vortrag TIZ

ERPAL for Service Providers - Vortrag TIZ

ERPAL for Service Providers - Vortrag TIZ

Erpal Platform - Preview of the Drupal business application framework

Erpal Platform - Preview of the Drupal business application framework

Erpal Platform - Preview of the Drupal business application framework

Drupal cross enterprise integration on an example of Sharepoint

Drupal cross enterprise integration on an example of Sharepoint

Drupal cross enterprise integration on an example of Sharepoint

ERPAL - The project management distribution

ERPAL - The project management distribution

ERPAL - The project management distribution

Agile and fixed price Drupal projects

Agile and fixed price Drupal projects

Agile and fixed price Drupal projects

Kürzlich hochgeladen

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...OnePlan Solutions

Sending Calendar Invites on SES and Calendarsnack.pdf

Sending Calendar Invites on SES and Calendarsnack.pdf

Sending Calendar Invites on SES and Calendarsnack.pdf31events.com

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service9953056974 Low Rate Call Girls In Saket, Delhi NCR

What is Fashion PLM and Why Do You Need It

What is Fashion PLM and Why Do You Need It

What is Fashion PLM and Why Do You Need ItWave PLM

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko

How to submit a standout Adobe Champion Application

How to submit a standout Adobe Champion Application

How to submit a standout Adobe Champion ApplicationBradBedford3

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López

VK Business Profile - provides IT solutions and Web Developmentvyaparkranti

Folding Cheat Sheet #4 - fourth in a series

Folding Cheat Sheet #4 - fourth in a series

Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz

PREDICTING RIVER WATER QUALITY ppt presentation

PREDICTING RIVER WATER QUALITY ppt presentation

PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122

CRM Contender Series: HubSpot vs. Salesforce

CRM Contender Series: HubSpot vs. Salesforce

CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies

Powering Real-Time Decisions with Continuous Data Streams

Powering Real-Time Decisions with Continuous Data Streams

Powering Real-Time Decisions with Continuous Data StreamsSafe Software

Odoo 14 - eLearning Module In Odoo 14 Enterprise

Odoo 14 - eLearning Module In Odoo 14 Enterprise

Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts

A healthy diet for your Java application Devoxx France.pdf

A healthy diet for your Java application Devoxx France.pdf

A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea

Introduction Computer Science - Software Design.pdf

Introduction Computer Science - Software Design.pdf

Introduction Computer Science - Software Design.pdfFerryKemperman

Implementing Zero Trust strategy with Azure

Implementing Zero Trust strategy with Azure

Implementing Zero Trust strategy with AzureDinusha Kumarasiri

Automate your Kamailio Test Calls - Kamailio World 2024

Automate your Kamailio Test Calls - Kamailio World 2024

Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig

Advantages of Odoo ERP 17 for Your Business

Advantages of Odoo ERP 17 for Your Business

Advantages of Odoo ERP 17 for Your BusinessEnvertis Software Solutions

Kürzlich hochgeladen (20)

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...

Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...

Sending Calendar Invites on SES and Calendarsnack.pdf

Sending Calendar Invites on SES and Calendarsnack.pdf

Sending Calendar Invites on SES and Calendarsnack.pdf

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service

Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service

What is Fashion PLM and Why Do You Need It

What is Fashion PLM and Why Do You Need It

What is Fashion PLM and Why Do You Need It

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf

GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf

How to submit a standout Adobe Champion Application

How to submit a standout Adobe Champion Application

How to submit a standout Adobe Champion Application

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...

Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...

VK Business Profile - provides IT solutions and Web Development

Folding Cheat Sheet #4 - fourth in a series

Folding Cheat Sheet #4 - fourth in a series

Folding Cheat Sheet #4 - fourth in a series

PREDICTING RIVER WATER QUALITY ppt presentation

PREDICTING RIVER WATER QUALITY ppt presentation

PREDICTING RIVER WATER QUALITY ppt presentation

CRM Contender Series: HubSpot vs. Salesforce

CRM Contender Series: HubSpot vs. Salesforce

CRM Contender Series: HubSpot vs. Salesforce

Powering Real-Time Decisions with Continuous Data Streams

Powering Real-Time Decisions with Continuous Data Streams

Powering Real-Time Decisions with Continuous Data Streams

Odoo 14 - eLearning Module In Odoo 14 Enterprise

Odoo 14 - eLearning Module In Odoo 14 Enterprise

Odoo 14 - eLearning Module In Odoo 14 Enterprise

A healthy diet for your Java application Devoxx France.pdf

A healthy diet for your Java application Devoxx France.pdf

A healthy diet for your Java application Devoxx France.pdf

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样

办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样

Introduction Computer Science - Software Design.pdf

Introduction Computer Science - Software Design.pdf

Introduction Computer Science - Software Design.pdf

Implementing Zero Trust strategy with Azure

Implementing Zero Trust strategy with Azure

Implementing Zero Trust strategy with Azure

Automate your Kamailio Test Calls - Kamailio World 2024

Automate your Kamailio Test Calls - Kamailio World 2024

Automate your Kamailio Test Calls - Kamailio World 2024

Advantages of Odoo ERP 17 for Your Business

Advantages of Odoo ERP 17 for Your Business

Advantages of Odoo ERP 17 for Your Business

Drupal security best practices

1.

2. best practices

3. ● ● ○ ○ ○ We‘re hiring!

4. Enjoy sleepless nights! #youhavebeenhacked

5. ➔ ➔ ➔ ➔ ➔

7. ➔ ➔ ➔ ➔ ➔ ➔ ➔

11. ➔ ➔ ➔ ➔ ➔ ➔ ➔

12.

13.

14. ➔ ➔ ➔ … ➔ ➔

15.

16. ➔ ➔ ➔ ➔ ❕

17. ➔ ➔ ➔ ➔

18. ● ● ● ● ● ● ……

19. ➔ ➔ ➔ ➔ ➔ ➔ ➔

20. ➔ ➔ ➔

21. ➔ ➔ ➔ ➔ ➔

22.

24.

25.

26.

27. ❗ ❗ → ❗

28.

29. ➔ ➔ ➔ ➔

31. ➔ ➔ ➔ ➔ → ➔

32. ➔ ➔ ➔

33.

34. ➔ ➔ ➔

35. ➔ ◆ ◆ ◆ ➔ ➔ ➔ ➔ ◆

36. ➔ ➔ ➔ ➔

38. ➔ ➔ ➔

39. Thank You !