Security is paramount, for almost any web application. We will take a look at security best practices to keep your site safe and take the perspective of an attacker to understand how they exploit things. I will show you common mistakes that Drupal Developers make when they write code and how they can be avoided. As a member of the security team and code review administrator on drupal.org I have seen a lot of code and what can go wrong with it. Sharing my experience about:

  • XSS, CSRF, Access Bypass, SQL injection, DOS explained
  • Secure configuration (web server, file permissions, etc.)
  • Tools and Modules to improve security on your site

Download the slides

Location

The Galaxy

Experience level

Intermediate

Keywords

security