Skip to main content
Skip to search
Get Started
Community & Support
Documentation
Download & Extend
Marketplace
About
Drupal
Search Drupal.org
Refine your search
All
Modules
Themes
Documentation
Forums & Issues
Groups
Drupal Homepage
Log in / Register
About Drupal
Frequently asked questions
Questions and answers commonly asked of the Drupal Security Team.
Disclosure of usernames and user ids is not considered a weakness
How do I protect my site against Brute Force Attacks?
Security advisories process and permissions policy
User accounts with un-verified e-mail addresses
Why doesn't Drupal hide CHANGELOG.txt?
‹ Security Risk Levels
up
Disclosure of usernames and user ids is not considered a weakness ›
About Drupal
About the Drupal project
Mission and principles
Drupal project Frequently Asked Questions (FAQ)
History
Core developers
Security team
How to report a security issue
Security Risk Levels
Frequently asked questions
Disclosure of usernames and user ids is not considered a weakness
How do I protect my site against Brute Force Attacks?
Security advisories process and permissions policy
User accounts with un-verified e-mail addresses
Why doesn't Drupal hide CHANGELOG.txt?
My site was defaced ("hacked"). Now what?
Security release numbers explained
Security team procedures
Security track record
Contacted by the security team. Now what?
Rolling a new Drupal core release
Drupal Accessibility Statement
Getting support
Licensing FAQ
Press releases
Sites Made with Drupal
What's New in Drupal 7
Marketing resources
nobody click here