Authors: 
Publisher: 
Wiley
Publication date: 
2009-05
Page count: 
240
ISBN-13: 
978-0470429037

See the original announcement about Cracking Drupal’s release in the Drupal news section.

Publisher’s description:

The first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing Drupal is an open source framework and content management system that allows users to create and organize content, customize presentation, automate tasks, and manage site visitors and contributors. Authored by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing. The main goal of this guide is to explain how to write code that avoids an attack in the Drupal environment, while also addressing how to proceed if vulnerability has been spotted and then regain control of security.

From the Back Cover

Uncover threats and protect your Drupal® site with proven strategies
What is the worst-case scenario if your Web site gets attacked and the security is broken? By following the strategies in this guide, you don't have to find out. It first walks you through the vulnerabilities you'll face and the steps you should take to protect a basic Drupal site. You'll then discover how to review a module to find weaknesses and fix them. And you'll learn how to keep your site running securely by implementing more advanced techniques.
Take control of your site by learning how to:

  • Prevent the common ways that Drupal gets cracked
  • Uncover parts of the attack surface that can expose your site
  • Install extra modules and configure Drupal to maintain your site's security
  • Control the security of your site using Drupal's API
  • Utilize the Drupal Access system to limit who can see specific content
  • Test your site with automated scanners like Grendel
  • Follow strategies to find, exploit, and avoid vulnerabilities
  • Leverage resources from the Drupal Security Team

For all the code in this book, as well as all the latest updates, visit the Web site http://crackingdrupal.com.

About the Author

Greg James Knaddison is Principal of Growing Venture Solutions and a dedicated Drupalista. As a member of the Drupal security team, Knaddison has participated in every part of the process including identifying vulnerabilities, creating fixes, testing fixes, and writing security documentation and advisories. He has also contributed modules and publishes the news site DrupalDashboard.com.