This site is archived.

Drupal Security - Configuration and Process

Configuration, Set-Up & Performance


Additional Presenters:  Gábor Hojtsy


Configuration, Set-Up & Performance


Beginner | Intermediate


Curious | Developer

Drupal Security - Configuration and Process

Day:  Tuesday, 24. august 2010
Time:  14:45-15:45
45 minutes (+15 minutes Q&A)



Drupal is a powerful tool that can be configured many ways, sometimes insecurely. Knowing attack vectors against your site and how to prevent them is important for everyone building a Drupal site. In this session, aimed at site-administrators, we'll discuss some vulnerabilities, proper configuration, and what you can do to maintain your site's security.

Topics include:

  • Common vulnerabilities and what they mean
  • Drupal defaults and why you should care
  • Trusting site visitors
  • How to recover from attack

Attendees will receive a better understanding of web security and the importance of a strong security process. The session covers a broad set of topics and is designed to provide a foundational, yet functional, introduction to Drupal security.

About the speakers:

Members of the Drupal Security Team, Ben Jeavons and Gábor Hojtsy have spoken on security at previous DrupalCon's and at many DrupalCamps. Additionally, Gábor is the Drupal 6 branch co-maintainer and Ben co-wrote the Drupal Security Report.


Perhaps you guys can join

10. July 2010 - 18:42

Perhaps you guys can join forces with the presenter from ?

I've had feedback in previous

2. August 2010 - 22:24

I've had feedback in previous presentations that too much swapping between presenters is distracting and reflects negatively on the entire session. I think two presenters is enough for this session.