Ben Marcus's books The Age of Wire and String and Notable American Women were considered "experimental" fiction because of his unconventional use of...
Continue »
Uncover threats and protect your Drupal® site with proven strategies
What is the worst-case scenario if your Web site gets attacked and the security is broken? By following the strategies in this guide, you don't have to find out. It first walks you through the vulnerabilities you'll face and the steps you should take to protect a basic Drupal site. You'll then discover how to review a module to find weaknesses and fix them. And you'll learn how to keep your site running securely by implementing more advanced techniques.
Take control of your site by learning how to:
Prevent the common ways that Drupal gets cracked
Uncover parts of the attack surface that can expose your site
Install extra modules and configure Drupal to maintain your site's security
Control the security of your site using Drupal's API
Utilize the Drupal Access system to limit who can see specific content
Test your site with automated scanners like Grendel
Follow strategies to find, exploit, and avoid vulnerabilities
Leverage resources from the Drupal Security Team
For all the code in this book, as well as all the latest updates, visit the Web site http://crackingdrupal.com.
Synopsis:
The first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing Drupal is an open source framework and content management system that allows users to create and organize content, customize presentation, automate tasks, and manage site visitors and contributors. Authored by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing. The main goal of this guide is to explain how to write code that avoids an attack in the Drupal environment, while also addressing how to proceed if vulnerability has been spotted and then regain control of security.
Synopsis:
Readers will first be educated on the most common vulnerabilities they are likely to encounter as a site administrator. From this basis, we then transition into the proper way to write code to prevent attacks within the Drupal environment. Finally, readers will learn how to spot vulnerabilities in existing modules, how to find sites with these vulnerabilities, and then exploit one or more vulnerabilities to take control of a site. Understanding this mindset and being paranoid of it is the first step in keeping your site safe. Contents include:
* Intro: That Horrible Sinking Feeling
* Part I: Anatomy of Vulnerabilities
* Chapter 1: Common Ways Drupal Gets Cracked
* Chapter 2: Vulnerabilities Outside Drupal
* Part 2: Protecting Against Vulnerabilities
* Chapter 3: Protecting With Drupal Configuration
* Chapter 4: The User and Permission System
* Chapter 5: Dangerous Input, Cleaning Output
* Chapter 6: Safety in the Theme
* Chapter 7: Drupal Access System
* Chapter 8: Protecting Your Server
* Part 3: Weaknesses in the Wild
* Chapter 9: Finding, Exploiting and Avoiding Vulnerabilities
Greg James Knaddison is Principal of Growing Venture Solutions and a dedicated Drupalista. As a member of the Drupal security team, Knaddison has participated in every part of the process including identifying vulnerabilities, creating fixes, testing fixes, and writing security documentation and advisories. He has also contributed modules and publishes the news site DrupalDashboard.com.
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Networking/Security
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Software Engineering - Programming and Languages
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Subject:
Drupal, security threats to Drupal, preventing attacks in Drupal, preventing hacks in Drupal, cracking Drupal, hacking Drupal, security issues in Drupal, building a secure site with Drupal, writing code in Drupal, spotting vulnerabilties in Drupal, securi
Copyright:
2009
Publication Date:
February 2009
Binding:
Electronic book text in proprietary or open standard format
Product details
240 pages
John Wiley & Sons -
English9780470429037
Reviews:
"Synopsis"
by Wiley,
The first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing Drupal is an open source framework and content management system that allows users to create and organize content, customize presentation, automate tasks, and manage site visitors and contributors. Authored by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing. The main goal of this guide is to explain how to write code that avoids an attack in the Drupal environment, while also addressing how to proceed if vulnerability has been spotted and then regain control of security.
"Synopsis"
by Wiley,
Readers will first be educated on the most common vulnerabilities they are likely to encounter as a site administrator. From this basis, we then transition into the proper way to write code to prevent attacks within the Drupal environment. Finally, readers will learn how to spot vulnerabilities in existing modules, how to find sites with these vulnerabilities, and then exploit one or more vulnerabilities to take control of a site. Understanding this mindset and being paranoid of it is the first step in keeping your site safe. Contents include:
* Intro: That Horrible Sinking Feeling
* Part I: Anatomy of Vulnerabilities
* Chapter 1: Common Ways Drupal Gets Cracked
* Chapter 2: Vulnerabilities Outside Drupal
* Part 2: Protecting Against Vulnerabilities
* Chapter 3: Protecting With Drupal Configuration
* Chapter 4: The User and Permission System
* Chapter 5: Dangerous Input, Cleaning Output
* Chapter 6: Safety in the Theme
* Chapter 7: Drupal Access System
* Chapter 8: Protecting Your Server
* Part 3: Weaknesses in the Wild
* Chapter 9: Finding, Exploiting and Avoiding Vulnerabilities
Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and eBooks — here at Powells.com.
Don't Miss
