Drupal Security

It is important to keep your Drupal installation secure to avoid service interruptions, compromised data, hijacked servers and more. Here you can browse a selection of articles discussing common Drupal security concerns.

If you login has been blocked it might be that you entered your password incorrectly too many times. Drupal has protection from a brute force hacking attempt so you will need to wait half an hour before trying again.

If you think your website has been stolen and someone else now has illegitimate access to your website please read "My Website Has Been Stolen".

Last updated: Tuesday, December 22, 2015 - 07:58

If somebody has stolen your admin account and changed the password so that you can no longer login, all is not lost provided you can still get direct access to the database.

The solution will involve working directly on your database. Specifically your Drupal database will have a users table. For securty reasons you will not be able to see any passwords in this table because they are all hashed. However, if you create a new user with a known password then you can apply that password to your old admin account in order to recover it,

Last updated: Tuesday, December 22, 2015 - 07:50

When your Drupal site has been hacked it is important to rapidly assess the damage and take action.

The first order of business is to determine which of the following you are facing:

Last updated: Tuesday, December 8, 2015 - 13:16