DrupalCamp Vienna 2013
connecting open minds

Cracking Drupal

Coding & Development
Experience level: 
security, configuration, best practices
Schedule: Saturday, 11:00 in room Zensations

Cracking Drupal

Security is paramount, for almost any web application. We will take a look at security best practices to keep your site safe and take the perspective of an attacker to understand how they exploit things. I will show you common mistakes that Drupal Developers make when they write code and how they can be avoided. As a member of the security team and code review administrator on drupal.org I have seen a lot of code and what can go wrong with it.

Sharing my experience about:

  • XSS, CSRF, Access Bypass, SQL injection, DOS explained
  • Secure configuration (web server, file permissions, etc.)
  • Tools and Modules to improve security on your site