Security App of the Week: Security Review for Drupal

The module checks for issues that could lead to vulnerable installations

By on October 16th, 2013 21:01 GMT

In case you’re the owner or the administrator of a website that uses the Drupal content management system, you should consider using Security Review, a module that’s designed to automatically identify configuration errors that lead to vulnerable installations.

Security Review is designed to check your Drupal installation for the following issues: file system permissions, dangerous tags allowed by text formats, PHP or JavaScript execution inside content field, safe error reporting, private files permissions and safe upload extensions.

It also verifies database errors, large numbers of failed logins, administrator permissions, weak passwords, passwords included in emails sent out to users, and PHP execution access.

To install it, simply log in to the administration panel, go to the Modules section, upload the module, and activate it. Security checks can be run from the Reports center. Drupal 6.x/7.x is required to run Security Review.

Download Security Review

Comments