Drupal 6 and 7 sites are still being tarred with what appears to be a malicious password reset request. It’s being reported that the majority of the target accounts are using common usernames such as admin, moderator or user.
We’ve seen no reports that a direct security vulnerability is evident, but this is a good time to do some security checks on your website. Obviously, it’s a great idea to change your username to something tougher to guess. But to be sure, we suggest working with your developer to review site settings and evaluate your security protocols.
Here’s a list of some simple tasks that you can perform at least once per month to help keep your site safe.
Review authorized users of your site and look for people that have additional roles.
Sort all users by last login date. Use your security protocols to determine if unused accounts should be revoked.
Check to see that all email addresses are correct.
Be sure usernames are unique rather than common names like admin, etc.
DIY Security Measures
If you see anything that looks strange or unexplainable, consider contacting a Drupal support agency to help you solve possible issues. Or you can try to solve the issues yourself with this set of steps and tips.
Peace of mind is knowing your site is secure and will operate as expected — ensuring a consistent and positive experience for your site visitors. Drupal is open source, and while open source has a tremendous benefit, it also means that security shouldn’t be taken for granted. Your website is your strongest marketing tool and ignoring Drupal security can have catastrophic consequences.
I hope you’ve found this article helpful. Be sure to follow the tips above and have someone experienced in Drupal security review your website.
If you need assistance from a Drupal security expert, Molly Duggan Associates OnDemand Drupal Support is here to help. We're fast, friendly—and in some instances, local. Please get in touch with us today for a security audit and ensure your website is secure.
Develop a single brand and deploy multiple subsites using sub-domains admissions.myuniversity.edu, financialaid.myuniversity.edu, etc. This functionality provides brand authority to the school and allows departments and schools to control their site content and features without the need to maintain multiple sites.
2. Responsive Design
9 out of 10 college students own a smartphone. Building a responsive site on a Content Management Framework is a no-brainer. Drupal makes it easy with many starter theme’s to work from.
3. Workflow Modules
Drupal’s workflow modules place professional authoring tools in the hands of everyone while providing granular control over who authors, edits and publishes content. Each step along the way can be communicated via email notifications to the people that need to take action.
4. Content & User Access Control
Site administrators can quickly control who can view content based on context, permissions, access love, and role.
Drupal internationalization suite of modules provides a workflow for adding new versions of content in your preferred language including providing language workflow.
6. Taxonomy System
Drupal has an incredible way of classifying content. Taxonomy libraries can be used to group content any way you like it.
7. Collaboration Modules
Drupal provides powerful collaboration features and document management for back-end users. Drupal is a prime system for supporting internal teams and research for university and college websites because of its wide array of collaboration tools.
8. Single Sign-On
It’s almost a standard that most every higher education institution has an existing authentication system. If you don’t have one, you can even use Drupal as your identity management system. Now that’s robust!
9. Community Support
Just starting out with Drupal? There are multiple higher education user groups as well as local user groups that meet almost months in-person and provide online help.
10. Build, Design, and Support
Colleges and Universities choose Molly Duggan Associates to design, build and support Drupal sites every day. Join us for a 20-minute Q&A where you can ask all the questions your heart desires. Learn why more and more higher education institutions are using Molly Duggan Associates OnDemand Drupal support to Design, Build and Manage their Content Management System.