Malicious Password Reset Requests on Drupal Sites - It's still happening!

Drupal 6 and 7 sites are still being tarred with what appears to be a malicious password reset request. It’s being reported that the majority of the target accounts are using common usernames such as admin, moderator or user.

We’ve seen no reports that a direct security vulnerability is evident, but this is a good time to do some security checks on your website. Obviously, it’s a great idea to change your username to something tougher to guess. But to be sure, we suggest working with your developer to review site settings and evaluate your security protocols.

Here’s a list of some simple tasks that you can perform at least once per month to help keep your site safe.

  • Review authorized users of your site and look for people that have additional roles. 
  • Sort all users by last login date. Use your security protocols to determine if unused accounts should be revoked.
  • Check to see that all email addresses are correct.
  • Be sure usernames are unique rather than common names like admin, etc.

DIY Security Measures

If you see anything that looks strange or unexplainable, consider contacting a Drupal support agency to help you solve possible issues. Or you can try to solve the issues yourself with this set of steps and tips.

If you’re proficient with Drupal, add Captcha or Honeypot on all forms for non-logged-in users and limit name guessing attempts with Flood Control module.

Peace of Mind

Peace of mind is knowing your site is secure and will operate as expected — ensuring a consistent and positive experience for your site visitors. Drupal is open source, and while open source has a tremendous benefit, it also means that security shouldn’t be taken for granted. Your website is your strongest marketing tool and ignoring Drupal security can have catastrophic consequences.

I hope you’ve found this article helpful. Be sure to follow the tips above and have someone experienced in Drupal security review your website.

If you need assistance from a Drupal security expert, Molly Duggan Associates OnDemand Drupal Support is here to help. We're fast, friendly—and in some instances, local. Please get in touch with us today for a security audit and ensure your website is secure.