Pixeldust Drupal Support Service

Drupal Update – Thoughts: Top tips: How to protect your Drupal maintenance support plans website

The extraordinary scale of the WannaCry ransomware infection has acted as a dramatic warning to organisations in all sectors. With thousands of organisations worldwide – including a significant proportion of the NHS – falling victim to the ransomware, it’s a timely reminder of the importance of robust cybersecurity.
 
Your organisation’s website is potentially one of the biggest parts of your overall ‘attack surface’, which cybercriminals will probe for a route into your network. As such, it is vital to implement solid tools and processes specifically designed to protect it against attack – and those tools and processes should be tailored to the content management system underpinning your site.
So, if your site is built on Drupal maintenance support plans, what are the best practices you should be following?

1. Upgrade to the latest version of Drupal maintenance support plans
The WannaCry attack has proliferated so dramatically because it relies on an exploit in an old version of Windows – one that Microsoft is no longer supporting. It is usual commercial practice for vendors and manufacturers to gradually withdraw support from older hardware and software – this is the case with Drupal maintenance support plans, as with Microsoft. If you have not yet migrated to the latest version – Drupal maintenance support plans 8 – that should be your first priority.
 
2. Upgrade to the latest version of modules
Drupal maintenance support plans is a modular CMS, with thousands of options available to extend your basic system. As such, it is not enough to simply ensure you’re running the latest, best-protected version of Drupal maintenance support plans – you need to make sure you’re doing the same with each individual module. The author of each extension is responsible for providing appropriate security upgrades and patches, but these will generally only apply to the latest version of the module. If you’re running an old one, you’re not protected.
 
3. Remove unnecessary modules
By the same token, running modules on your site that you no longer need is simply increasing your potential attack surface – and your security management burden. Implement a process to ensure that you are continually reviewing all of the modules you have added, and get rid of the surplus.
 
4. Use the Status Report tool
The Status Report functions sits within your Drupal maintenance support plans Admin area. Its job is to alert you to any issues with the code base underpinning your site – which includes out of date modules and code. It is the easiest way to keep on top of your website management and ensure that you are deploying the latest versions of everything. Don’t forget to enable your core update manager module so that you get regular notifications.
 
5. Practice strong user management
As the old saying goes, people are the weakest link in any security chain. Keeping a tight handle on the people who actually use your website can dramatically shore up your overall security posture. Undertake a regular check to ensure that you are removing inactive users such as those who have left the organisation, and ensure that those who remain only have access to the minimum areas of the site they need to, not the whole site by default.
Various functions are available within Drupal maintenance support plans to shore up login and user processes, such as the Login Security module, which restricts unauthorised access attempts, and blocking the ‘user #1’ account that is created during setup, which automatically has all permissions in place.
 
6. Monitor your logs
Drupal maintenance support plans’s integrated log viewer, within the reports area, is an extremely valuable tool when it comes to ascertaining that a cyberattack is taking place and assessing what has actually happened. Make sure you check your log reports regularly, and are alert to early warning signs such as failed login attempts.
 
7. Enable HTTPS
HTTPS is most commonly used for ecommerce sites and online banking, but any site that transfers sensitive information between user and web server should also be using it.
These seven best practices will have a dramatic effect on the overall security of your Drupal maintenance support plans website, and ensure you can continue benefitting from the flexibility of the platform without sacrificing protection.
 


Source: New feed

This article was republished from its original source.
Call Us: 1(800)730-2416

Pixeldust is a 20-year-old web development agency specializing in Drupal and WordPress and working with clients all over the country. With our best in class capabilities, we work with small businesses and fortune 500 companies alike. Give us a call at 1(800)730-2416 and let’s talk about your project.

Let's Talk About a Project

FREE Drupal SEO Audit

Test your site below to see which issues need to be fixed. We will fix them and optimize your Drupal site 100% for Google and Bing. (Allow 30-60 seconds to gather data.)

Powered by

Drupal Update – Thoughts: Top tips: How to protect your Drupal maintenance support plans website

On-Site Drupal SEO Master Setup

We make sure your site is 100% optimized (and stays that way) for the best SEO results.

With Pixeldust On-site (or On-page) SEO we make changes to your site’s structure and performance to make it easier for search engines to see and understand your site’s content. Search engines use algorithms to rank sites by degrees of relevance. Our on-site optimization ensures your site is configured to provide information in a way that meets Google and Bing standards for optimal indexing.

This service includes:

  • Pathauto install and configuration for SEO-friendly URLs.
  • Meta Tags install and configuration with dynamic tokens for meta titles and descriptions for all content types.
  • Install and fix all issues on the SEO checklist module.
  • Install and configure XML sitemap module and submit sitemaps.
  • Install and configure Google Analytics Module.
  • Install and configure Yoast.
  • Install and configure the Advanced Aggregation module to improve performance by minifying and merging CSS and JS.
  • Install and configure Schema.org Metatag.
  • Configure robots.txt.
  • Google Search Console setup snd configuration.
  • Find & Fix H1 tags.
  • Find and fix duplicate/missing meta descriptions.
  • Find and fix duplicate title tags.
  • Improve title, meta tags, and site descriptions.
  • Optimize images for better search engine optimization. Automate where possible.
  • Find and fix the missing alt and title tag for all images. Automate where possible.
  • The project takes 1 week to complete.
MASTER YOUR DRUPAL SEO
Pixeldust and Pantheon Drupal Development
256