We really got to see Drupal come in full swing in 2015 as the CMS hosted the DrupalCon in different places around the world including the United States, Germany, Spain, and India to name a few. Last year we also discovered that the community is increasing its focus on security amidst the vulnerabilities that have affected CMS in the past few years. If you have a Drupal site, you should learn more about the security modules that protect your website, its content, and database from malicious attacks and cyber crime. Here are our top five picks for security modules in Drupal!
- Login Security Login Security is a simple, easy to use, and effective module in providing basic-level control access to prevent IP access to content. The admin can put access control in a login form, allowing them to deny access to IP addresses temporarily or permanently. Site admins also get email notifications on the history of login attempts. Best Feature: Allows user to disable core message feature, making it difficult for attackers to gain access. Our Rating: 5/5
- Password Policy Password Policy lets you define policies for passwords and implement limitations. This allows the admin to have various steps before a user can change passwords, preventing attackers from easy access to your site. You can add steps like username, character types, letters, digits, punctuation, uppercase and lowercase, and more with Password Policy. Best Feature: Adds a much-needed layer of protection for admins and users. Our Rating: 4/5
- Secure Pages Hijack Prevention Secure Pages Hijack Prevention is just what it sounds like – a module to add layers of security to various pages on your website. This enables the module to prevent attackers from accessing the SSL-encrypted pages. Best of all – it has free to use features and suggestions to further optimize site security! Best Feature: Easy to install, and recommended by the experts in the development community. Our Rating: 5/5
- Security Review Security Review is another highly recommended module that is designed to provide automated testing of your site in relation to security issues. The module is user-friendly and enables you to protect your site from arbitrary and code executions by checking the system permissions. You can also prevent XSS and boost security for private files. Best Feature: Allows you to keep track of security reviews. Our Rating: 5/5
- Two-factor Authentication (TFA) Want to add a more secure layer other than entering your username and password to access the admin site? The Two-factor Authentication (TFA) module allows you to add two-step verification, similar to what Google does, where you will receive a code via SMS which will allow you to login. TFA supports a whole range of second-factor verification systems and is designed to work with third-party applications and systems. Best Feature: Prevents flooding, tried and tested, oh and recommended by the developers! Our Rating: 5/5 These are all but a few of the many great security modules we have at our disposal for Drupal. Note that installing various modules can hamper the load time of your website, so choose wisely☺.