Search Images Maps Play YouTube News Gmail Drive More »
My library | Help | Advanced Book Search | Web History | Sign in

Books

Cracking Drupal:

A Drop in the Bucket (Google eBook)
Front Cover
1 Review
John Wiley & Sons, Mar 4, 2011 - Computers - 240 pages
The first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing Drupal is an open source framework and content management system that allows users to create and organize content, customize presentation, automate tasks, and manage site visitors and contributors. Authored by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing. The main goal of this guide is to explain how to write code that avoids an attack in the Drupal environment, while also addressing how to proceed if vulnerability has been spotted and then regain control of security.
  

What people are saying - Write a review

Review: Cracking Drupal: A Drop in the Bucket

User Review  - Ivan Breet - Goodreads

Probably the best Drupal focused book out there. It get's you ripping apart sites in just a few chapters. The book covers various security vulnerabilities and solution in a basic but well explained manner. I really recommend this for all non-beginner Drupal developers. Read full review

Related books

Leveraging Drupal: Getting Your Site Done Right
Leveraging Drupal: Getting Your Site Done Right
Victor Kane
Limited preview - 2009
Pro Drupal Development
Pro Drupal Development
John K. VanDyk,Matt Westgate
Limited preview - 2007
Drupal 7: Visual QuickStart Guide
Drupal 7: Visual QuickStart Guide
Tom Geller
Limited preview - 2010
All related books »

Selected pages

Contents

Acknowledgments
Anatomy of Vulnerabilities
Social and Physical Vulnerabilities
Protecting Your Site with Configuration
Drupals User and Permissions System
Dangerous Input Cleaning Output
Common Mistakes
The Drupal Access System
Automated Security Testing
Finding Exploiting and Avoiding Vulnerabilities
UnCracking Drupal
Function Reference
Installing and Using Drupal 6 Fresh out of the
Leveraging Community Resources
Index
Copyright

Common terms and phrases

access arguments access callback admin allows application array attack surface best practices block blog browser Chapter check boxes checkiplain client Coder Concurrent Version System configuration content type contributed modules create cross-site request forgery cross-site scripting CSRF database default delete Drupal 6.x Drupal API Drupal core Drupal installation Drupal project drush edit example executed feature field Figure filter Form API Go to Administer grep hash implementation input formats JavaScript jQuery language login menu system MySQL node access OpenlD OWASP password Password Strength permissions placeholders privilege escalation problems protect provides query role safe Security Scanner security team server session simple specific SQL injection string Table tags team leader template theme function tool Translation Studio upload user object user stories useriaccess username Vulnerable module weaknesses web application workflow

About the author (2011)

Greg James Knaddison is Principal of Growing Venture Solutions and a dedicated Drupalista. As a member of the Drupal security team, Knaddison has participated in every part of the process including identifying vulnerabilities, creating fixes, testing fixes, and writing security documentation and advisories. He has also contributed modules and publishes the news site DrupalDashboard.com.

Bibliographic information

QR code for Cracking Drupal
TitleCracking Drupal: A Drop in the Bucket
AuthorGreg Knaddison
PublisherJohn Wiley & Sons, 2011
ISBN1118080718, 9781118080719
Length240 pages
Subjects ›  › 

Computers / Programming Languages / General
  
Export CitationBiBTeX EndNote RefMan