Skip to main content

Drupal Security Updates

Reading time: 2 minutes
Drupal logo

Drupal is constantly being updated to fix vulnerabilities. Staying updated with the latest version of Drupal helps prevent websites from being targeted. You can stay in the know by regularly monitoring Drupal’s Security Advisories. In addition, there are several security-related contributed modules that can help. Other best practices include code review or getting a Drupal security audit from a 3rd party.

Security Headers

These security headers can be added to Drupal website to improve pages security rating. Tested on Pantheon.

A generic example, adjust per site requirements:

Ban Bad Bots/IPs/User Agent/Country

Cloudflare

If a site's DNS is on Cloudflare, it is already filtering bad bots. To ban IP and User Agent, under Firewall > Firewall Rules

  • Add "Known Bots" equals On > Allow, to avoid accidentally block good bots if using any of the following
  • To ban by IP, add "IP Address" to bank
  • To ban by User Agent, add "User Agent" firewall rule
  • To ban by Country, add "Country" firewall rule
Pantheon/Acquia using settings.php

Refer to


About CK Ng

Chin Kiong "CK" has decades of Drupal development experience and has contributed hundreds of code commits to the Drupal community. He possesses a wild, insatiable talent and drive to solve even the most difficult technical problems in a wide range of technologies, and he brings excellence and elegance in his high-level architectural solutions as well as invaluable direction and advice. He has served as the lead architect for a number of high-profile clients and projects, including The Juilliard School, the University of Minnesota, Cornell, HelpSystems, and Estée Lauder. CK is a full-stack...
Read Full Bio

ABOUT O8

O8 is a different kind of agency, offering Fractional Marketing Services, including expert Digital Strategy, Web Design, and Marketing Automation. We understand that digital marketing gets harder each day, which is why we help marketing teams become more efficient, productive, and healthy. Here’s more information about why you might consider working with us.