15 + Modules for Making Your Drupal Website Secure

Drupal is the popular open-source content management system written in PHP. Although it only powers around 2.5% websites on the web, but it is still important. Many developers use Drupal for their websites. It gets regular security and version updates to add more security and features in this popular CMS. It also has a wide community of developers who contribute on modules and themes. This is why one can easily get free themes and modules to use in the Drupal based website for free. Drupal was developed by considering security and it also gets regular updates to fix known security issues. However, hackers always try to find vulnerabilities in Drupal, its themes or modules to hack into Drupal based websites. It is also a prime target of hackers. Therefore, users who want to use Drupal for their websites must follow security practices to make their website secure. In this article, I will try to cover how to make a Drupal based website secure. I will also add the best security modules available for Drupal.

Like other content management systems, Drupal also offers timely security updates. But there is the possibility of 0-day vulnerabilities and vulnerabilities in modules and themes. Researchers also found that contributed modules are themes have more chances of risk. Most of the times, if there is any big vulnerability, it is due to the contributed module or theme. Core Drupal seems to have less chance of risk. However, it is not possible to use the contributed modules in a project. This is the reason, users must be aware of the security. They must follow the best security practices. Securing a Drupal based website is also very similar to what we do with other kind of websites. Only you have to figure out how to do these security practices things in Drupal.

In this post, I am adding the best security modules available for Drupal. You can install these modules to enhance security of your Drupal based website.

(veel …)

Kommentaare pole

remove html tables

Code to remove tables from an HTML file:

$pattern[] = '%<table\b[^>]*+>(?:(?R)|[^<]*+(?:(?!</?table\b)<[^<]*+)*+)*+</table>%i';
$replace[] = '';
$filtered_html = preg_replace($pattern, $replace, $html);

Kommentaare pole

Links

jQuery cheat sheet

HTML5 cheat sheet tags

HTML5 cheat sheet events

HTML5 cheat sheet canvas

HTML5 cheat sheet

CSS3 cheat sheet

Kommentaare pole

blank HTML5 page template

Here is little sample of simpel html5 blank page.

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="description" content="blank HTML5 page template">
  	<meta name="author" content="Mikk Miggur">
    <title>title</title>
    <link rel="stylesheet" href="style.css">
    <script src="script.js"></script>
  </head>
  <body>
    <!-- page content -->
  </body>
</html>

Kommentaare pole

embed youtube video with high quality

With iframe can embed high quality video from youtube to your special place with small resolution.

In the end on url there is vq=hd720 that mean vidoe quality is 720p.

You can change it to other values.

vq=small this is 240p; low quality and fastest to load

vq=medium this is 360p; acceptable quality and still rather fast

vq=large this is 480p; high quality, buffers slower

vq=hd720 this is 720p; best quality, buffers slowest

<iframe width="320" height="180" src="https://www.youtube.com/embed/O4QZosfrKzE?version=3&vq=hd720" frameborder="0" allowfullscreen></iframe>

Kommentaare pole

One extendion to my captcha script

There is one little extendion to my captcha script.

For reloading captcha to get new on there is little javascript for that.

First add ID to captcha image.

<img src='captcha.php' id='captcha' alt='Click to get new'/>

And then add this javascript to form page

<script type="text/javascript">
$('#captcha').click(function(event){
  $('#captcha').attr('src', $('#captcha').attr('src')+'#');
});
</script>

 

Kommentaare pole

Simple captcha php script

captcha
First create file captcha.php and add following content to it.

<?php session_start();

// generate random characters and store in session
$characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$randomnr = '';
//generate image. Image size
$im = imagecreatetruecolor(200, 60);
//colors:
$white = imagecolorallocate($im, 255, 255, 255);
$grey = imagecolorallocate($im, 128, 128, 128);
$black = imagecolorallocate($im, 0, 0, 0);
imagefilledrectangle($im, 0, 0, 200, 35, $black);

//first character shadow position from left
$x1 = 20;
//first character position from left
$x2 = 12;
//characters shadows position from top
$y1 = 44;
//characters position from top
$y2 = 46;
//spacing between characters 
$xx = 37;

//captcha text font
  $font = 'captcha2.ttf';

for ($i = 0; $i < 5; $i++){
//get random character from characters lists
  $character = $characters[mt_rand(0, 61)]; 
  $randomnr .= $character;

  //text size +-3
  $white_size = 34+(rand(0,6)-3);  
  $grey_size = 34+(rand(0,6)-3);

  //character angle +-20
  $angle = (rand(0,40)-20); 

  //draw text:
  imagettftext($im, $grey_size, $angle, $x1, $y1, $grey, $font, $character);  
  imagettftext($im, $white_size, $angle, $x2, $y2, $white, $font, $character);

  $x1 = $x1 + $xx;
  $x2 = $x2 + $xx;
  $y1 = $y1 + (rand(0,4)-2);
  $y2 = $y2 + (rand(0,4)-2);
}
$_SESSION['randomnr2'] = md5($randomnr);
// prevent client side  caching
header("Expires: Wed, 1 Jan 1997 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-rev?lidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

//send image to browser
header ("Content-type: image/gif");
imagegif($im);
imagedestroy($im);
?>

Then place captcha form where you need it.

<form method="post" action=""> <img src="captcha.php" />
<input class="input" type="text" name="codee" />
<input type="submit" value="Submit" />
</form>

And finally check that captcha is correctly entered.

if (md5($_POST['codee']) == $_SESSION['randomnr2']) {
// here you place code to be executed if the captcha test passes
echo "YES. Do Something function1";
}

else {
// here you place code to be executed if the captcha test fails
echo "No. Do Something function2";
}

Downlod it form here: captcha.zip

Kommentaare pole