Cracking Drupal A Drop in the Bucket .pdf

《Cracking Drupal A Drop in the Bucket .pdf》由会员上传分享，免费在线阅读，更多相关内容在学术论文-天天文库。

1、KnaddisonUncoverthreatsandprotectyourDrupal®sitewithprovenstrategiesWhatistheworst-casescenarioifyourWebsitegetsattackedandthesecurityisbroken?Byfollowingthestrategiesinthisguide,youdon’thavetofindout.Itfirstwalksyouthroughthevulnerabilitiesyou’llfaceandthestepsyoushouldtake

2、toprotectabasicDrupalsite.You’llthendiscoverhowtoreviewamoduletofindweaknessesandfixthem.Andyou’lllearnhowtokeepyoursiterunningsecurelybyimplementingmoreadvancedtechniques.Takecontrolofyoursitebylearninghowto:•PreventthecommonwaysthatDrupalgetscracked•Uncoverpartsoftheattack

3、surfacethatcanexposeyoursite•InstallextramodulesandconfigureDrupaltomaintainyoursite’ssecurityADropintheBucket®•ControlthesecurityofyoursiteusingDrupal’sAPI•UtilizetheDrupalAccesssystemtolimitwhocanseespecificcontent•TestyoursitewithautomatedscannerslikeGrendel®•Followstrate

4、giestofind,exploit,andavoidvulnerabilities•LeverageresourcesfromtheDrupalSecurityTeamGregJamesKnaddisonisPrincipalofGrowingVentureSolutionsandadedicatedDrupalista.AsamemberoftheDrupalsecurityteam,Knaddisonhasparticipatedineverypartoftheprocessincludingidentifyingvulnerabili

5、ties,creatingfixes,testingfixes,andwritingsecuritydocumentationandadvisories.HehasalsoADropintheBucketcontributedmodulesandpublishesthenewssiteDrupalDashboard.com.Forallthecodeinthisbook,aswellasallthelatestupdates,visittheWebsitehttp://crackingdrupal.com.ProgrammingLanguage

6、s/General$40.00US/$48.00CANGregJamesKnaddisonCrackingDrupalADropintheBucketGregJamesKnaddisonWileyPublishing,Inc.CrackingDrupal:ADropintheBucketPublishedbyWileyPublishing,Inc.10475CrosspointBoulevardIndianapolis,IN46256www.wiley.comCopyright2009byWileyPublishing,Inc.,In

7、dianapolis,IndianaPublishedsimultaneouslyinCanadaISBN:978-0-470-42903-7ManufacturedintheUnitedStatesofAmerica10987654321Nopartofthispublicationmaybereproduced,storedinaretrievalsystemortransmittedinanyformorbyanymeans,electronic,mechanical,photocopying,recording,scanningor

8、otherwise,exceptaspermittedunderSections107or108ofthe1976UnitedStatesCopyrightAct,without