We at DrupalChamp provide great security solution for drupal based websites. Our developers are very good in making your drupal website secure. Since Drupal is huge and developers are working in distributed enviroment. Everyday some new modules are introduced to drupal framework so security is a big issue here. Though Drupal team is very active in this area. Drupal security team tirelessly spearheads ongoing efforts to educate and help the Drupal community to prevent security issues from arising. They conduct presentation and training at drupal community events and conferences, give webinars, write free online documents in order to avoid the security issues. We at our end overlook the codes written in modules in order to make sure that your websites is secure.
we use security review module which provdies analysis of your website security configuration. Here is the module which we use https://drupal.org/project/security_review to review security issues. We take security of every website we develop very seriously.
Security Review run the following checks :
- File system permissions
- Input formats
- Content (nodes and comments and fields in Drupal 7)
- Error reporting
- Private files
- Allowed upload extensions
- Database errors
- Failed logins
- Drupal admin permissions
- Username as password
- Password included in user emails
- PHP access
We write very secure codes in our custom mdoules when we develop a new custom modules for your website. we use proper Drupal API's in order to make Database queries. we never call mysql_query function in order to make database call rather we write Drupal APIs to make db calls. Thats way it ensures the security of your website. we always update modules and core when security updates are available an released. Security releases are only created when a vulnerability has been detected. We educate your site users by publishing informations to use strong passwords. we use following drupal modules in order to secure your websites.
Password policy -- This module provides a way to specify a certain level of password complexity (aka. "password hardening") for user passwords on a system by defining a password policy.
Login Security -- Login Security module improves the security options in the login operation of a Drupal site. By default, Drupal introduces only basic access control denying IP access to the full content of the site.
With Login Security module, a site administrator may protect and restrict access by adding access control features to the login forms (default login form in /user and the block called "login form block").
Automate Logout -- This module provides a site administrator the ability to log users out after a specified time of inactivity. It is highly customizable and includes "site policies" by role to enforce logout. So we are very much concerned about this point and we are expert in securing your drupal website.