Security

Compromised Drupal 7 Website Recovery Review

I was brought on board to help recover a website that was possibly exploited by hackers, a Drupal 7 project.  What triggered the investigation?  My client was informed that their customers were receiving spam emails from the website.

After a thorough review of the project's code base and database. I found multiple exploits and backdoors.  All of the issues/exploits were within the Drupal core.  None of the contrib. or custom modules were exploited.  

Drupal and Cloudflare

Cloudflare is a great tool to add another layer of security to your Drupal website.  

When setup correctly Cloudflare will act as a firewall to block malicious traffic to your Drupal website at the application level.  Cloudflare blocks many types of attacks: cross-site scripting, cross-site forgery requests, and SQL injection attacks.  User checks can also be enabled such as GEO IP location and browser integrity checking to limit questionable or unneeded traffic.

Cloudflare also acts as a CDN and has many caching and performance features.