Drupal Security
Writing secure code is an important aspect of any web application. Preventing ever-so-creative hacking techniques can be really daunting, and this is partly the reason why we, as developers, sometimes choose a well-established framework with solid and up-to-date security measures baked right in.
Drupal is a CMS that takes security very seriously. The community has a dedicated security team that is always on the lookout for vulnerabilities and advises core contributors and module developers on ways to fix potential vectors of attack. It is also responsible for the fast mitigation of any such issue and disseminating the correct information to the affected parties.
When it comes to out-of-the-box installation, Drupal has come a long way in addressing many security concerns present in previous versions. For this reason, in this chapter, we will talk about some of the most prominent security features that Drupal comes with out of the box and that are directly related...