secured

Events happening in the community are now at Drupal community events on www.drupal.org.

Highly-secure Drupal installation

Posted by themselves on August 4, 2010 at 2:44am

Hi everyone,

What we've been doing around here is trying to put together an implementation framework that would deliver the most secure Drupal possible. Our idea so far is this:

First layer is a Varnish cache - it is the only publically exposed port of the entire infrastructure.

Second layer is a Drupal install with a read-only mysql user (other than the session, watchdog and cache tables of course), so that even if someone elevates permissions in Drupal, they are unable to write anything to the database.

Read more
6 comments Categories:

How to disable false communication when working on DEV?

Posted by shaal on May 15, 2009 at 10:55pm

we have a LIVE website, with active (recurring) paid subscribers...
every month - they get charged on their credit card through paypal.

(so far - all good)

now - while creating the next version, updates, etc -
on DEV - we migrated all live user info and started working with it
(ouch)
and then - all our paid subscribers - got a false message - that their credit card cannot be charged!

my question is -
moving forward, as we are going to have automatic notification on content added, newsletters, recurring payment, etc.

is there any safe method / workflow -

Read more
Subscribe with RSS Syndicate content

AltStyle によって変換されたページ (->オリジナル) /