cross site request forgery

Protecting your Drupal module against Cross Site Request Forgeries December 10

Cross Site Request Forgeries (CSRF) are the 3rd most common vulnerability in Drupal and yet they are quite easy to protect against. The precise solution depends on where the problem is, but is never too complex to implement. To start, of course, we need to understand what CSRF actually is.

What is Cross Site Request Forgery - CSRF

The Book, The Report

Cracking Drupal: A Drop in the Bucket

Written by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal and how to prevent them from continuing.

Get your copy now.

Drupal Security White Paper

Curious about Drupal's security? Consider Drupal but want to make sure it's good enough? Read the Drupal Security Report

Security Review Service

If you are concerned about whether your site is secure, consider using the Security Review Module to get an initial sense. If you're looking for something much more in depth than a module or a book, Growing Venture Solutions offers a Security Review Service for Drupal Sites.

Recent Blog Posts

Anything you can do XSS can do better

Posted by Ben Jeavons

6 comments
Mitigation against CVE-2010-1584 Drupal Context Module XSS

Posted by greggles

4 comments
Zerodayscan and Drupal: finding bugs for fame

Posted by greggles

0 comments