Gold Sponsors

Hack Proof Your Drupal Site

This session is intended for Drupalers who would want to avoid security loop holes while writing code or architecting solutions. We will delve into common security issues that ails custom code and will use practical examples using both vulnerable and secure code snippets. This session will mostly about my encounters and experience after doing 30+ project application reviews and could also serve as a good guideline for new contributors.

Some of things that we will discuss in the session with live examples of each:

  1. SQL Injection
  2. Cross-Site Scripting (XSS)
  3. Access control over your menus entries using permissions(Menu access bypass)
  4. Node access bypass
  5. Correct use of drupal_goto unless leads to vulnerability
  6. Common Security Strategies
Experience level: