Drupal Security Audit

Do you run the popular CMS Drupal? Do you want to test how secure your Drupal installation is?

Security Audit Systems offer in-depth Drupal security testing and auditing services. See below for a summary of what we check for when looking at your Drupal security:

Stay one step ahead of the cyber criminals that are actively exploiting Drupal security flaws with our Drupal Security Audit Service.

Introducing our Joomla Security Audit service.drupal penetration testing

What can we do to help?

  • Actively audit your Drupal installation and check your file/directory permissions.
  • Perform a full Drupal penetration test. Review our home page to see how Drupal penetration testing works.
  • Drupal modules will get checked, looking for known weaknesses that exist in certain versions.
  • Drupal core and custom pages will be checked for vulnerabilities that match the OWASP top 10, and if found, we will advise how to fix any issues we uncover.
  • We have access to fast drupal security scanners and analysis tool which will check your website for vulnerabilities.
  • Unique tools we have access to will be run over the Drupal CMS platform, auditing it further for any weaknesses.
  • A full audit / penetration testing report will be supplied for your Drupal website, to show you how you can improve security and fix detected issues.


Drupal Security Auditing tasks we can perform:

  • Install and correctly configure a web application firewall to actively scan and protect your Drupal installation.
  • Check your site with McAfee/Google/Blacklist checks for known suspicious activity or malware.
  • Setup alerts, so your website admin receives notifications of suspicious activity, allowing you to proactively defend your website, and ban malicious users or bots.
  • Setup a backup solution (if required) to ensure you have regular database and file backups taken of your site.
  • Configure or setup SSL (if required) so all the traffic between your website and its users is encrypted and secure.
  • Add enhanced .htaccess rules to filer known Drupal attack methods.
  • Add an extra layer of security to the Drupal administration login area.
  • Check your Drupal core for correct permissions.
  • Check your Drupal modules for correct permissions.
  • Check your Drupal theme is up to date and the core files have not been modified.
  • Ensure your Drupal core is updated to the latest version, along with any modules.
  • Audit your Drupal modules for known vulnerabilities.
  • Audit your user accounts within Drupal, ensure redundant accounts are removed and passwords are strong.
  • Check your web server and ensure your hosting platform is secure.
  • Setup your web server logging correctly.


With all of the above information you will get the best possible Drupal security in place and learn best practice Drupal security techniques when securing your Drupal website in future.

If you are interested in getting your Drupal site security checked, contact us for a quote.