| | |  | Keyword Search: O’Reilly Security | Home » Cracking Drupal: A Drop in the Bucket | | | | | | | Description: | | The first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing Drupal is an open source framework and content management system that allows users to create and organize content, customize presentation, automate tasks, and manage site visitors and contributors. Authored by a Drupal expert, this is the first book to reveal the vulnerabilities and security issues that exist in the sites that have been built with Drupal?and how to prevent them from continuing. The main goal of this guide is to explain how to write code that avoids an attack in the Drupal environment, while also addressing how to proceed if vulnerability has been spotted and then regain control of security. | | | Features: | |
• ISBN13: 9780470429037
• Condition: New
• Notes: BUY WITH CONFIDENCE, Over one million books sold! 98% Positive feedback. Compare our books, prices and service to the competition. 100% Satisfaction Guaranteed
| | | Product Details: | | | Author:
| Greg Knaddison | | Paperback:
| 240 pages | | Publisher:
| Wiley | | Publication Date:
| May 11, 2009 | | Language:
| English | | ISBN:
| 0470429038 | | Package Length:
| 9.2 inches | | Package Width:
| 7.3 inches | | Package Height:
| 0.6 inches | | Package Weight:
| 0.8 pounds | | Average Customer Rating:
|  based on 12 reviews |
| | | | Used and New: | | | |
| All | |
| $19.45 | Used
- Acceptable | | | $19.45 | New | | | $19.45 | Used
- Good | | | $19.49 | New | | | $19.50 | New | | | $20.35 | Used
- Mint | | | $20.35 | New | | | $22.05 | Used
- Mint | | | $23.66 | New | | | $23.67 | Used
- Mint | | | $23.67 | New | | | $24.00 | Used
- Mint | | | $24.40 | New | | | $25.85 | New | | | $25.86 | New | | | $26.38 | New | | | $26.79 | New | | | $27.12 | Used
- Mint | | | $27.13 | Used
- Mint | | | $27.22 | Used
- Good | | | $27.41 | New | | | $28.38 | New | | | $29.19 | New | | | $29.20 This item ships for FREE with Super Saver Shipping. | New | | | $29.95 | New | | | $30.55 | New | | | $31.53 | Used
- VeryGood | | | $31.71 | New | | | $32.01 | New | | | $32.17 | Used
- Mint | | | $32.37 | New | | | $32.83 | New | | | $35.83 | New | | | $37.45 | Used
- Mint | | | $37.47 | New | | | $40.00 | New | | | $40.00 | New | | | $50.00 | New | | | $51.41 | Used
- Mint | | | $52.40 | New | | | $55.72 | New | | | $55.75 | New | | | $61.03 | New | | | $69.34 | Used
- Mint | | | $178.00 | New | |
| New | |
| $19.45 | New | | | $19.49 | New | | | $19.50 | New | | | $20.35 | New | | | $23.66 | New | | | $23.67 | New | | | $24.40 | New | | | $25.85 | New | | | $25.86 | New | | | $26.38 | New | | | $26.79 | New | | | $27.41 | New | | | $28.38 | New | | | $29.19 | New | | | $29.20 This item ships for FREE with Super Saver Shipping. | New | | | $29.95 | New | | | $30.55 | New | | | $31.71 | New | | | $32.01 | New | | | $32.37 | New | | | $32.83 | New | | | $35.83 | New | | | $37.47 | New | | | $40.00 | New | | | $40.00 | New | | | $50.00 | New | | | $52.40 | New | | | $55.72 | New | | | $55.75 | New | | | $61.03 | New | | | $178.00 | New | |
| Used | |
| $19.45 | Used
- Acceptable | | | $19.45 | Used
- Good | | | $20.35 | Used
- Mint | | | $22.05 | Used
- Mint | | | $23.67 | Used
- Mint | | | $24.00 | Used
- Mint | | | $27.12 | Used
- Mint | | | $27.13 | Used
- Mint | | | $27.22 | Used
- Good | | | $31.53 | Used
- VeryGood | | | $32.17 | Used
- Mint | | | $37.45 | Used
- Mint | | | $51.41 | Used
- Mint | | | $69.34 | Used
- Mint | |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
 Good basic overviewAug 30, 2010
This is a good basic overview of Drupal security for admins, module developers and themers. One thing that surprised me is that it did not really cover security on a site using SSL (such as an Ubercart site or perhaps a membership site with secure login).
Worth Taking a LookJun 22, 2010
Useful guide to use for Drupal site administrators.
Highlight potential security vulnerabilities and other places that might cause issues in one's Drupal site.
0 of 3 found the following review helpful:
Cracking Drupal: All it is cracked up to be?Feb 03, 2010
Here is an excerpt of my review, the full review can be found on my blog which is linked from my profile page.
Cracking Drupal: A Drop in the Bucket is the first book specifically discussing vulnerabilities in the Drupal Content Management System. However, is it all it's 'cracked up' to be?
Well, you will have to decide for yourself, but I would recommend this book for almost all intermediate+ Drupal users. It will get you thinking about security in Drupal, provide recommendations for tools that will help you implement that security, and generally leaving you with a stronger understanding of the whole Drupal stack. However, if you are a seasoned Drupal veteran you may want to give this a pass or just take a gander at it from a friend's copy or a library, as much of the material is already known to hardcore Drupalers (e.g., if you are a core contributer, you probably don't need this book, but then again you don't need me to tell you that).
1 of 2 found the following review helpful:
Great if you're a code geek, impossible for beginnersJan 30, 2010
This book is not suitable for anyone who doesn't have a very strong understanding of Drupal and Drupal-speak. Beginners and even intermediate web developers will not understand much in Cracking Drupal, which is neck-deep in geek. See to my last paragraph in this review if you're a beginner.
This is not to say this isn't a good book. I've gone through it once, and plan to read it over a second or third time because it is filled with information. I'm not a security expert, but from my limited perspective I did not see any glaring errors, and I enjoyed the frankness with which the author approached the subject of Drupal security.
For Drupal beginners, here are the basics in helping secure your site: follow every Drupal best practice that you find in the online handbook and articles, don't hack the core or modules, strictly follow Drupal conventions if you create your own modules, and never turn on the PHP filter (which allows you to pepper the site with your own PHP code). And most importantly - run crons frequently and update, update, update! After you've spent a year or two with Drupal, and you're comfortable with the CMS, then look for a second edition of Cracking Drupal.
2 of 2 found the following review helpful:
 Concise and illuminatingDec 29, 2009
Within 24 hours of reading this book I found and patched a XSS attack on my site at work. It's well written, to the point, and informative. The author goes above and beyond explaining Drupal exploits and shows you how to track them down in the wild using the Drupal CVS repository. Most helpful is knowing how to properly use Drupal's built in security measures that take much of the weight of developing secure code off your shoulders.
| | |
|
