Has your Drupal site been compromised?

Find out whether your Drupal site has been compromised, and hear the professional views on the situation from Created by Cocoon.

In April 2014, many Drupal sites experienced a widespread due to a vulnerability that was discovered with the content management system — nicknamed ‘Drupalgeddon’. It caused widespread panic amongst the Drupal community, because sites were able to be easily compromised, if not updated on a regular schedule and on time.

This year, in March, Drupal experienced yet another vulnerability, this time colloquially known amongst the wed development community as ‘Drupalgeddon 2’. Although reports from Drupal.org claim that the vulnerability was present for quite a few years, nobody had discovered it until recently. In March, an update to both the Drupal 7 and 8 content management systems was rolled out, and sites were urged to update immediately.

Urgency


Drupal 7 and 8 websites that were not updated by April 11 faced potential vulnerability, due to the fact that attackers quickly caught on, and began exploiting the issue ‘in the wild’, according to Drupal.

Further to this, another undisclosed vulnerability was discovered by the Drupal Security Team, and this time, without disclosing the nature of the vulnerability, they pushed another update to both 7.x and 8.5.x Drupal branches.

Sites who did not update to the latest versions of their respective Drupal installation have been at risk of being compromised since.

Risk factors

The risk of the Drupalgeddon 2 vulnerability was scored by Drupal as 24/25, which labeled it as ‘Highly Critical’. In other words, the damage that could potentially be caused by these vulnerabilities could have major adverse affects on any site running an insecure version of Drupal.

As a developer of premium Drupal themes, Created by Cocoon has been eager to ensure that all its customers are running secure Drupal versions, and as such have announced the immediate availability of two premium Drupal site and server security services, Drupal Padlock and Drupal Site Restore.

Drupal Padlock works to ensure current and future security of your Drupal site, whether it has been previously compromised or not, and Drupal Site Restore works to restore compromised Drupal sites to their previously working order, with the aim to keep all previous content (users, nodes, blocks, infrastructure etc) intact.

This gives Drupal site administrators the opportunity to restore their/their clients’ sites to their previous state, without having to rebuild the site from scratch, or manually clean up the code and database.

In conclusion

If your site is now safe, you have nothing to be concerned about. However, you may wish to invest in securing your Drupal installation(s) and server configuration further, using a service such as Drupal Padlock.

If your site has experienced a compromisation, it's best to follow Drupal's official guidelines on how to manage a hacked site. If you don't possess the technical skills required to restore your website back to its previously working state, and lack a recent backup, services such as Drupal Site Restore can help you out.

Once again, remember to keep your sites up-to-date, whether that be Drupal-powered or any other CMS; proprietary or open-source!

Happy site building!

—Your Cocoon Team