How To (Not) Get Hacked - A Security Checklist for Drupal Server Administrators

Drupal vulnerabilities come and go, swiftly being patched and neutralised on up-to-date sites. But what about the undisclosed vulnerabilities, or the patches that lead researches to other weaknesses?

Simply patching your site isn't enough, we need to look at how our hosting environments are built and configured to provide defense-in-depth protection against automated attacks and targeted efforts by very bad people.

This talk for system admins and backend developers will explore some common and not-so-common approaches for building secure web servers and containers running Drupal, to help keep your awesome Drupal site safe.