UPD: Attention! If you did not update your Drupal 7 installation regularly and have a drupaldev user who is a megauser, you need to take action ASAP or contact us for remedying the situation.

We offer Drupal security audit, which differs from other services of this type in that we take into account the specifics of Drupal, analyze the database content, file structure and Drupal settings. Sound knowledge of Drupal and automation tools enable us to detect problems and potential vulnerabilities, such as:

  • Malicious code;
  • Changes to Drupal kernel and modules;
  • Unnecessary files in Drupal kernel and modules;
  • Malicious code, blocks with PHP and JavaScript code in the database;
  • Code that requires manual security audit (custom modules and dev versions of modules);
  • Suspicious activity recorded in the logs (web server, Drupal);
  • Unsafe Drupal access rights and input formats;
  • Unsafe web server settings.

The service costs USD 100 (EUR 85) per site. We can fix the problems found for a fee based in our site support rates.