Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

Securing your portal

The developer portal is essentially a content management system (CMS) based on the open source Drupal (http://www.drupal.org) project. Drupal provides a core set of features in the form of modules that make it easy for you to build the content for, as well as manage, websites.

Drupal also has many security features that you should be familiar with as you build your portal. This page does not attempt to explain all of the Drupal security features, but instead contains links to documentation on some of the most commonly used Drupal security features. 

Regardless of the security features that you want to implement, make sure that you have:

Along with the security information described in the table below, you should also be familiar with Drupal's best practices for coding standards and security as described on this page: https://www.drupal.org/developing/best-practices.

Topic Link
General guidelines See this article on general Drupal security topics: https://www.drupal.org/security/secure-configuration.
How Drupal stores passwords See the section "Improved hashing algorithms" on this page: https://docs.acquia.com/articles/improvements-security-drupal-7-8
Prevention of brute force login attacks

See the section "Drupal 7's built-in brute force detection" on this page: https://docs.acquia.com/articles/improvements-security-drupal-7-8

If you want to view/edit this configuration in the Drupal UI, you can use the information here:  https://www.drupal.org/project/flood_control

Adding password policy enforcement A password policy ​defines password complexity for user passwords. For more information, see: https://www.drupal.org/project/password_policy
Autologout by a configurable time The Drupal Automated Logout module can end a user's session after a defined period of inactivity. For more information, see: https://www.drupal.org/project/autologout

 

 

Help or comments?