The latest wave of Drupalgeddon activity highlights the importance of keeping software up to date, especially when it's a popular CMS like Drupal, itself based on the rapidly changing web development programming language PHP and the widely used open source RDBMS MySQL. Our Analyst's Insight into this vulnerability gives more details.
Imunify360 defends against this threat by virtue of a sophisticated WAF rule set developed and maintained by our own threat intelligence team. Larger vendors' rulesets are too general and too inflexible to track such dynamic threats. Another component in Imunify360's layered security defenses is called Proactive Defense. It uses comprehensive heuristics to detect and block in-flight malicious code.
Drupal is popular with small and medium-sized businesses not just because of its great flexibility, but also because it's free, has a strong support community, and a rich marketplace of add-ons, plugins, and modules.
But Drupal is open source and relies on volunteer efforts for design and development. As its popularity has surged, making it the world's second most popular CMS, so has its value as a target for hackers.
Drupal doesn't have an automatic self-update mechanism yet, and code vulnerabilities are not uncommon. Hackers can tell what CMS a site is running, and will scan sites to see if they are running the latest versions. Eventually, they'll come across a dormant site or one where the owner simply doesn't want to risk disruption to their business by updating their site's software. Sometimes, an upgrade causes incompatibilities with purchased or free plugins, some of which may be key to the site's functionality.
Even after a site has been updated, there is no guarantee it is malware-free. A hacker may have planted a malicious script prior to the CMS update, leaving it unused until a future time. This won't be detected unless you have a reliable and up to date malware scanner on your side.
If you're a web hoster, you have no way of knowing whether your tenants are keeping their Drupal-based sites up to date and are regularly scanning them for persistent malware. The automated cleanup service can help with it and is part of Imunify360.
To learn more about the smart approach to securing web sites, visit Imunify360.com