[OWASP-Malaysia] Security By Obscurity Is No Security
Harisfazillah Jamel
linuxmalaysia at gmail.com
Tue Jun 21 01:46:02 EDT 2011
Team,
A) Hide, obscure, or remove clues that a site runs on Drupal
The short answer is :
You can't. Do not try
In summary
Security by obscurity is no security. It gives a false impression of
being 'safe' when you are only hiding vulnerabilities behind a
smokescreen that any attacker that posed any real threat would be able
to see through.
Patch Patch Patch your OS and your application
>From Drupal Security page
http://drupal.org/security/secure-configuration
Hide, obscure, or remove clues that a site runs on Drupal
http://drupal.org/node/766404
B) Joomla Security Checklist
http://docs.joomla.org/Category:Security_Checklist
-------------- next part --------------
A non-text attachment was scrubbed...
Name: drupal-security-white-paper-1-1.pdf
Type: application/pdf
Size: 2616330 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20110621/18630af2/attachment-0001.pdf
More information about the OWASP-Malaysia
mailing list