By: Prem Tiwari | Last Updated:
A password policy can be defined with a set of constraints which must be met before a user password change will be accepted. Each constraint has a parameter allowing for the minimum number of valid conditions which must be met before the constraint is satisfied.
Example: An uppercase constraint (with a parameter of 2) and a digit constraint (with a parameter of 4) means that a user password must have at least 2 uppercase letters and at least 4 digits for it to be accepted.
This module is intended to add an administration interface for hidden flood control variables in Drupal 7, like the login attempt limiters and any future hidden variables.
This module provides various security-hardening options. This lets your mitigate the risks of exploitation of different web application vulnerabilities.
Content Security Policy implementation via Сontent-Security-Policy (official name), X-Content-Security-Policy (Firefox and IE) and X-WebKit-CSP (Chrome and Safari) HTTP response headers (configuration page and reporting CSP violations to watchdog)
Control over Internet Explorer / Apple Safari / Google Chrome internal XSS filter via X-XSS-Protection HTTP response header
This module provides a site administrator the ability to log users out after a specified time of inactivity.
It is highly customisable and includes “site policies” by role to enforce logout.
By default, a session is created for each browser that a user uses to log in. This module will force the user to log out any extra sessions after they exceed the administrator-defined maximum.
This module supports two ways of interacting with Nagios. NRPE or standard checking over HTTP. The NRPE approach is recommended, as it is far more secure. If you are using the http check method then be aware this module exposes the following information from your website.
A small and easy process which will redirect the required pages to a SSL version of the web pages.
This module makes sure that the user is running on a secure page when they create or edit content, view user details, or administer the site.
Prem Tiwari is the founder of FreeWebMentor.com and also a professional developer who has vast experience in PHP and open source technologies. Apart from this, he is a blogger by hobby and also he has been a regular speaker of WordPress sessions in various IT Companies. View all posts by Prem Tiwari