Speakers: 
MKorostoff
Track: 
Coding
DevOps
Other
Audience: 
Intermediate

This a comprehensive post-mortem of the Drupalgeddon SQL injection bug as experienced on one of my personal web sites.  In this talk I'll explain in-depth how the SQL injection bug worked.  I'll show the way real hackers used this vulnerability in the wild, and how you can defeat a similar attack on your website.  I'll show how I recovered an infected site, and the new security measures I put in place as a result of this security breach.  Finally, I'll argue that when all is said and done, this has been a good learning experience for our community, and things could have been a lot, lot worse.

Length: 
50 minutes
Session video: