"Innovative Design & Digital Media Solutions for Magazine Publishers"

Drupal Book Review by Chris Shattuck

Posted by Aaron in Drupal, Featured Articles on Aug 25th, 2009 | 3 responses

I recently came across a very helpful review of “Cracking Drupal” by Chris Shattuck. Here at Infoswell we are constantly building Drupal sites and communities for our publishers, so having access to good Drupal resources is a must. I have included an excerpt from the article and recommend that you visit Chris’s site and read the review in it’s entirety.

It recently came to my attention that there are some gaps in my conceptualization of Drupal security. I was fortunate enough to have this pointed out to me by the Drupal Security Team, and not by a DOS, CSFR, SQL injection or XSS attack. After publicly bemoaning the mild lashing I received, four members of the Drupal community suggested I read Cracking Drupal. One of them even sent me a copy. No other book was even mentioned, which says to me that – considering how recently it was released – the book fills a void of knowledge that was seriously aching for coverage, and fills it well.

Over years of developing, I’ve become familiar with the various vulnerabilities that make their way into code, but I’ve never felt like I could build a complete defense. My knowledge has been piecemeal, drawing from documentation, books, interesting conversations and other people’s code. In my case, Cracking Drupal did a fantastic job of gluing these pieces together into a comprehensive frame of mind.

What becomes clear very quickly in Cracking Drupal is that Drupal is quite a wily beast that gives developers real incentive to learn security. There are few functions in Drupal whose exclusive purpose is security, and Greg makes it clear that learning how to secure your site has definite side benefits: “When developers learn and use the API, they are not only safer but more effective and more efficient.” When you learn how to use different aspects of the Drupal API (forms, translations, helper functions, theming) you gain bits of security as a bonus. If you set out to learn Drupal security, you’ll come out the other end with a pretty solid grasp of Drupal APIs. Either way, it’s a win.

Read the review in its entirety here.

We would love to hear your thoughts on the book, as well as what Druapl books and resources you have found helpful.

Share and Enjoy:
  • DZone
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Design Float
  • StumbleUpon
  • Technorati

3 Responses to “Drupal Book Review by Chris Shattuck”

  1. Drupal Book Review by Chris Shattuck | Infoswell Magazine Media … says:
    August 25, 2009 at 7:47 pm

    [...] More here: Drupal Book Review by Chris Shattuck | Infoswell Magazine Media … [...]

  2. Twitter Trackbacks for Drupal Book Review by Chris Shattuck | Infoswell Magazine Media Solutions Blog [infoswell.com] on Topsy.com says:
    August 26, 2009 at 10:28 am

    [...] link is being shared on Twitter right now. @infoswell said New blog post: Drupal Book Review by Chris [...]

  3. NoumnbupkneenNo Gravatar says:
    November 7, 2009 at 9:58 pm

    Is social media going to kill SEO?

Leave a Reply

Powered by Wordpress