Because of industry security standards and audit requirements, you might need to implement high-level security tuning for a public Drupal site. There are several methods you can use to do this, including adding a module to your website or configuring IP restriction in Drupal itself. You may also need to block particular IP addresses due to attacks or other problems. This article presents a list of Drupal 7 modules that are recommended for use for implementing high-level security tuning to your site. We also advise that you review the recommendations on the IP restriction in Drupal page.
Website security modules
The drupal.org website contains several popular contributed modules that can help you tune your website's security. The functionality of the modules presented here include
restricting access to an entire website
restricting access to specific paths and/or pages
defining access allow-lists when you don't manage a firewall for that website
The following popular Drupal 7 modules are a few that you might find useful.
Ensure that you evaluate the modules based on your particular site needs.
Table of recommended modules
Note
Included in this list are the status of Drupal versions 8 and above, evaluated as of November 2023.
Cloud Platform