[Security] Improve default security

Created on 5 July 2024, 6 months ago

Problem/Motivation

The default security delivered by our installation profile can be greatly improved to provide a better scoring on tools like sonarQube or Mozilla Observatory.

Proposed resolution

Please review the following security workshop to implement most of its best practices (mostly the HTTP security headers) : https://gitlab.com/nicoloye/drupal-security-101/-/blob/main/README.md?re...

The conference slides are available at the end of the file.

Remaining tasks

  • Analyze the workshop
  • List the practices to be integrated
  • Implement the practices
📌 Task
Status

Active

Component

Code

Created by

🇫🇷France nicoloye

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024