security

Editor's Note: Information on Obtaining and SSL Certificate and Setting Up SSL on OIT Web Hosting with an External Domain Name has been moved to the Georgia Tech Resources for Webmasters website.

If you are using the CAS module for user authentication, you can require users to be logged in to their GT accounts before they can access specific pages on your Drupal site.

This page is now deprecated.  Please see the Best Practices for Configuring and Managing Drupal page for an enhanced list of security and site management tips.

The pages in this section provide helpful tips and tricks for improving the security of your Drupal website.  In addition to the information here, be sure to look at our Best Practices for Configuring and Managing Drupal page, and browse through the User Authentication section for more security tips, including how to require user login before viewing specific pages.

Security Resources

You can restrict your site so that only people who are on-campus (or using the VPN) can access it. This is a great idea for internal-use-only sites and also for all of your development/test websites if you are not using a local stack.

Using .htaccess Configuration

Here's the code to put into the .htaccess file in the root directory of your site (on OIT Web Hosting, this goes under httpdocs or httpsdocs usually):