I would like us to have a dedicated "Security" admin page and a respective Admin menu item in order to:
- show that we take security seriously
- allow site admins to perform security-related tasks in one single place
- provide a "home" for security-related contrib modules
Ideas for this page include:
- settings for blocking users (failed login attempts, bots etc.) - #1878
- provide a default security.txt file ((https://www.drupal.org/project/securitytxt)), and an easy way to edit that info via the UI. The default, out of the box text should point to contact details for reporting security issues in b.org, but site owners should be able to change that if required by their organization (same as we allow them to edit the maintenance mode message)
- settings for protecting forms from spam (expose honeypot settings etc.) - #1169
- settings for the
trusted_host_patterns
variable - #2568 - settings for the
x_frame_options
variable - #4080 - checkbox to ignore outdated php warning - #3490
- link to our https://backdropcms.org/security page
- database (SSL) connection status - #4945
- enable/disable FLoC - #5103
- a setting to enable better security/privacy on login/password reset forms - #4696
- a setting to use 404s instead of 403s when trying to access user pages without the proper permission #5802
Other ideas:
- A "Security overview" block for the dashboard (#495)
- https://www.drupal.org/project/security_review
- https://backdropcms.org/project/remove_generator (only 3 lines of code really)
- any settings that may be required for #3270
- warning when anonymous users can create accounts (#574)
- expose the image_style_flood_limit
setting introduced in https://github.com/backdrop/backdrop-issues/issues/34 / https://github.com/backdrop/backdrop/pull/635
- ???
Recent comments
AFAIK there is no option to customise the sorting of book pages:
Book child page ordering by nodeid
The ordering using titles is unusual because, in alphanumeric characters, "19." is smaller than "2." etc. This has nothing to do with Backdrop. I'm not sure I understand your question. Why...
Book child page ordering by nodeid
Thanks for the suggestions ! site/admin/reports/status/php reports that the OpenSSL module is present : PHP Version 8.3.17 ... OpenSSL support enabled OpenSSL Library Version OpenSSL 3.0....
Failed to get available update data