Drupal requirements to install

System requirements

Disclaimer
Note that the minimum requirements of Drupal core can be subject to change, given an important enough reason. Where such a change is likely to have broad impact on Drupal’s user base, every effort will be made to communicate these decisions ahead of time.

Disk space
A minimum installation requires 15 Megabytes. 60 MB is needed for a website with many contributed modules and themes installed. Keep in mind you need much more for the database, files uploaded by the users, media, backups and other files.

Web server
Apache, Nginx, or Microsoft IIS
More details about web server requirements.

Database
Drupal 6: MySQL 4.1 or higher, PostgreSQL 7.1,
Drupal 7: MySQL 5.0.15 or higher with PDO, PostgreSQL 8.3 or higher with PDO, SQLite 3.3.7 or higher
Drupal 8: MySQL 5.5.3/MariaDB 5.5.20/Percona Server 5.5.8 or higher with PDO and an InnoDB-compatible primary storage engine, PostgreSQL 8.3 or higher with PDO, SQLite 3.4.2 or higher
Microsoft SQL Server and Oracle are supported by additional modules.
More details about database requirements.

PHP
Drupal 6: PHP 5.x only (5.2.5 or higher recommended). Warning: support for PHP 4.x has been dropped. Drupal core should work with PHP 5.3.x, but PHP 5.3.x and higher may produce errors or unexpected behavior especially for contributed modules and themes.
Drupal 7: PHP 5.2.5 or higher (5.4 or higher recommended).
Drupal 8: PHP 5.5.9 or higher

Database access in Drupal

Drupal provides several functions to send queries to the database. The canonical form is db_query. Always use functions provided by Drupal to access the database to guard against SQL injections attacks.

<?php
/** Example 1 - Insecure
  * SQL injection via $type
  * Display node titles of type $type (input supplied by the user via a form textfield)
  */
$result = db_query("SELECT n.nid, n.title FROM {node} n WHERE n.type = '$type'");

$items = array();
while ($row = db_fetch_object($result)) {
  $items[] = l($row->title, "node/{$row->nid}");
}
return theme('item_list', $items);
?>


The most important usage is that if you want to access Drupal database from a script without loading anything else, you can include bootstrap.inc, and call drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE).
Below is what I got to work, from the directory drupal/modules/mymodule/script.php:

<?php
chdir('./../../'); // for relative path includes to work
include_once "includes/bootstrap.inc";

drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE);
$result = db_query("SELECT title FROM {node} n WHERE type = 'blog'");
while ($node = db_fetch_object($result)) {
   $str .= $node->title;
}
?>
 

7 Steps to Secure WordPress site from Viruses & Malware

Here are few steps to protect our wordpress site.

1. Update! Update! Update!

Most of the common hacks/injections happen because of outdated WP or plugin. WordPress has a very strong community and as soon as a vulnerability is detected, it gets plugged. No excuses for not updating!

2. Delete the ‘admin’ account – Make it harder for the hackers!

WordPress lets you give administrator access to other user accounts. So, instead of using ‘admin’ username use some other unique username.

3. Check your file and folder permissions

File permissions set to 777 are a red carpet welcome for hackers to set up base on your website! A good rule of thumb is to set files to 644 and folders to 755.

4. Hide your wp-config.php

This is another file which is most vulnerable to attacks and by default will be located at your_host/wordpress/wp-config.php. You can move it to the root directory i.e your_host/wp-config.php because WordPress automatically checks the root directory for this file if it doesn’t find it at the default location.

5. Use trusted sources for themes and plugins

Beware of pirated themes and plugins, they usually contain malware or spam bots which at best will hamper your site performance and worst case – steal critical information and spread viruses to its users.

6. Connect to your server securely

Use sFTP or SSH instead of FTP. Use SSL whenever possible. HTTPS is most preferred and secure way of transacting online.

7. Backup regularly

I suggest using a premium backup solution who will take secure and periodic backups of your site, and also gives you the option to switch hosts (migrate) efficiently and in a matter of minutes, if your site gets compromised.

How to prevent wordpress site from malware

Sucuri WordPress Security plugin is the one way to secure our website from malware’s.

This plugin provide some advantages

  1. Security Activity Auditing
  2. File Integrity Monitoring
  3. Remote Malware Scanning
  4. Blacklist Monitoring
  5. Effective Security Hardening
  6. Post-Hack Security Actions
  7. Security Notifications
  8. Website Firewall (add on)

This plugin mostly find list of success and unsuccessful logins with there IP addresses.

Click here to download.