Security: Tales from the Field with Michael Hess


In this talk, we’re going to explore four compromised Drupal sites to learn:

• How they were exploited.

• The common configuration and coding errors that led to the compromise.

• How the site owners figured it out, and

• Best practices

Michael Hess, adjunct lecturer, Solution Architect Lead at the University of Michigan and lead of the Drupal Security Team. Drupal is an open source content management framework that underlies at least 2% of the world’s websites, including and

Hess works with the School of Information and the U-M Medical Center, teaching 3 courses on content management platform and overseeing the functionality of several campus websites. He also serves in a consulting and development role for many other University departments. Hess is a graduate of UMSI, with a master’s degree in information.


Hanson Inc
1695 Indian Wood Circle
Maumee, OH 43537, US (map)




TWPMeetup, twp