Green Clook

Drupalgeddon2 – All Drupal users should patch their install now

If you presently have a Drupal installation, you need to update it urgently.

A botnet is currently exploiting a Drupal CMS vulnerability, by using already compromised systems to infect new machines. The botnet is exploiting the CVE-2018-7600 vulnerability, known as Drupalgeddon 2, to gain the ability to execute commands on a server running Drupal.

If you are running 7.x, upgrade to Drupal 7.58

If you are running 8.5.x, upgrade to Drupal 8.5.1.

Add your existing Drupal install to Softaculous for automatic updates

All Clook customers have access to Softaculous via their cPanel dashboard. By adding your Drupal 7 or 8 store to Softaculous, you will be able to select the auto upgrade option, to ensure you are always on the latest version of Drupal.


Login to cPanel


Click the Softaculous link under the Software banner


Search for Drupal using the search box in the top left and click the Drupal link in the left hand menu


Click the import link on the top right hand side of the page


Check the details are correct and click the import button


Congratulations, your Drupal install should now have been imported into Softaculous


You can now follow this guide to upgrade your installs –

Update 27/04/18

Today (27/04/18) we’ve updated our mod security rules to try to help mitigate these attacks. This does not remove the requirement to update your Drupal store. There is a small chance that the updates may cause some false positives – please contact our support team if you have any issues.

About The Author

Will's our technical sales guy from the hills of Rossendale. In his spare time he can be found designing and building websites, or doing a spot of DIY!

Connect on Linkedin

Clook Logo

Get regular tips, tricks and updates!

Signup today for our awesome newsletter and recieve monthly emails with all sorts of helpful articles on hosting and web development.