Drupalgeddon2 – All Drupal users should patch their install now

Security/ 24th Apr 2018/Will Cook-Martin

If you presently have a Drupal installation, you need to update it urgently.

A botnet is currently exploiting a Drupal CMS vulnerability, by using already compromised systems to infect new machines. The botnet is exploiting the CVE-2018-7600 vulnerability, known as Drupalgeddon 2, to gain the ability to execute commands on a server running Drupal.

If you are running 7.x, upgrade to Drupal 7.58 https://www.drupal.org/docs/7/update

If you are running 8.5.x, upgrade to Drupal 8.5.1. https://www.drupal.org/docs/8/update

Add your existing Drupal install to Softaculous for automatic updates

All Clook customers have access to Softaculous via their cPanel dashboard. By adding your Drupal 7 or 8 store to Softaculous, you will be able to select the auto upgrade option, to ensure you are always on the latest version of Drupal.

1

Login to cPanel

2

Click the Softaculous link under the Software banner

3

Search for Drupal using the search box in the top left and click the Drupal link in the left hand menu

4

Click the import link on the top right hand side of the page

5

Check the details are correct and click the import button

6

Congratulations, your Drupal install should now have been imported into Softaculous

7

You can now follow this guide to upgrade your installs – https://softaculous.com/docs/How_to_upgrade_installations

Update 27/04/18

Today (27/04/18) we’ve updated our mod security rules to try to help mitigate these attacks. This does not remove the requirement to update your Drupal store. There is a small chance that the updates may cause some false positives – please contact our support team if you have any issues.

Will’s our technical sales guy from the hills of Rossendale. In his spare time he can be found designing and building websites, or doing a spot of DIY!

We have a very strong team here at Clook and we build on everyone's strengths and weaknesses, you have to be able to make a good brew too!

Chris James

Customer Login

Forgot Password? Cancel