diff --git a/composer.json b/composer.json
index 04876466134cee1d98ba17d4cfd4b7dd354b856e..281d81693758eeed96731c4d078573e1fd62cf5f 100644
--- a/composer.json
+++ b/composer.json
@@ -186,13 +186,16 @@
"drupal/libraries_ui": "1.0",
"drupal/bootstrap": "3.1",
"drupal/adminimal_theme": "1.3",
- "drupal/varbase_editor": "4.5",
"drupal/blazy": "1.0-rc1",
"drupal/slick": "1.0-rc2",
"drupal/slick_views": "1.0-rc2",
- "drupal/inline_entity_form": "1.0-beta1",
- "drupal/varbase_heroslider_media": "4.0-alpha4",
"drupal/slick_media": "1.0-rc1",
+ "drupal/username_enumeration_prevention": "1.0-beta1",
+ "drupal/password_policy": "3.x-dev#bba8e0bd1542ffde651d0b8ff95ff5cea69d06ba",
+ "drupal/seckit": "1.0-alpha2",
+ "drupal/security_review": "1.x-dev#35ebae445bb260e961e47c4c58efe7c50c228999",
+ "drupal/varbase_editor": "4.5",
+ "drupal/varbase_heroslider_media": "4.0-alpha4",
"drupal/varbase_carousels": "4.0-alpha2"
}
}
\ No newline at end of file
diff --git a/configbit/default.components.varbase.bit.yml b/configbit/default.components.varbase.bit.yml
index 94328e4d5ddb0ab659cd04aa65c0ba4d193dfdc0..259325af4567b0d393bb5dece28f943de3c5a102 100644
--- a/configbit/default.components.varbase.bit.yml
+++ b/configbit/default.components.varbase.bit.yml
@@ -11,6 +11,7 @@ config_bit:
dependencies:
- varbase_core
- varbase_admin
+ - varbase_security
- varbase_seo
- varbase_editor
- varbase_media
diff --git a/drupal-org.make b/drupal-org.make
index 9da0d2af273a393e29bf366a20e4892ec0cf7228..b86351630e83ed3da9fb927eb29c2016f76ebf63 100644
--- a/drupal-org.make
+++ b/drupal-org.make
@@ -186,6 +186,30 @@ projects[google_analytics][type] = module
projects[google_analytics][subdir] = "contrib"
projects[google_analytics][version] = 2.1
+;;;;;;;;;;;;;;;;;;;;;
+;; Contrib modules for Varbase security.
+;;;;;;;;;;;;;;;;;;;;;
+
+projects[username_enumeration_prevention][type] = module
+projects[username_enumeration_prevention][subdir] = "contrib"
+projects[username_enumeration_prevention][version] = 1.0-beta1
+
+projects[password_policy][type] = module
+projects[password_policy][subdir] = "contrib"
+projects[password_policy][download][url] = https://git.drupal.org/project/security_review.git
+projects[password_policy][download][revision] = bba8e0bd1542ffde651d0b8ff95ff5cea69d06ba
+projects[password_policy][download][branch] = 8.x-3.x
+
+projects[seckit][type] = module
+projects[seckit][subdir] = "contrib"
+projects[seckit][version] = 1.0-alpha2
+
+projects[security_review][type] = module
+projects[security_review][subdir] = "contrib"
+projects[security_review][download][url] = https://git.drupal.org/project/security_review.git
+projects[security_review][download][revision] = 35ebae445bb260e961e47c4c58efe7c50c228999
+projects[security_review][download][branch] = 8.x-1.x
+
;;;;;;;;;;;;;;;;;;;;;
;; Contrib modules for Varbase hero slider media
;;;;;;;;;;;;;;;;;;;;;
@@ -202,10 +226,6 @@ projects[slick_views][type] = module
projects[slick_views][subdir] = "contrib"
projects[slick_views][version] = 1.0-rc2
-projects[inline_entity_form][type] = module
-projects[inline_entity_form][subdir] = "contrib"
-projects[inline_entity_form][version] = 1.0-beta1
-
;;;;;;;;;;;;;;;;;;;;;
;; Contrib modules for varbase carousels.
;;;;;;;;;;;;;;;;;;;;;
diff --git a/modules/varbase_features/varbase_security/config/install/password_policy.password_policy.default_policy.yml b/modules/varbase_features/varbase_security/config/install/password_policy.password_policy.default_policy.yml
new file mode 100644
index 0000000000000000000000000000000000000000..6c63a90594b322fe9968056f95fb50973f51ec20
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/password_policy.password_policy.default_policy.yml
@@ -0,0 +1,24 @@
+id: default_policy
+label: 'Default policy'
+password_reset: 90
+langcode: en
+policy_constraints:
+ -
+ id: password_policy_history_constraint
+ history_repeats: '0'
+ -
+ id: password_username
+ disallow_username: true
+ -
+ id: password_length
+ character_length: 12
+ character_operation: minimum
+ -
+ id: character_types
+ character_types: 4
+roles:
+ authenticated: authenticated
+ editor: editor
+ content_admin: content_admin
+ site_admin: site_admin
+ administrator: administrator
diff --git a/modules/varbase_features/varbase_security/config/install/seckit.settings.yml b/modules/varbase_features/varbase_security/config/install/seckit.settings.yml
new file mode 100644
index 0000000000000000000000000000000000000000..dfe54b719123882919bf950325889f9487a03a6d
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/seckit.settings.yml
@@ -0,0 +1,41 @@
+seckit_xss:
+ csp:
+ checkbox: false
+ report-only: false
+ default-src: ''
+ script-src: ''
+ object-src: ''
+ img-src: ''
+ media-src: ''
+ frame-src: ''
+ child-src: ''
+ font-src: ''
+ connect-src: ''
+ report-uri: report-csp-violation
+ policy-uri: ''
+ style-src: ''
+ x_xss:
+ seckit_x_xss_option_disable: Disabled
+ seckit_x_xss_option_0: '0'
+ seckit_x_xss_option_1: 1;
+ seckit_x_xss_option_1_block: '1; mode=block'
+ select: 0
+ x_content_type:
+ checkbox: true
+seckit_csrf:
+ origin: false
+ origin_whitelist: ''
+seckit_clickjacking:
+ js_css_noscript: false
+ noscript_message: 'Sorry, you need to enable JavaScript to visit this website.'
+ x_frame: '1'
+ x_frame_allow_from: ''
+seckit_ssl:
+ hsts: false
+ hsts_subdomains: false
+ hsts_max_age: 1000
+ hsts_preload: false
+seckit_various:
+ from_origin: false
+ from_origin_destination: same
+ disable_autocomplete: true
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-admin_permissions.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-admin_permissions.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b7fd5f0be8a385a1df4014c94e1732661cf70e50
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-admin_permissions.yml
@@ -0,0 +1 @@
+id: security_review-admin_permissions
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-error_reporting.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-error_reporting.yml
new file mode 100644
index 0000000000000000000000000000000000000000..cd59a60ed8ef4e41d501e0353eafb261e35bf53e
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-error_reporting.yml
@@ -0,0 +1 @@
+id: security_review-error_reporting
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-executable_php.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-executable_php.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8fb06fbc9a6d25728460fb357d05d7d47b74ffbf
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-executable_php.yml
@@ -0,0 +1 @@
+id: security_review-executable_php
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-failed_logins.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-failed_logins.yml
new file mode 100644
index 0000000000000000000000000000000000000000..09d30ccef14df0ff35fa69732ac497d85a21e256
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-failed_logins.yml
@@ -0,0 +1 @@
+id: security_review-failed_logins
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-field.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-field.yml
new file mode 100644
index 0000000000000000000000000000000000000000..fc9d14af1b3f9912fc689003a17dfaa5f32df05a
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-field.yml
@@ -0,0 +1 @@
+id: security_review-field
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-file_perms.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-file_perms.yml
new file mode 100644
index 0000000000000000000000000000000000000000..6ab39814fa79c09ac0fe75f66568808301fc71a1
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-file_perms.yml
@@ -0,0 +1 @@
+id: security_review-file_perms
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-input_formats.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-input_formats.yml
new file mode 100644
index 0000000000000000000000000000000000000000..0f17f697f4321e2428c0103b39442bf447a4b9ba
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-input_formats.yml
@@ -0,0 +1 @@
+id: security_review-input_formats
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-private_files.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-private_files.yml
new file mode 100644
index 0000000000000000000000000000000000000000..29a6995d110c6707a8af7ba8934b688085986a8b
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-private_files.yml
@@ -0,0 +1 @@
+id: security_review-private_files
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-query_errors.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-query_errors.yml
new file mode 100644
index 0000000000000000000000000000000000000000..00cacb6540842930ba17bfc41ba299322db334d5
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-query_errors.yml
@@ -0,0 +1 @@
+id: security_review-query_errors
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-temporary_files.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-temporary_files.yml
new file mode 100644
index 0000000000000000000000000000000000000000..691d66c986e1e75defb9c96f555a0407645f12d1
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-temporary_files.yml
@@ -0,0 +1 @@
+id: security_review-temporary_files
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-trusted_hosts.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-trusted_hosts.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f2d542d4eb86d5a4d132cdf9cd9d40d36152ffaf
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-trusted_hosts.yml
@@ -0,0 +1,3 @@
+id: security_review-trusted_hosts
+settings:
+ method: token
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-upload_extensions.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-upload_extensions.yml
new file mode 100644
index 0000000000000000000000000000000000000000..3d0ea55fce751023738d4880405d71cebde6c1f3
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-upload_extensions.yml
@@ -0,0 +1 @@
+id: security_review-upload_extensions
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-views_access.yml b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-views_access.yml
new file mode 100644
index 0000000000000000000000000000000000000000..19fdb810ccc1a0c8d6bee2d8d435ce133230ca6f
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.check.security_review-views_access.yml
@@ -0,0 +1 @@
+id: security_review-views_access
diff --git a/modules/varbase_features/varbase_security/config/install/security_review.settings.yml b/modules/varbase_features/varbase_security/config/install/security_review.settings.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5d3a6a62a2c58cf72538c8e91398e1205f8e0ec4
--- /dev/null
+++ b/modules/varbase_features/varbase_security/config/install/security_review.settings.yml
@@ -0,0 +1,5 @@
+configured: true
+untrusted_roles:
+ - anonymous
+log: true
+last_run: 1487510030
diff --git a/modules/varbase_features/varbase_security/varbase_security.features.yml b/modules/varbase_features/varbase_security/varbase_security.features.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4392d744831957a43b84739d86731b703caf60a7
--- /dev/null
+++ b/modules/varbase_features/varbase_security/varbase_security.features.yml
@@ -0,0 +1,8 @@
+bundle: varbase
+excluded:
+ - field.field.user.user.field_last_password_reset
+ - field.field.user.user.field_password_expiration
+ - field.storage.user.field_last_password_reset
+ - field.storage.user.field_password_expiration
+ - core.entity_form_display.user.user.default
+required: true
diff --git a/modules/varbase_features/varbase_security/varbase_security.info.yml b/modules/varbase_features/varbase_security/varbase_security.info.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8a9879cf8cadb5dfb09583a6994e5e4cbdc096a8
--- /dev/null
+++ b/modules/varbase_features/varbase_security/varbase_security.info.yml
@@ -0,0 +1,14 @@
+name: 'Varbase security'
+description: 'Manages general security configurations, with password policy, username enumeration prevention, security kit and review.'
+type: module
+core: 8.x
+dependencies:
+ - datetime
+ - field
+ - password_policy
+ - seckit
+ - security_review
+ - user
+ - username_enumeration_prevention
+version: 8.x-4.0
+package: Varbase