A well-maintained server isn’t likely to fall victim to this attack. There are two main points that can be strengthened to frustrate intruders.
First, keep all server software up to date. The Drupalgeddon vulnerability and patch are nearly two years old. A regularly updated CMS won't be open to the attack. Likewise, Web server software, plugins, PHP versions, themes, and modules need to be kept up to date.
System management is imperfect, of course. It's always possible to let updates and protections slip. Sometimes software can't be updated because of dependencies or the limitations of an old machine. New vulnerabilities are constantly discovered, and you can't always patch them before someone exploits them. For comprehensive Web security, you should have Quttera's
ThreatSign Website Protection & Malware Cleanup. Its Web Application Firewall blocks hostile requests, including Drupalgeddon injection attempts. The ThreatSign monitoring service looks for signs of improper activity and will discover connections to remote command and control servers.
Every website is a target for online criminals. Quttera ThreatSign helps you to stay safe from their attacks. Multiple plans are available to suit your budget and security requirements.