Drupal (pronunciation: /ˈdruːpəl/) is a free and open source content management system (CMS) written in PHP and distributed under the GNU General Public License.It is used as a back-end system for at least 1% of all websites worldwide  ranging from personal blogs to larger corporate and political sites including whitehouse.gov and data.gov.uk. It is also used for knowledge management and business collaboration.

The standard release of Drupal, known as Drupal core, contains basic features common to most CMSs. These include user account registration and maintenance, menu management, RSS-feeds, page layout customization, and system administration. The Drupal core installation can be used as a brochureware website, a single- or multi-user blog, an Internet forum, or a community website providing for user-generated content.

Over 6000 (as of October 2010) free community-contributed addons, known as contrib modules, are available to alter and extend Drupal's core capabilities and add new features or customize Drupal's behavior and appearance. Because of this plug-in extensibility and modular design, Drupal is sometimes described as a content management framework Drupal is also described as a web application framework, as it meets the generally accepted feature requirements for such frameworks.

Although Drupal offers a sophisticated programming interface for developers, no programming skills are required for basic website installation and administration.

Drupal runs on any computing platform that supports both a web server capable of running PHP 4.4.0+ (including Apache, IIS, Lighttpd, and nginx) and a database (such as MySQL, PostgreSQL or SQLite) to store content and settings. Starting from Drupal 7, PHP 5.2 or higher is a requirement.

Hacked

Your Drupal website can be hacked due to an outdated Drupal installation, outdated modules, or compromised FTP credentials. When a Drupal website is hacked, the hack is used to insert malicious code that performs one or more harmful activities. Hacks can have a serious impact on the traffic that your website receives. A hack that distributes malware can cause the website to be blocked from visitors and a hack that inserts spam can cause the website's search rankings to drop or cause the website to be removed from Google's search engine. If your Drupal website has been hacked we can clean it up for you and work with you to secure it against a future hack.

Some of the most prevalent activities preformed by the malicious code are inserting hidden spam links in the website's pages, creating spam pages, redirecting visitors to another website, and attempting to install malware on the computer of visitors to the website. When a Drupal website is hacked, the inserted code may perform one or several different activities. When the hack inserts hidden spam links or creates spam pages, your search rankings can drop significantly and Google may remove it from their search engine's index if they detect hidden text, cloaking, or other violations of their quality guidelines.

If Google has removed the website they will place a "Notice of Suspected Hacking" message in their Webmaster Tools indicating that this has been done. When the hack inserts code that attempts to infect the computers of visitors to the website with a virus, trojan horse, drive-by download, or other type of malware (malicious software), not only could your visitor's computers become infected but your website may also be blocked from visitors. The website may be flagged and blocked in the Internet Explorer ("This website has been reported as unsafe"), Firefox ("Reported Attack Site!"), Safari ("Warning: Visiting this site may harm your computer"), Chrome ("Warning: Visiting this site may harm your computer!"), and Opera ("Fraud Warning") web browsers.

It may also be flagged and blocked in the Google ("This site may harm your computer."), Yahoo ("Warning: Hacking Risks"), and or Bing search engines as well as Google's AdWords advertising service and Twitter ("unsafe link"). The hacker can also place a backdoor script that allows them remote access to the website to make future changes to it.

The hacks can be hidden in a variety of places and might only be active when the website is visited in a particular way. The hacks may be located in Drupal files, modules, templates, or the database. The most common form of malware infection places an iframe or JavaScript code into the website's pages. When the code inserts hidden spam links, these links may only be in the page if the request comes from a crawler for a search engine. When the code redirects a visitor or attempts to infect a visitor's computer with malware, the attempt may only occur if a visitor comes to the website through Google or another search engine.