# Varbase Security Manages general security configurations, with password policy, username enumeration prevention, security kit and review. ## Varbase Security Module {% hint style="info" %} Varbase security features are bundled through the **Varbase Security** module as part of the **Varbase Core** module.\ GitHub: \ Drupal.org: After building a project using the `varbase-project` template, you can see the code of the Varbase Security module in: {% endhint %} ``` project_directory |-- docroot |-- modules |-- contrib |-- varbase_core |-- modules |-- varbase_security ``` Brings in the following core and contributed modules to your site: | Module | Purpose | | ----------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | | [**CAPTCHA**](https://www.drupal.org/project/captcha) | Provides the CAPTCHA API for adding challenges to arbitrary forms. | | [**reCAPTCHA**](https://www.drupal.org/project/recaptcha) | Protect your website from spam and abuse while letting real people pass through with ease. | | [**Honeypot**](https://www.drupal.org/project/honeypot) | Mitigates spam form submissions using the honeypot method. | | [**Antibot**](https://www.drupal.org/project/antibot) | Prevent forms from being submitted without JavaScript enabled. | | [**Password Policy**](https://www.drupal.org/project/password_policy) | Sets up constraints and expiration of passwords. | | [**Password Character Types Policy**](https://www.drupal.org/project/password_policy) | Minimum number of different character types the password must contain. | | [**Password Characters of Type Policy**](https://www.drupal.org/project/password_policy) | Minimum characters of a particular type the password must contain. | | [**Password Policy History**](https://www.drupal.org/project/password_policy) | Sets up a password constraint to limit repeated use of the same password. | | [**Password Character Length Policy**](https://www.drupal.org/project/password_policy) | Sets up a character length constraint for passwords. | | [**Password Username Policy**](https://www.drupal.org/project/password_policy) | Restrict users from having their username in their password. | | [**Security Kit**](https://www.drupal.org/project/seckit) | Enhance security of your Drupal website. | | [**Username Enumeration Prevention**](https://www.drupal.org/project/username_enumeration_prevention) | Removes the error message produced by the forgot password form,when an invalid user has been supplied. | | [**Flood control**](https://www.drupal.org/project/flood_control) | Allows configuring hidden flood control options and unblocking IP addresses and user ID's that are blocked after multiple failed login attempts. | {% content-ref url="../../../configuring-a-varbase-site/security-features" %} [security-features](https://docs.varbase.vardot.com/developers/configuring-a-varbase-site/security-features) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.varbase.vardot.com/developers/understanding-varbase/core-components/varbase-core/varbase-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.