Review: Firefox Hardening Baselines from Red-Team Tradecraft for Drupal/WordPress Admin and AI Coding Workflows
· 5 min read
Most CMS incidents do not start with an RCE in Drupal core or WordPress core. They start with a browser session on a privileged laptop.
If your admins, release engineers, and AI-assisted developers live inside browser tabs all day, your browser is part of your production control plane.
This review translates common red-team browser attack methods into concrete Firefox baselines you can enforce for Drupal and WordPress environments.