Drupal hardening for active deployment

Question

Are there any special security measures when deploying a Drupal site on a production server?

For example: I can display that we need to remove install.php from the root directory. Are there any other actions?

Or a module may be available that checks the site for “world readiness”

+5

wasigh Aug 20 '09 at 14:10

6 answers

Jeremy French · Answer 1 · 2009-08-20T15:42:31+0000

The status report http: // your-site / admin / reports / status will tell you something is wrong.

, .

greggles drupal, .

bjeavons · Answer 2 · 2011-04-22T04:22:03+0000

:

Cheekysoft · Answer 3 · 2009-08-20T15:39:58+0000

, update.php .

(re) / webroot

, , . , CHANGELOG.txt ..

, cron.php . , , .

, .inc PHP.

Aborto virtuale de la veritano · Answer 4 · 2010-06-28T23:53:32+0000

, , drupal , - drupal ! , drupal , , - . , drupal , , , Drupal. , Drupal, - , (, drupal.) , "" " ", drupals . , - .

fureigh · Answer 5 · 2013-01-29T23:22:22+0000

Here's a great example for Drupal 7: http://www.madirish.net/242 .

Most of his suggestions also apply to Drupal 6.

Niels · Answer 6 · 2009-08-20T14:11:53+0000

You should also remove the theme registry recovery setting.

It restores your registry of topics in each folder, so it makes your site very slow.