An article posted at http://justinhileman.info/blog/2007/06/a-more-secure-drupal-multisite-in... give details of a method of installing Drupal sites with some security features superior to the traditional way of creating Drupal [multi-site] installations. The critical freatue is that install scripts, includes, site configurations and database passwords are kept out of web accessible directories. The drawback is that several symlinks to the Drupal install directory, and to the files and the sites directories have to be created and maintained, thereby, making installation more time consuming and tedious.
This forum topic allows users to share experiences as well as views as to the pros and cons of this type of Drupl install
By ahales on
Comments
(no title)
Interesting, I will give it a closer look.
My first thought however is that if you symlink to a directory which is outside your web root, then that directory does become accessible from the Web.
/home/user/private_dir
/home/user/public_html/symlink_to_private_dir
Now private_dir is accessible to a browser.
absolutely right. but in
absolutely right. but in this case we're symlinking to
/home/user/private_dir/files,/home/user/private_dir/themes, etc... i.e. only the subfolders we want to have web accessible :)what about this
what if you just add an .htaccess file in each of your site directories under sites/ something to this effect:
(i placed this in sites/example.com/)
does this not prevent the viewing of files from one domain on another?
Not sure. How does this
Not sure. How does this prevent a user from using the correct domain, example.com, to browse to a file?
it doesn't
it doesn't, but if you were on the correct domain drupal never prevents you from doing that without using another .htaccess line to deny all, then you have to run your site in "private" file mode.
when i read the article in question, it seemed like that was one of their bigger complaints with a default drupal multisite: the ability to view anything in one site's folder from another site. the notion of being "safer" outside a webdir with symlinks than with .htaccess or directory directives in the httpd.conf, is a separate one and open to debate i think.
i personally also include a line at the top of my settings.php that dies if the servername is incorrect to prevent the site from being seen on say, cpanel's intermediary subdomains, or from the www subdomain, etc.
this rewrite rule doesn't work
after further testing i don't think this rewrite rule works properly. i am testing this version now which seems to work:
also, the die() in the settings.php is mostly useless, since anything not named correctly (besides the www. prefix) will go to default, so instead i placed a settings.php in default/ which is an unconditional die().
also, to ALLOW the www prefix, you need another line:
but after trying this on a few sites, i notice some problems with imagecache...