[development] let's cleanup /misc
Karoly Negyesi
karoly at negyesi.net
Thu Jan 5 17:41:44 UTC 2006
> 1. Improve the security of a Drupal install by keeping all files
> private, except for an index.php, no module or include files should be
> accessible from a web browser
This will not increase security. If .htaccess can not protect you, why
would this? And how would we ship the tarball...? Untar this half below
documentroot and index.php to documentroot...? /me shakes head
> 2. Core modules and includes should be completely seperated from extra
> downloaded modules and themes. This should make backing up things
> easier, as you only have to back up your "custom" folder instead of
> all of the main Drupal ones
Sure thing, use site/default/modules and site/default/themes for your own
modules and themes. No need to change core.
> 3. The new structure should be multisite friendly. There should *not*
> be one files folder, but rather multiple ones, for multiple sites. You
> don't want that pr0n site on your multsite sharing the same images as
> your core business website, do you? ;-)
Opsie, what I suggested is multisite.
> Please add/revise to this so we can reach a consensus on this soon
> enough.
You need to convince me that the current is not good. I tell you, this is
not easy.
Regards
NK
More information about the development
mailing list