5 Jan
2006
5 Jan
'06
7:29 p.m.
1. Security. Separate public files from non-public files and make it easy to move all non-public files out of the document root.
That is a good idea, and I think this is what Ted (ma3verik) was saying all along. This makes part of Drupal live above DocumentRoot, mainly code (includes, modules), as well as configuration (settings.php). CSS stuff has to be under DocumentRoot still. There will be implications if we take this too far though, for example, if a module has .css files in it, then do we separate the .module from .css in different directories? This would then make installation a pain since files have to be copied elsewhere.