Just reading the INSTALL.TXT file for Drupal 7.x , and it says this:
7. Revoke documentation file permissions (optional).
Some administrators suggest making the documentation files, especially CHANGELOG.txt, non-readable so that the exact version of Drupal you are running is slightly more difficult to determine. If you wish to implement this optional security measure, from a Unix/Linux command line you can use the following command:
chmod a-r CHANGELOG.txt
Note that the example only affects CHANGELOG.txt. To completely hide all documentation files from public view, repeat this command for each of the Drupal documentation files in the installation directory, substituting the name of each file for CHANGELOG.txt in the example.
For more information on setting file permissions, see
"Modifying Linux, Unix, and Mac file permissions" (http://drupal.org/node/202483) or "Modifying Windows file permissions" (http://drupal.org/node/202491)
in the Drupal.org online documentation.
Surely, would it not be smarter and cleaner to just move all the .txt files to a separate directory called 'docs', and then add a robot.txt exclusion rule to stop these from being indexed by search engines?
I always unpack to a /Downloads/app-name/version/ directory, and unpack from there, and then copy only the files I want to the Apache DocumentRoot subdirectory.
Kind Regards,
Keith Roberts
----------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------
On Wed, Sep 26, 2012 at 2:08 PM, Keith Roberts wrote:
Surely, would it not be smarter and cleaner to just move all the .txt files to a separate directory called 'docs', and then add a robot.txt exclusion rule to stop these from being indexed by search engines?
That doesn't stop the knowing cracker. And robots.txt is already cognizant of the documentation files.
On Wed, 26 Sep 2012, Earnie Boyd wrote:
To: support@drupal.org From: Earnie Boyd earnie@users.sourceforge.net Subject: Re: [support] Documents Location
On Wed, Sep 26, 2012 at 2:08 PM, Keith Roberts wrote:
Surely, would it not be smarter and cleaner to just move all the .txt files to a separate directory called 'docs', and then add a robot.txt exclusion rule to stop these from being indexed by search engines?
That doesn't stop the knowing cracker. And robots.txt is already cognizant of the documentation files.
Good point Earnie.
But do you need the .txt files uploaded to the web server anyway?
Keith
----------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------
On Wed, Sep 26, 2012 at 3:32 PM, Keith Roberts wrote:
On Wed, 26 Sep 2012, Earnie Boyd wrote:
On Wed, Sep 26, 2012 at 2:08 PM, Keith Roberts wrote:
Surely, would it not be smarter and cleaner to just move all the .txt files to a separate directory called 'docs', and then add a robot.txt exclusion rule to stop these from being indexed by search engines?
That doesn't stop the knowing cracker. And robots.txt is already cognizant of the documentation files.
Good point Earnie.
But do you need the .txt files uploaded to the web server anyway?
That depends on ones workflow. I typically have an ssh session to extract the tarball. I would find it easiest with an ftp client to just upload everything recursively but I could remove them before hand. Maybe one day drush can be helpful here to set the files permissions appropriately (if it doesn't already) as well as perhaps use sftp to upload the files for you.
-
Earnie Boyd -
Keith Roberts