Multisite recommendation for install files, etc.

Events happening in the community are now at Drupal community events on www.drupal.org.
Posted by billp44ruby on February 3, 2016 at 10:45pm

I'm curious as to what the best practice recommendations are for maintaining files like install.php, update.php on a multisite server. I'm adding new sites to the installation frequently, but I understand leaving them out there presents somewhat of a security risk that I'd rather not have.

What do others do with these files between site installations?

Comments

Keep install.php and

Posted by Slovak on February 4, 2016 at 2:50pm

Keep install.php and update.php in the drupal root. Then limit access to those files as desired via nginx/apache config. You can lock it down to a specified IP address, or block access altogether and only remove it when needed. If you're using drush, you generally would not need to access those files via the browser.

Multisite

Group organizers

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds:

AltStyle によって変換されたページ (->オリジナル) /