jkribeiro / drupal-composer-paranoia-acquia
Composer plugin to improve the security of composer-based Drupal projects by moving all PHP files out of docroot for Acquia Environments.
Installs: 1 476 903
Dependents: 0
Suggesters: 0
Security: 0
Stars: 3
Watchers: 0
Forks: 1
Open Issues: 0
Type:composer-plugin
Requires
- php: >=5.4.5
- composer-plugin-api: ^1.1 || ^2
- drupal-composer/drupal-paranoia: ~1
Requires (Dev)
- composer/composer: dev-master
This package is auto-updated.
Last update: 2024-04-09 22:00:39 UTC
README
Composer plugin for improving the website security for composer-based Drupal projects by moving all PHP files out of docroot, for Acquia environments.
This plugin has the dependency of the drupal-paranoia plugin, performing additional installation steps to run the paranoia mode on Acquia Cloud environments.
Would like to know more about it?
- https://github.com/drupal-composer/drupal-paranoia
- Moving all PHP files out of the docroot
- #1672986: Option to have all php files outside of web root
- Remote Code Execution - SA-CONTRIB-2016-039
- https://twitter.com/drupalsecurity/status/753263548458004480
Configuration
Make sure you have a drupal-composer/drupal-project-based project created.
Rename your Acquia repo docroot directory to app.
mv docroot app
Update the composer.json of your root package with the following changes:
"extra": { "installer-paths": { "app/core": ["type:drupal-core"], "app/libraries/{$name}": ["type:drupal-library"], "app/modules/contrib/{$name}": ["type:drupal-module"], "app/profiles/contrib/{$name}": ["type:drupal-profile"], "app/themes/contrib/{$name}": ["type:drupal-theme"], "drush/contrib/{$name}": ["type:drupal-drush"] }, "drupal-paranoia": { "app-dir": "app", "web-dir": "docroot" } "..." }
Use composer require ... to install this Plugin on your project.
composer require jkribeiro/drupal-composer-paranoia-acquia:~1
Run the following commands to make sure that the new folders are installed:
composer drupal:paranoia
composer drupal:paranoia-acquia
Done! Plugin and new docroot are now installed.
Folder structure
Your project now is basically structured on two folders.
- app: Contains the files and folders of the full Drupal installation.
- docroot: Contains only the symlinks of the assets files and the PHP stub files from the
appfolder.
Every time that you install or update a Drupal package via Composer, the docroot folder is automatically recreated.
If necessary, you can rebuild it manually, running the command
composer drupal:paranoia
This could be necessary when updating themes images, CSS and JS files.
Last step is to commit and push the changes to Acquia Cloud git repository.