Select Page

Drupal 7 Security Configuration

Code, Drupal, Tips

Prevent Browser caching
Put this at the top of your theme template.php file:

header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

 

Download and enable the SecKit module:
https://www.drupal.org/project/seckit
There are some nice default settings. We can review tweak these settings as part of a security review when we have more time.

Some Drupal SEO Considerations

Drupal, Tips

Some SEO features you may want to include in your Drupal website.  Here are a few notes I took after conducting an SEO review on one of my websites.

Title Tag
A title tag is the main text that describes an online document. Title elements have long been considered one of the most important on-page SEO elements (the most important being overall content), and appear in three key places: browsers, search engine results pages, and external websites.

Here are my personal preferences for Configuration > Site information:

  • Site name: Project Name | ASU
    The page title will the render as [Page Title] | Project Name | ASU.

Metatag Description and Keywords
While most search engines now ignore the metatag keywords but the page description is still very important.  I add a teaser field to a node which I use to generate this content. Install the Metatag module.

  • Install the Metatag module with the follow submodules enabled: Metatag, Metatag verification (see below)
  • Click configuration on Metatag.
    • Global > Content select the Override link.
    • Set the Description field to your custom field in my case it is [node:field_news_teaser].
  • Site Ownership Verification
    • Enable the module Metatag verification (part of the Metatag package)
    • Follow the HOWTO links available on the documentation: https://www.drupal.org/node/1774342

XML Sitemap
The XML sitemap module creates a sitemap that conforms to the sitemaps.org specification. This helps search engines to more intelligently crawl a website and keep their results up to date. The sitemap created by the module can be automatically submitted to Ask, Google, Bing (formerly Windows Live Search), and Yahoo! search engines.

  • Enable the following modules included in the package: XML sitemap, XML sitemap custom, XML sitemap engines, XML sitemap menu, XML sitemap node
  • Update your content types to rank the priority of each: Structure > Content Types > Click Edit on your content type you want to be included in the site map.
  • On the bottom configuration tabs you will click XML sitemap. Use the following settings
    • Inclusion: Included
      This indicates that this content type will be included in the site map.
    • Default priority: 0.5 normal
      The priority is the importance value of your content. Basic pages I leave at the default 0.5 normal setting. News I rank at that same value. On one website I rank Research Centers at 0.8 because this content type is the most important for the website. The default setting for the home page is 1.0 which is the highest importance.
  • Configuration Settings: Go to Configuration > Search and Metadata Section > XML sitemap and review the settings. If everything looks good you can click Rebuild Links and run that to get your initial sitemap built.
  • Click the Search Engines tab and click the Bing and Google checkboxes and save the submission settings.

Copy Drupal site to local Dev

Drupal, Tips

Local Development Environment: MAMP Pro

  1. Download a copy of your drupal public folder to your computer.
  2. Export a copy of your database.
  3. Create the database on your local machine.  Import your database from the file you just downloaded. For larger databases please reference my blog post about how to increase the memory allowance on MAMP.
  4. Copy the drupal root folder into your MAMP htdocs folder. Rename it to “dev.websitename” to keep things organized.
  5. Create your MAMP Host entries so your site will load at “http://websitename.local:8888”.
  6. Files to update:
    • .htaccess – update all references to the live URL and update them to your local URL.
    • settings.php – update all references to the live URL to your local URL. Set $cookie_domain to “localhost”.
      • update database settings
      • $base_url = “http://websitename.local:8888”
      • $cookie_domain = “localhost”
  7. Launch your site and everything should be working as expected.

Reset Bootstrap Padding/Margins for Theming

Code, Drupal, Theming

I use Twitter Bootstrap as a base theme for most of my sites in Drupal.  There are a ton of build in features that make theming a quick and enjoyable process.  One thing that bugs me is the default padding and margin settings.  They are a headache to deal with so here is a CSS reset to remove some of the more annoying settings.

Place this at the start of your custom CSS file and set your own padding/margins!

html,body {
  height: 100%; margin: 0px; padding: 0px; }

#navbar {
  margin-bottom:0; }

.alert {
  border-radius: 0; }

.container {
  width:100%;
  padding-right: 0;
  padding-left: 0;
  margin-right: auto;
  margin-left: auto; }

.col-xs-1, .col-sm-1, .col-md-1, .col-sm-1, 
.col-xs-2, .col-sm-2, .col-md-2, .col-sm-2, 
.col-xs-3, .col-sm-3, .col-md-3, .col-sm-3, 
.col-xs-4, .col-sm-4, .col-md-4, .col-sm-4, 
.col-xs-5, .col-sm-5, .col-md-5, .col-sm-5, 
.col-xs-6, .col-sm-6, .col-md-6, .col-sm-6, 
.col-xs-7, .col-sm-7, .col-md-7, .col-sm-7, 
.col-xs-8, .col-sm-8, .col-md-8, .col-sm-8, 
.col-xs-9, .col-sm-9, .col-md-9, .col-sm-9, 
.col-xs-10, .col-sm-10, .col-md-10, .col-sm-10, 
.col-xs-11, .col-sm-11, .col-md-11, .col-sm-11, 
.col-xs-12, .col-sm-12, .col-md-12, .col-sm-12 {
  position: relative;
  height:100%;
  min-height: 1px;
  padding-right: 0;
  padding-left: 0; }

.row {
  margin-right: 0;
  margin-left: 0; }

.footer {
  margin-top: 0;
  padding-top: 0;
  padding-bottom: 0;
  border-top: none; }

.panel {
  border:none; }