Select Page

Drupal 7 Security Configuration

Code, Drupal, Tips

Prevent Browser caching
Put this at the top of your theme template.php file:

header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

 

Download and enable the SecKit module:
https://www.drupal.org/project/seckit
There are some nice default settings. We can review tweak these settings as part of a security review when we have more time.

HTML Email Signatures

Code, Tips

Creating an HTML email signature can be a deceivingly difficult process. After having to tackle this issue a number of times this is the best method I have found to get the correct formatting.

  1. Start with a clean HTML file. You only want the divs for your signature.
  2. Save to your desktop and view it in your browser.
  3. Use in-line styles and link to external images for any logos or graphics.
  4. When the format is correct you want to use a browser on Windows and Outlook.
  5. Select the formatted details in your browser then copy and paste it into Outlook. As you know Microsoft does preserve a lot of hidden formatting when you cut and paste into their products. You may have experience headaches with Word doing a lot of crazy formatting. But in this case it is helping us preserve the formatting for your signature.
  6. Send a test email out with your updated signature and view it in various email clients to confirm the formatting is correct.

Some Drupal SEO Considerations

Drupal, Tips

Some SEO features you may want to include in your Drupal website.  Here are a few notes I took after conducting an SEO review on one of my websites.

Title Tag
A title tag is the main text that describes an online document. Title elements have long been considered one of the most important on-page SEO elements (the most important being overall content), and appear in three key places: browsers, search engine results pages, and external websites.

Here are my personal preferences for Configuration > Site information:

  • Site name: Project Name | ASU
    The page title will the render as [Page Title] | Project Name | ASU.

Metatag Description and Keywords
While most search engines now ignore the metatag keywords but the page description is still very important.  I add a teaser field to a node which I use to generate this content. Install the Metatag module.

  • Install the Metatag module with the follow submodules enabled: Metatag, Metatag verification (see below)
  • Click configuration on Metatag.
    • Global > Content select the Override link.
    • Set the Description field to your custom field in my case it is [node:field_news_teaser].
  • Site Ownership Verification
    • Enable the module Metatag verification (part of the Metatag package)
    • Follow the HOWTO links available on the documentation: https://www.drupal.org/node/1774342

XML Sitemap
The XML sitemap module creates a sitemap that conforms to the sitemaps.org specification. This helps search engines to more intelligently crawl a website and keep their results up to date. The sitemap created by the module can be automatically submitted to Ask, Google, Bing (formerly Windows Live Search), and Yahoo! search engines.

  • Enable the following modules included in the package: XML sitemap, XML sitemap custom, XML sitemap engines, XML sitemap menu, XML sitemap node
  • Update your content types to rank the priority of each: Structure > Content Types > Click Edit on your content type you want to be included in the site map.
  • On the bottom configuration tabs you will click XML sitemap. Use the following settings
    • Inclusion: Included
      This indicates that this content type will be included in the site map.
    • Default priority: 0.5 normal
      The priority is the importance value of your content. Basic pages I leave at the default 0.5 normal setting. News I rank at that same value. On one website I rank Research Centers at 0.8 because this content type is the most important for the website. The default setting for the home page is 1.0 which is the highest importance.
  • Configuration Settings: Go to Configuration > Search and Metadata Section > XML sitemap and review the settings. If everything looks good you can click Rebuild Links and run that to get your initial sitemap built.
  • Click the Search Engines tab and click the Bing and Google checkboxes and save the submission settings.

Copy Drupal site to local Dev

Drupal, Tips

Local Development Environment: MAMP Pro

  1. Download a copy of your drupal public folder to your computer.
  2. Export a copy of your database.
  3. Create the database on your local machine.  Import your database from the file you just downloaded. For larger databases please reference my blog post about how to increase the memory allowance on MAMP.
  4. Copy the drupal root folder into your MAMP htdocs folder. Rename it to “dev.websitename” to keep things organized.
  5. Create your MAMP Host entries so your site will load at “http://websitename.local:8888”.
  6. Files to update:
    • .htaccess – update all references to the live URL and update them to your local URL.
    • settings.php – update all references to the live URL to your local URL. Set $cookie_domain to “localhost”.
      • update database settings
      • $base_url = “http://websitename.local:8888”
      • $cookie_domain = “localhost”
  7. Launch your site and everything should be working as expected.

Using MAMP Pro as a Local Development Server

Code, Resources, Tips

MAMP Pro is great.  It does a number things well which helps streamline the development process. The primary reasons I use MAMP Pro is that I can pull my sites from git into my local MAMP server, import the database quickly (including large SQL files), and it renders right in my browser right away at http://dev-projectname:8888 with very little setup.  I will show you how to edit some configuration settings to get you setup and working quickly.

Setup your Dev environment:

  1. Using your Finder go to /Applications/MAMP/htdocs/ and create your Document Root folder for your project. Import your project files into this folder. Note: this htdocs folder is located at c:\MAMP\htdocs\ on the Windows version.
  2. Using MAMP Pro click the Hosts tab in MAMP Pro and click the + button on the bottom left.
  3. Add your development project details. I generally go with dev-projectname as the Server Name. This is what you will load in your browser to see your website some servers set this to localhost but I find dev-projectname is more useful for my purposes. The only other option you edit under Hosts is the Document Root which you set to the folder you created in Step 1.
  4. Click the Start icon in the top right and this gets your server running.
  5. Your website will now load in http://dev-projectname:8888.

The reason you want to use MAMP Pro is so you can develop your sites using http://dev-projectname:8888 rather than http://localhost/projectname:8888 which is a subdirectory and you run into issues with absolute URL paths. Just upgrade and use the Hosts feature. It’s so worth it.

Create/Import your Database:

  1. Click the MySQL tab and click phpMyAdmin to open that in your browser.
  2. Click the New link on the top left above the database list.
  3. Name your database dev_projectname.  You can name the database whatever you like but to keep it organized I name it the same as the Server Name I created in the first set of instructions. Note that I use an underscore for the database name and a hyphen for the project URL.
  4. Now you can import your database.
  5. Edit your website configuration files to connect to this local database.

Importing large .sql files using phpMyAdmin:  

If you are seeing this error “You probably tried to upload too large file. Please refer to documentation for ways to workaround this limit.” You need to edit your configuration files inside MAMP to import a database larger than 32MB.

  1. Go to the PHP tab in MAMP Pro.  Make note of the PHP version you are using.  I set my version to 5.6.x to match the version running on my Production Web Server.
  2. Go to File > Edit Template > PHP > select the version of PHP your server is running.  Edit the following settings and save:
    • post_max_size = 256M
    • upload_max_filesize = 256M
    • max_execution_time = 600
    • max_input_time = 600
    • memory_limit = 512M
  3. Restart your server and you should now be able to upload up to 256MB to your database.

Now that everything is running you should be able to quickly pull your sites from Github into your MAMP server; export your large database from Production and import it right into your local Dev; and have it all render at http://dev-projectname:8888 quickly. Make your edits and push your changes right onto QA and Production like a champ.

Transparent Shadow

Code, Tips

Transparent Shadow
Modify positioning (use rgba color values for transparency): http://css-shadow.com/

.shadow {
  -moz-box-shadow: 5px 5px 10px rgba(0,0,0,0.7);
  -webkit-box-shadow: 5px 5px 10px rgba(0,0,0,0.7);
  box-shadow: 5px 5px 10px rgba(0,0,0,0.7); }