...
Restrict the access to some important files like authorize.php
, cron.php
, install.php
, update.php
using the .htaccess
for non-Pantheon sites.
Code Block |
---|
<FilesMatch "(authorize|cron|install|upgrade)\.php"> Order deny, allow deny from all Allow from 127.0.0.1 </FilesMatch> |
...
It’s always easier to add a new permission to a user role than removing some after they are used to what they had before.
11. Protect multidev environments
Setup a password for multidev environments with password protection at all times as well as dev and test environments.