Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Restrict the access to some important files like authorize.php, cron.php, install.php, update.php using the .htaccess for non-Pantheon sites.

Code Block
<FilesMatch "(authorize|cron|install|upgrade)\.php">
    Order deny, allow
    deny from all
    Allow from 127.0.0.1
</FilesMatch>

...

It’s always easier to add a new permission to a user role than removing some after they are used to what they had before.

11. Protect multidev environments

Setup a password for multidev environments with password protection at all times as well as dev and test environments.