Drupal should be configured for module lifecycle control, trusted host policy, and role-based editorial access.
Drupal uses several key configuration files:
| File | Purpose | Location |
|---|---|---|
settings.php |
Main configuration (database, system settings) | sites/default/ |
services.yml |
Service container configuration | sites/default/ |
.htaccess |
Apache configuration | Web root |
Edit sites/default/settings.php for core settings:
<?php
// Database configuration
$databases['default']['default'] = [
'database' => 'drupal',
'username' => 'drupal',
'password' => 'replace-with-strong-password',
'host' => '127.0.0.1',
'port' => '3306',
'driver' => 'mysql',
'prefix' => '',
];
// Trusted host patterns (security)
$settings['trusted_host_patterns'] = [
'^drupal\.example\.com$',
'^www\.drupal\.example\.com$',
];
// Hash salt (generate unique value)
$settings['hash_salt'] = 'unique-random-string-here';
// File paths
$settings['file_private_path'] = '/var/www/drupal-site/private';
$settings['file_temp_path'] = '/tmp';
// Reverse proxy settings (if behind CDN/load balancer)
$settings['reverse_proxy'] = TRUE;
$settings['reverse_proxy_addresses'] = ['127.0.0.1'];
Set correct file permissions for security:
# Directories: 755
find /var/www/drupal-site -type d -exec chmod 755 {} \;
# Files: 644
find /var/www/drupal-site -type f -exec chmod 644 {} \;
# settings.php: 444 (read-only)
chmod 444 /var/www/drupal-site/sites/default/settings.php
# sites/default directory: 755
chmod 755 /var/www/drupal-site/sites/default
# Set ownership (adjust for your web server)
sudo chown -R www-data:www-data /var/www/drupal-site
Drupal uses a configuration management system for exporting/importing site config:
# Export configuration to files
drush config:export
# Import configuration from files
drush config:import
# Check configuration status
drush config:status
Back up:
Recovery test:
Squeezing every bit of performance from your Drupal installation? Our experts help with:
Optimize your setup: office@linux-server-admin.com | Contact Us