Skip to content
/ drupal-composer-paranoia-acquia Public

Experimental Composer plugin to improve the security of composer-based Drupal projects by moving all PHP files out of docroot for Acquia environments.

License

GPL-2.0 license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jkribeiro/drupal-composer-paranoia-acquia

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
src
src
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

Drupal Composer paranoia mode for Acquia Cloud environments

Composer plugin for improving the website security for composer-based Drupal projects by moving all PHP files out of docroot, for Acquia environments.

This plugin has the dependency of the drupal-paranoia plugin, performing additional installation steps to run the paranoia mode on Acquia Cloud environments.

Would like to know more about it?

Configuration

Make sure you have a drupal-composer/drupal-project-based project created.

Rename your Acquia repo docroot directory to app.

mv docroot app

Update the composer.json of your root package with the following changes:

"extra": {
    "installer-paths": {
        "app/core": ["type:drupal-core"],
        "app/libraries/{$name}": ["type:drupal-library"],
        "app/modules/contrib/{$name}": ["type:drupal-module"],
        "app/profiles/contrib/{$name}": ["type:drupal-profile"],
        "app/themes/contrib/{$name}": ["type:drupal-theme"],
        "drush/contrib/{$name}": ["type:drupal-drush"]
    },
    "drupal-paranoia": {
        "app-dir": "app",
        "web-dir": "docroot"
    }
    "..."
}

Use composer require ... to install this Plugin on your project.

composer require jkribeiro/drupal-composer-paranoia-acquia:~1

Run the following commands to make sure that the new folders are installed:

composer drupal:paranoia
composer drupal:paranoia-acquia

Done! Plugin and new docroot are now installed.

Folder structure

Your project now is basically structured on two folders.

  • app: Contains the files and folders of the full Drupal installation.
  • docroot: Contains only the symlinks of the assets files and the PHP stub files from the app folder.

Every time that you install or update a Drupal package via Composer, the docroot folder is automatically recreated.

If necessary, you can rebuild it manually, running the command

composer drupal:paranoia

This could be necessary when updating themes images, CSS and JS files.

Last step is to commit and push the changes to Acquia Cloud git repository.

About

Experimental Composer plugin to improve the security of composer-based Drupal projects by moving all PHP files out of docroot for Acquia environments.

Topics

security composer drupal drupal-8

Resources

Readme

License

GPL-2.0 license
Activity

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

4 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages