root / template / d7-settings.php @ 469b9d6d
1 | 469b9d6d | Julien Enselme | <?php
|
---|---|---|---|
2 | |||
3 | /**
|
||
4 | * @file
|
||
5 | * Drupal site-specific configuration file.
|
||
6 | *
|
||
7 | * IMPORTANT NOTE:
|
||
8 | * This file may have been set to read-only by the Drupal installation program.
|
||
9 | * If you make changes to this file, be sure to protect it again after making
|
||
10 | * your modifications. Failure to remove write permissions to this file is a
|
||
11 | * security risk.
|
||
12 | *
|
||
13 | * The configuration file to be loaded is based upon the rules below. However
|
||
14 | * if the multisite aliasing file named sites/sites.php is present, it will be
|
||
15 | * loaded, and the aliases in the array $sites will override the default
|
||
16 | * directory rules below. See sites/example.sites.php for more information about
|
||
17 | * aliases.
|
||
18 | *
|
||
19 | * The configuration directory will be discovered by stripping the website's
|
||
20 | * hostname from left to right and pathname from right to left. The first
|
||
21 | * configuration file found will be used and any others will be ignored. If no
|
||
22 | * other configuration file is found then the default configuration file at
|
||
23 | * 'sites/default' will be used.
|
||
24 | *
|
||
25 | * For example, for a fictitious site installed at
|
||
26 | * http://www.drupal.org:8080/mysite/test/, the 'settings.php' file is searched
|
||
27 | * for in the following directories:
|
||
28 | *
|
||
29 | * - sites/8080.www.drupal.org.mysite.test
|
||
30 | * - sites/www.drupal.org.mysite.test
|
||
31 | * - sites/drupal.org.mysite.test
|
||
32 | * - sites/org.mysite.test
|
||
33 | *
|
||
34 | * - sites/8080.www.drupal.org.mysite
|
||
35 | * - sites/www.drupal.org.mysite
|
||
36 | * - sites/drupal.org.mysite
|
||
37 | * - sites/org.mysite
|
||
38 | *
|
||
39 | * - sites/8080.www.drupal.org
|
||
40 | * - sites/www.drupal.org
|
||
41 | * - sites/drupal.org
|
||
42 | * - sites/org
|
||
43 | *
|
||
44 | * - sites/default
|
||
45 | *
|
||
46 | * Note that if you are installing on a non-standard port number, prefix the
|
||
47 | * hostname with that number. For example,
|
||
48 | * http://www.drupal.org:8080/mysite/test/ could be loaded from
|
||
49 | * sites/8080.www.drupal.org.mysite.test/.
|
||
50 | *
|
||
51 | * @see example.sites.php
|
||
52 | * @see conf_path()
|
||
53 | */
|
||
54 | |||
55 | /**
|
||
56 | * Access control for update.php script.
|
||
57 | *
|
||
58 | * If you are updating your Drupal installation using the update.php script but
|
||
59 | * are not logged in using either an account with the "Administer software
|
||
60 | * updates" permission or the site maintenance account (the account that was
|
||
61 | * created during installation), you will need to modify the access check
|
||
62 | * statement below. Change the FALSE to a TRUE to disable the access check.
|
||
63 | * After finishing the upgrade, be sure to open this file again and change the
|
||
64 | * TRUE back to a FALSE!
|
||
65 | */
|
||
66 | $update_free_access = FALSE; |
||
67 | |||
68 | /**
|
||
69 | * Salt for one-time login links and cancel links, form tokens, etc.
|
||
70 | *
|
||
71 | * This variable will be set to a random value by the installer. All one-time
|
||
72 | * login links will be invalidated if the value is changed. Note that if your
|
||
73 | * site is deployed on a cluster of web servers, you must ensure that this
|
||
74 | * variable has the same value on each server. If this variable is empty, a hash
|
||
75 | * of the serialized database credentials will be used as a fallback salt.
|
||
76 | *
|
||
77 | * For enhanced security, you may set this variable to a value using the
|
||
78 | * contents of a file outside your docroot that is never saved together
|
||
79 | * with any backups of your Drupal files and database.
|
||
80 | *
|
||
81 | * Example:
|
||
82 | * $drupal_hash_salt = file_get_contents('/home/example/salt.txt');
|
||
83 | *
|
||
84 | */
|
||
85 | $drupal_hash_salt = ''; |
||
86 | |||
87 | |||
88 | |||
89 | /**
|
||
90 | * PHP settings:
|
||
91 | *
|
||
92 | * To see what PHP settings are possible, including whether they can be set at
|
||
93 | * runtime (by using ini_set()), read the PHP documentation:
|
||
94 | * http://www.php.net/manual/en/ini.list.php
|
||
95 | * See drupal_environment_initialize() in includes/bootstrap.inc for required
|
||
96 | * runtime settings and the .htaccess file for non-runtime settings. Settings
|
||
97 | * defined there should not be duplicated here so as to avoid conflict issues.
|
||
98 | */
|
||
99 | |||
100 | /**
|
||
101 | * Some distributions of Linux (most notably Debian) ship their PHP
|
||
102 | * installations with garbage collection (gc) disabled. Since Drupal depends on
|
||
103 | * PHP's garbage collection for clearing sessions, ensure that garbage
|
||
104 | * collection occurs by using the most common settings.
|
||
105 | */
|
||
106 | ini_set('session.gc_probability', 1); |
||
107 | ini_set('session.gc_divisor', 100); |
||
108 | |||
109 | /**
|
||
110 | * Set session lifetime (in seconds), i.e. the time from the user's last visit
|
||
111 | * to the active session may be deleted by the session garbage collector. When
|
||
112 | * a session is deleted, authenticated users are logged out, and the contents
|
||
113 | * of the user's $_SESSION variable is discarded.
|
||
114 | */
|
||
115 | ini_set('session.gc_maxlifetime', 200000); |
||
116 | |||
117 | /**
|
||
118 | * Set session cookie lifetime (in seconds), i.e. the time from the session is
|
||
119 | * created to the cookie expires, i.e. when the browser is expected to discard
|
||
120 | * the cookie. The value 0 means "until the browser is closed".
|
||
121 | */
|
||
122 | ini_set('session.cookie_lifetime', 2000000); |
||
123 | |||
124 | /**
|
||
125 | * If you encounter a situation where users post a large amount of text, and
|
||
126 | * the result is stripped out upon viewing but can still be edited, Drupal's
|
||
127 | * output filter may not have sufficient memory to process it. If you
|
||
128 | * experience this issue, you may wish to uncomment the following two lines
|
||
129 | * and increase the limits of these variables. For more information, see
|
||
130 | * http://php.net/manual/en/pcre.configuration.php.
|
||
131 | */
|
||
132 | # ini_set('pcre.backtrack_limit', 200000);
|
||
133 | # ini_set('pcre.recursion_limit', 200000);
|
||
134 | |||
135 | /**
|
||
136 | * Drupal automatically generates a unique session cookie name for each site
|
||
137 | * based on its full domain name. If you have multiple domains pointing at the
|
||
138 | * same Drupal site, you can either redirect them all to a single domain (see
|
||
139 | * comment in .htaccess), or uncomment the line below and specify their shared
|
||
140 | * base domain. Doing so assures that users remain logged in as they cross
|
||
141 | * between your various domains. Make sure to always start the $cookie_domain
|
||
142 | * with a leading dot, as per RFC 2109.
|
||
143 | */
|
||
144 | # $cookie_domain = '.example.com';
|
||
145 | |||
146 | /**
|
||
147 | * Variable overrides:
|
||
148 | *
|
||
149 | * To override specific entries in the 'variable' table for this site,
|
||
150 | * set them here. You usually don't need to use this feature. This is
|
||
151 | * useful in a configuration file for a vhost or directory, rather than
|
||
152 | * the default settings.php. Any configuration setting from the 'variable'
|
||
153 | * table can be given a new value. Note that any values you provide in
|
||
154 | * these variable overrides will not be modifiable from the Drupal
|
||
155 | * administration interface.
|
||
156 | *
|
||
157 | * The following overrides are examples:
|
||
158 | * - site_name: Defines the site's name.
|
||
159 | * - theme_default: Defines the default theme for this site.
|
||
160 | * - anonymous: Defines the human-readable name of anonymous users.
|
||
161 | * Remove the leading hash signs to enable.
|
||
162 | */
|
||
163 | # $conf['site_name'] = 'My Drupal site';
|
||
164 | # $conf['theme_default'] = 'garland';
|
||
165 | # $conf['anonymous'] = 'Visitor';
|
||
166 | |||
167 | /**
|
||
168 | * A custom theme can be set for the offline page. This applies when the site
|
||
169 | * is explicitly set to maintenance mode through the administration page or when
|
||
170 | * the database is inactive due to an error. It can be set through the
|
||
171 | * 'maintenance_theme' key. The template file should also be copied into the
|
||
172 | * theme. It is located inside 'modules/system/maintenance-page.tpl.php'.
|
||
173 | * Note: This setting does not apply to installation and update pages.
|
||
174 | */
|
||
175 | # $conf['maintenance_theme'] = 'bartik';
|
||
176 | |||
177 | /**
|
||
178 | * Reverse Proxy Configuration:
|
||
179 | *
|
||
180 | * Reverse proxy servers are often used to enhance the performance
|
||
181 | * of heavily visited sites and may also provide other site caching,
|
||
182 | * security, or encryption benefits. In an environment where Drupal
|
||
183 | * is behind a reverse proxy, the real IP address of the client should
|
||
184 | * be determined such that the correct client IP address is available
|
||
185 | * to Drupal's logging, statistics, and access management systems. In
|
||
186 | * the most simple scenario, the proxy server will add an
|
||
187 | * X-Forwarded-For header to the request that contains the client IP
|
||
188 | * address. However, HTTP headers are vulnerable to spoofing, where a
|
||
189 | * malicious client could bypass restrictions by setting the
|
||
190 | * X-Forwarded-For header directly. Therefore, Drupal's proxy
|
||
191 | * configuration requires the IP addresses of all remote proxies to be
|
||
192 | * specified in $conf['reverse_proxy_addresses'] to work correctly.
|
||
193 | *
|
||
194 | * Enable this setting to get Drupal to determine the client IP from
|
||
195 | * the X-Forwarded-For header (or $conf['reverse_proxy_header'] if set).
|
||
196 | * If you are unsure about this setting, do not have a reverse proxy,
|
||
197 | * or Drupal operates in a shared hosting environment, this setting
|
||
198 | * should remain commented out.
|
||
199 | *
|
||
200 | * In order for this setting to be used you must specify every possible
|
||
201 | * reverse proxy IP address in $conf['reverse_proxy_addresses'].
|
||
202 | * If a complete list of reverse proxies is not available in your
|
||
203 | * environment (for example, if you use a CDN) you may set the
|
||
204 | * $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
|
||
205 | * Be aware, however, that it is likely that this would allow IP
|
||
206 | * address spoofing unless more advanced precautions are taken.
|
||
207 | */
|
||
208 | # $conf['reverse_proxy'] = TRUE;
|
||
209 | |||
210 | /**
|
||
211 | * Specify every reverse proxy IP address in your environment.
|
||
212 | * This setting is required if $conf['reverse_proxy'] is TRUE.
|
||
213 | */
|
||
214 | # $conf['reverse_proxy_addresses'] = array('a.b.c.d', ...);
|
||
215 | |||
216 | /**
|
||
217 | * Set this value if your proxy server sends the client IP in a header
|
||
218 | * other than X-Forwarded-For.
|
||
219 | */
|
||
220 | # $conf['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
|
||
221 | |||
222 | /**
|
||
223 | * Page caching:
|
||
224 | *
|
||
225 | * By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page
|
||
226 | * views. This tells a HTTP proxy that it may return a page from its local
|
||
227 | * cache without contacting the web server, if the user sends the same Cookie
|
||
228 | * header as the user who originally requested the cached page. Without "Vary:
|
||
229 | * Cookie", authenticated users would also be served the anonymous page from
|
||
230 | * the cache. If the site has mostly anonymous users except a few known
|
||
231 | * editors/administrators, the Vary header can be omitted. This allows for
|
||
232 | * better caching in HTTP proxies (including reverse proxies), i.e. even if
|
||
233 | * clients send different cookies, they still get content served from the cache.
|
||
234 | * However, authenticated users should access the site directly (i.e. not use an
|
||
235 | * HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid
|
||
236 | * getting cached pages from the proxy.
|
||
237 | */
|
||
238 | # $conf['omit_vary_cookie'] = TRUE;
|
||
239 | |||
240 | /**
|
||
241 | * CSS/JS aggregated file gzip compression:
|
||
242 | *
|
||
243 | * By default, when CSS or JS aggregation and clean URLs are enabled Drupal will
|
||
244 | * store a gzip compressed (.gz) copy of the aggregated files. If this file is
|
||
245 | * available then rewrite rules in the default .htaccess file will serve these
|
||
246 | * files to browsers that accept gzip encoded content. This allows pages to load
|
||
247 | * faster for these users and has minimal impact on server load. If you are
|
||
248 | * using a webserver other than Apache httpd, or a caching reverse proxy that is
|
||
249 | * configured to cache and compress these files itself you may want to uncomment
|
||
250 | * one or both of the below lines, which will prevent gzip files being stored.
|
||
251 | */
|
||
252 | # $conf['css_gzip_compression'] = FALSE;
|
||
253 | # $conf['js_gzip_compression'] = FALSE;
|
||
254 | |||
255 | /**
|
||
256 | * String overrides:
|
||
257 | *
|
||
258 | * To override specific strings on your site with or without enabling the Locale
|
||
259 | * module, add an entry to this list. This functionality allows you to change
|
||
260 | * a small number of your site's default English language interface strings.
|
||
261 | *
|
||
262 | * Remove the leading hash signs to enable.
|
||
263 | */
|
||
264 | # $conf['locale_custom_strings_en'][''] = array(
|
||
265 | # 'forum' => 'Discussion board',
|
||
266 | # '@count min' => '@count minutes',
|
||
267 | # );
|
||
268 | |||
269 | /**
|
||
270 | *
|
||
271 | * IP blocking:
|
||
272 | *
|
||
273 | * To bypass database queries for denied IP addresses, use this setting.
|
||
274 | * Drupal queries the {blocked_ips} table by default on every page request
|
||
275 | * for both authenticated and anonymous users. This allows the system to
|
||
276 | * block IP addresses from within the administrative interface and before any
|
||
277 | * modules are loaded. However on high traffic websites you may want to avoid
|
||
278 | * this query, allowing you to bypass database access altogether for anonymous
|
||
279 | * users under certain caching configurations.
|
||
280 | *
|
||
281 | * If using this setting, you will need to add back any IP addresses which
|
||
282 | * you may have blocked via the administrative interface. Each element of this
|
||
283 | * array represents a blocked IP address. Uncommenting the array and leaving it
|
||
284 | * empty will have the effect of disabling IP blocking on your site.
|
||
285 | *
|
||
286 | * Remove the leading hash signs to enable.
|
||
287 | */
|
||
288 | # $conf['blocked_ips'] = array(
|
||
289 | # 'a.b.c.d',
|
||
290 | # );
|
||
291 | |||
292 | /**
|
||
293 | * Fast 404 pages:
|
||
294 | *
|
||
295 | * Drupal can generate fully themed 404 pages. However, some of these responses
|
||
296 | * are for images or other resource files that are not displayed to the user.
|
||
297 | * This can waste bandwidth, and also generate server load.
|
||
298 | *
|
||
299 | * The options below return a simple, fast 404 page for URLs matching a
|
||
300 | * specific pattern:
|
||
301 | * - 404_fast_paths_exclude: A regular expression to match paths to exclude,
|
||
302 | * such as images generated by image styles, or dynamically-resized images.
|
||
303 | * If you need to add more paths, you can add '|path' to the expression.
|
||
304 | * - 404_fast_paths: A regular expression to match paths that should return a
|
||
305 | * simple 404 page, rather than the fully themed 404 page. If you don't have
|
||
306 | * any aliases ending in htm or html you can add '|s?html?' to the expression.
|
||
307 | * - 404_fast_html: The html to return for simple 404 pages.
|
||
308 | *
|
||
309 | * Add leading hash signs if you would like to disable this functionality.
|
||
310 | */
|
||
311 | $conf['404_fast_paths_exclude'] = '/\/(?:styles)\//'; |
||
312 | $conf['404_fast_paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i'; |
||
313 | $conf['404_fast_html'] = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>'; |
||
314 | |||
315 | /**
|
||
316 | * By default the page request process will return a fast 404 page for missing
|
||
317 | * files if they match the regular expression set in '404_fast_paths' and not
|
||
318 | * '404_fast_paths_exclude' above. 404 errors will simultaneously be logged in
|
||
319 | * the Drupal system log.
|
||
320 | *
|
||
321 | * You can choose to return a fast 404 page earlier for missing pages (as soon
|
||
322 | * as settings.php is loaded) by uncommenting the line below. This speeds up
|
||
323 | * server response time when loading 404 error pages and prevents the 404 error
|
||
324 | * from being logged in the Drupal system log. In order to prevent valid pages
|
||
325 | * such as image styles and other generated content that may match the
|
||
326 | * '404_fast_html' regular expression from returning 404 errors, it is necessary
|
||
327 | * to add them to the '404_fast_paths_exclude' regular expression above. Make
|
||
328 | * sure that you understand the effects of this feature before uncommenting the
|
||
329 | * line below.
|
||
330 | */
|
||
331 | # drupal_fast_404();
|
||
332 | |||
333 | /**
|
||
334 | * External access proxy settings:
|
||
335 | *
|
||
336 | * If your site must access the Internet via a web proxy then you can enter
|
||
337 | * the proxy settings here. Currently only basic authentication is supported
|
||
338 | * by using the username and password variables. The proxy_user_agent variable
|
||
339 | * can be set to NULL for proxies that require no User-Agent header or to a
|
||
340 | * non-empty string for proxies that limit requests to a specific agent. The
|
||
341 | * proxy_exceptions variable is an array of host names to be accessed directly,
|
||
342 | * not via proxy.
|
||
343 | */
|
||
344 | # $conf['proxy_server'] = '';
|
||
345 | # $conf['proxy_port'] = 8080;
|
||
346 | # $conf['proxy_username'] = '';
|
||
347 | # $conf['proxy_password'] = '';
|
||
348 | # $conf['proxy_user_agent'] = '';
|
||
349 | # $conf['proxy_exceptions'] = array('127.0.0.1', 'localhost');
|
||
350 | |||
351 | /**
|
||
352 | * Authorized file system operations:
|
||
353 | *
|
||
354 | * The Update manager module included with Drupal provides a mechanism for
|
||
355 | * site administrators to securely install missing updates for the site
|
||
356 | * directly through the web user interface. On securely-configured servers,
|
||
357 | * the Update manager will require the administrator to provide SSH or FTP
|
||
358 | * credentials before allowing the installation to proceed; this allows the
|
||
359 | * site to update the new files as the user who owns all the Drupal files,
|
||
360 | * instead of as the user the webserver is running as. On servers where the
|
||
361 | * webserver user is itself the owner of the Drupal files, the administrator
|
||
362 | * will not be prompted for SSH or FTP credentials (note that these server
|
||
363 | * setups are common on shared hosting, but are inherently insecure).
|
||
364 | *
|
||
365 | * Some sites might wish to disable the above functionality, and only update
|
||
366 | * the code directly via SSH or FTP themselves. This setting completely
|
||
367 | * disables all functionality related to these authorized file operations.
|
||
368 | *
|
||
369 | * @see http://drupal.org/node/244924
|
||
370 | *
|
||
371 | * Remove the leading hash signs to disable.
|
||
372 | */
|
||
373 | $conf['allow_authorize_operations'] = FALSE; |
||
374 | |||
375 | require dirname(__FILE__) . '/settings.local.php'; |