root / template / d7-settings.php @ 469b9d6d
1 |
<?php
|
---|---|
2 |
|
3 |
/**
|
4 |
* @file
|
5 |
* Drupal site-specific configuration file.
|
6 |
*
|
7 |
* IMPORTANT NOTE:
|
8 |
* This file may have been set to read-only by the Drupal installation program.
|
9 |
* If you make changes to this file, be sure to protect it again after making
|
10 |
* your modifications. Failure to remove write permissions to this file is a
|
11 |
* security risk.
|
12 |
*
|
13 |
* The configuration file to be loaded is based upon the rules below. However
|
14 |
* if the multisite aliasing file named sites/sites.php is present, it will be
|
15 |
* loaded, and the aliases in the array $sites will override the default
|
16 |
* directory rules below. See sites/example.sites.php for more information about
|
17 |
* aliases.
|
18 |
*
|
19 |
* The configuration directory will be discovered by stripping the website's
|
20 |
* hostname from left to right and pathname from right to left. The first
|
21 |
* configuration file found will be used and any others will be ignored. If no
|
22 |
* other configuration file is found then the default configuration file at
|
23 |
* 'sites/default' will be used.
|
24 |
*
|
25 |
* For example, for a fictitious site installed at
|
26 |
* http://www.drupal.org:8080/mysite/test/, the 'settings.php' file is searched
|
27 |
* for in the following directories:
|
28 |
*
|
29 |
* - sites/8080.www.drupal.org.mysite.test
|
30 |
* - sites/www.drupal.org.mysite.test
|
31 |
* - sites/drupal.org.mysite.test
|
32 |
* - sites/org.mysite.test
|
33 |
*
|
34 |
* - sites/8080.www.drupal.org.mysite
|
35 |
* - sites/www.drupal.org.mysite
|
36 |
* - sites/drupal.org.mysite
|
37 |
* - sites/org.mysite
|
38 |
*
|
39 |
* - sites/8080.www.drupal.org
|
40 |
* - sites/www.drupal.org
|
41 |
* - sites/drupal.org
|
42 |
* - sites/org
|
43 |
*
|
44 |
* - sites/default
|
45 |
*
|
46 |
* Note that if you are installing on a non-standard port number, prefix the
|
47 |
* hostname with that number. For example,
|
48 |
* http://www.drupal.org:8080/mysite/test/ could be loaded from
|
49 |
* sites/8080.www.drupal.org.mysite.test/.
|
50 |
*
|
51 |
* @see example.sites.php
|
52 |
* @see conf_path()
|
53 |
*/
|
54 |
|
55 |
/**
|
56 |
* Access control for update.php script.
|
57 |
*
|
58 |
* If you are updating your Drupal installation using the update.php script but
|
59 |
* are not logged in using either an account with the "Administer software
|
60 |
* updates" permission or the site maintenance account (the account that was
|
61 |
* created during installation), you will need to modify the access check
|
62 |
* statement below. Change the FALSE to a TRUE to disable the access check.
|
63 |
* After finishing the upgrade, be sure to open this file again and change the
|
64 |
* TRUE back to a FALSE!
|
65 |
*/
|
66 |
$update_free_access = FALSE; |
67 |
|
68 |
/**
|
69 |
* Salt for one-time login links and cancel links, form tokens, etc.
|
70 |
*
|
71 |
* This variable will be set to a random value by the installer. All one-time
|
72 |
* login links will be invalidated if the value is changed. Note that if your
|
73 |
* site is deployed on a cluster of web servers, you must ensure that this
|
74 |
* variable has the same value on each server. If this variable is empty, a hash
|
75 |
* of the serialized database credentials will be used as a fallback salt.
|
76 |
*
|
77 |
* For enhanced security, you may set this variable to a value using the
|
78 |
* contents of a file outside your docroot that is never saved together
|
79 |
* with any backups of your Drupal files and database.
|
80 |
*
|
81 |
* Example:
|
82 |
* $drupal_hash_salt = file_get_contents('/home/example/salt.txt');
|
83 |
*
|
84 |
*/
|
85 |
$drupal_hash_salt = ''; |
86 |
|
87 |
|
88 |
|
89 |
/**
|
90 |
* PHP settings:
|
91 |
*
|
92 |
* To see what PHP settings are possible, including whether they can be set at
|
93 |
* runtime (by using ini_set()), read the PHP documentation:
|
94 |
* http://www.php.net/manual/en/ini.list.php
|
95 |
* See drupal_environment_initialize() in includes/bootstrap.inc for required
|
96 |
* runtime settings and the .htaccess file for non-runtime settings. Settings
|
97 |
* defined there should not be duplicated here so as to avoid conflict issues.
|
98 |
*/
|
99 |
|
100 |
/**
|
101 |
* Some distributions of Linux (most notably Debian) ship their PHP
|
102 |
* installations with garbage collection (gc) disabled. Since Drupal depends on
|
103 |
* PHP's garbage collection for clearing sessions, ensure that garbage
|
104 |
* collection occurs by using the most common settings.
|
105 |
*/
|
106 |
ini_set('session.gc_probability', 1); |
107 |
ini_set('session.gc_divisor', 100); |
108 |
|
109 |
/**
|
110 |
* Set session lifetime (in seconds), i.e. the time from the user's last visit
|
111 |
* to the active session may be deleted by the session garbage collector. When
|
112 |
* a session is deleted, authenticated users are logged out, and the contents
|
113 |
* of the user's $_SESSION variable is discarded.
|
114 |
*/
|
115 |
ini_set('session.gc_maxlifetime', 200000); |
116 |
|
117 |
/**
|
118 |
* Set session cookie lifetime (in seconds), i.e. the time from the session is
|
119 |
* created to the cookie expires, i.e. when the browser is expected to discard
|
120 |
* the cookie. The value 0 means "until the browser is closed".
|
121 |
*/
|
122 |
ini_set('session.cookie_lifetime', 2000000); |
123 |
|
124 |
/**
|
125 |
* If you encounter a situation where users post a large amount of text, and
|
126 |
* the result is stripped out upon viewing but can still be edited, Drupal's
|
127 |
* output filter may not have sufficient memory to process it. If you
|
128 |
* experience this issue, you may wish to uncomment the following two lines
|
129 |
* and increase the limits of these variables. For more information, see
|
130 |
* http://php.net/manual/en/pcre.configuration.php.
|
131 |
*/
|
132 |
# ini_set('pcre.backtrack_limit', 200000);
|
133 |
# ini_set('pcre.recursion_limit', 200000);
|
134 |
|
135 |
/**
|
136 |
* Drupal automatically generates a unique session cookie name for each site
|
137 |
* based on its full domain name. If you have multiple domains pointing at the
|
138 |
* same Drupal site, you can either redirect them all to a single domain (see
|
139 |
* comment in .htaccess), or uncomment the line below and specify their shared
|
140 |
* base domain. Doing so assures that users remain logged in as they cross
|
141 |
* between your various domains. Make sure to always start the $cookie_domain
|
142 |
* with a leading dot, as per RFC 2109.
|
143 |
*/
|
144 |
# $cookie_domain = '.example.com';
|
145 |
|
146 |
/**
|
147 |
* Variable overrides:
|
148 |
*
|
149 |
* To override specific entries in the 'variable' table for this site,
|
150 |
* set them here. You usually don't need to use this feature. This is
|
151 |
* useful in a configuration file for a vhost or directory, rather than
|
152 |
* the default settings.php. Any configuration setting from the 'variable'
|
153 |
* table can be given a new value. Note that any values you provide in
|
154 |
* these variable overrides will not be modifiable from the Drupal
|
155 |
* administration interface.
|
156 |
*
|
157 |
* The following overrides are examples:
|
158 |
* - site_name: Defines the site's name.
|
159 |
* - theme_default: Defines the default theme for this site.
|
160 |
* - anonymous: Defines the human-readable name of anonymous users.
|
161 |
* Remove the leading hash signs to enable.
|
162 |
*/
|
163 |
# $conf['site_name'] = 'My Drupal site';
|
164 |
# $conf['theme_default'] = 'garland';
|
165 |
# $conf['anonymous'] = 'Visitor';
|
166 |
|
167 |
/**
|
168 |
* A custom theme can be set for the offline page. This applies when the site
|
169 |
* is explicitly set to maintenance mode through the administration page or when
|
170 |
* the database is inactive due to an error. It can be set through the
|
171 |
* 'maintenance_theme' key. The template file should also be copied into the
|
172 |
* theme. It is located inside 'modules/system/maintenance-page.tpl.php'.
|
173 |
* Note: This setting does not apply to installation and update pages.
|
174 |
*/
|
175 |
# $conf['maintenance_theme'] = 'bartik';
|
176 |
|
177 |
/**
|
178 |
* Reverse Proxy Configuration:
|
179 |
*
|
180 |
* Reverse proxy servers are often used to enhance the performance
|
181 |
* of heavily visited sites and may also provide other site caching,
|
182 |
* security, or encryption benefits. In an environment where Drupal
|
183 |
* is behind a reverse proxy, the real IP address of the client should
|
184 |
* be determined such that the correct client IP address is available
|
185 |
* to Drupal's logging, statistics, and access management systems. In
|
186 |
* the most simple scenario, the proxy server will add an
|
187 |
* X-Forwarded-For header to the request that contains the client IP
|
188 |
* address. However, HTTP headers are vulnerable to spoofing, where a
|
189 |
* malicious client could bypass restrictions by setting the
|
190 |
* X-Forwarded-For header directly. Therefore, Drupal's proxy
|
191 |
* configuration requires the IP addresses of all remote proxies to be
|
192 |
* specified in $conf['reverse_proxy_addresses'] to work correctly.
|
193 |
*
|
194 |
* Enable this setting to get Drupal to determine the client IP from
|
195 |
* the X-Forwarded-For header (or $conf['reverse_proxy_header'] if set).
|
196 |
* If you are unsure about this setting, do not have a reverse proxy,
|
197 |
* or Drupal operates in a shared hosting environment, this setting
|
198 |
* should remain commented out.
|
199 |
*
|
200 |
* In order for this setting to be used you must specify every possible
|
201 |
* reverse proxy IP address in $conf['reverse_proxy_addresses'].
|
202 |
* If a complete list of reverse proxies is not available in your
|
203 |
* environment (for example, if you use a CDN) you may set the
|
204 |
* $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
|
205 |
* Be aware, however, that it is likely that this would allow IP
|
206 |
* address spoofing unless more advanced precautions are taken.
|
207 |
*/
|
208 |
# $conf['reverse_proxy'] = TRUE;
|
209 |
|
210 |
/**
|
211 |
* Specify every reverse proxy IP address in your environment.
|
212 |
* This setting is required if $conf['reverse_proxy'] is TRUE.
|
213 |
*/
|
214 |
# $conf['reverse_proxy_addresses'] = array('a.b.c.d', ...);
|
215 |
|
216 |
/**
|
217 |
* Set this value if your proxy server sends the client IP in a header
|
218 |
* other than X-Forwarded-For.
|
219 |
*/
|
220 |
# $conf['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
|
221 |
|
222 |
/**
|
223 |
* Page caching:
|
224 |
*
|
225 |
* By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page
|
226 |
* views. This tells a HTTP proxy that it may return a page from its local
|
227 |
* cache without contacting the web server, if the user sends the same Cookie
|
228 |
* header as the user who originally requested the cached page. Without "Vary:
|
229 |
* Cookie", authenticated users would also be served the anonymous page from
|
230 |
* the cache. If the site has mostly anonymous users except a few known
|
231 |
* editors/administrators, the Vary header can be omitted. This allows for
|
232 |
* better caching in HTTP proxies (including reverse proxies), i.e. even if
|
233 |
* clients send different cookies, they still get content served from the cache.
|
234 |
* However, authenticated users should access the site directly (i.e. not use an
|
235 |
* HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid
|
236 |
* getting cached pages from the proxy.
|
237 |
*/
|
238 |
# $conf['omit_vary_cookie'] = TRUE;
|
239 |
|
240 |
/**
|
241 |
* CSS/JS aggregated file gzip compression:
|
242 |
*
|
243 |
* By default, when CSS or JS aggregation and clean URLs are enabled Drupal will
|
244 |
* store a gzip compressed (.gz) copy of the aggregated files. If this file is
|
245 |
* available then rewrite rules in the default .htaccess file will serve these
|
246 |
* files to browsers that accept gzip encoded content. This allows pages to load
|
247 |
* faster for these users and has minimal impact on server load. If you are
|
248 |
* using a webserver other than Apache httpd, or a caching reverse proxy that is
|
249 |
* configured to cache and compress these files itself you may want to uncomment
|
250 |
* one or both of the below lines, which will prevent gzip files being stored.
|
251 |
*/
|
252 |
# $conf['css_gzip_compression'] = FALSE;
|
253 |
# $conf['js_gzip_compression'] = FALSE;
|
254 |
|
255 |
/**
|
256 |
* String overrides:
|
257 |
*
|
258 |
* To override specific strings on your site with or without enabling the Locale
|
259 |
* module, add an entry to this list. This functionality allows you to change
|
260 |
* a small number of your site's default English language interface strings.
|
261 |
*
|
262 |
* Remove the leading hash signs to enable.
|
263 |
*/
|
264 |
# $conf['locale_custom_strings_en'][''] = array(
|
265 |
# 'forum' => 'Discussion board',
|
266 |
# '@count min' => '@count minutes',
|
267 |
# );
|
268 |
|
269 |
/**
|
270 |
*
|
271 |
* IP blocking:
|
272 |
*
|
273 |
* To bypass database queries for denied IP addresses, use this setting.
|
274 |
* Drupal queries the {blocked_ips} table by default on every page request
|
275 |
* for both authenticated and anonymous users. This allows the system to
|
276 |
* block IP addresses from within the administrative interface and before any
|
277 |
* modules are loaded. However on high traffic websites you may want to avoid
|
278 |
* this query, allowing you to bypass database access altogether for anonymous
|
279 |
* users under certain caching configurations.
|
280 |
*
|
281 |
* If using this setting, you will need to add back any IP addresses which
|
282 |
* you may have blocked via the administrative interface. Each element of this
|
283 |
* array represents a blocked IP address. Uncommenting the array and leaving it
|
284 |
* empty will have the effect of disabling IP blocking on your site.
|
285 |
*
|
286 |
* Remove the leading hash signs to enable.
|
287 |
*/
|
288 |
# $conf['blocked_ips'] = array(
|
289 |
# 'a.b.c.d',
|
290 |
# );
|
291 |
|
292 |
/**
|
293 |
* Fast 404 pages:
|
294 |
*
|
295 |
* Drupal can generate fully themed 404 pages. However, some of these responses
|
296 |
* are for images or other resource files that are not displayed to the user.
|
297 |
* This can waste bandwidth, and also generate server load.
|
298 |
*
|
299 |
* The options below return a simple, fast 404 page for URLs matching a
|
300 |
* specific pattern:
|
301 |
* - 404_fast_paths_exclude: A regular expression to match paths to exclude,
|
302 |
* such as images generated by image styles, or dynamically-resized images.
|
303 |
* If you need to add more paths, you can add '|path' to the expression.
|
304 |
* - 404_fast_paths: A regular expression to match paths that should return a
|
305 |
* simple 404 page, rather than the fully themed 404 page. If you don't have
|
306 |
* any aliases ending in htm or html you can add '|s?html?' to the expression.
|
307 |
* - 404_fast_html: The html to return for simple 404 pages.
|
308 |
*
|
309 |
* Add leading hash signs if you would like to disable this functionality.
|
310 |
*/
|
311 |
$conf['404_fast_paths_exclude'] = '/\/(?:styles)\//'; |
312 |
$conf['404_fast_paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i'; |
313 |
$conf['404_fast_html'] = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>'; |
314 |
|
315 |
/**
|
316 |
* By default the page request process will return a fast 404 page for missing
|
317 |
* files if they match the regular expression set in '404_fast_paths' and not
|
318 |
* '404_fast_paths_exclude' above. 404 errors will simultaneously be logged in
|
319 |
* the Drupal system log.
|
320 |
*
|
321 |
* You can choose to return a fast 404 page earlier for missing pages (as soon
|
322 |
* as settings.php is loaded) by uncommenting the line below. This speeds up
|
323 |
* server response time when loading 404 error pages and prevents the 404 error
|
324 |
* from being logged in the Drupal system log. In order to prevent valid pages
|
325 |
* such as image styles and other generated content that may match the
|
326 |
* '404_fast_html' regular expression from returning 404 errors, it is necessary
|
327 |
* to add them to the '404_fast_paths_exclude' regular expression above. Make
|
328 |
* sure that you understand the effects of this feature before uncommenting the
|
329 |
* line below.
|
330 |
*/
|
331 |
# drupal_fast_404();
|
332 |
|
333 |
/**
|
334 |
* External access proxy settings:
|
335 |
*
|
336 |
* If your site must access the Internet via a web proxy then you can enter
|
337 |
* the proxy settings here. Currently only basic authentication is supported
|
338 |
* by using the username and password variables. The proxy_user_agent variable
|
339 |
* can be set to NULL for proxies that require no User-Agent header or to a
|
340 |
* non-empty string for proxies that limit requests to a specific agent. The
|
341 |
* proxy_exceptions variable is an array of host names to be accessed directly,
|
342 |
* not via proxy.
|
343 |
*/
|
344 |
# $conf['proxy_server'] = '';
|
345 |
# $conf['proxy_port'] = 8080;
|
346 |
# $conf['proxy_username'] = '';
|
347 |
# $conf['proxy_password'] = '';
|
348 |
# $conf['proxy_user_agent'] = '';
|
349 |
# $conf['proxy_exceptions'] = array('127.0.0.1', 'localhost');
|
350 |
|
351 |
/**
|
352 |
* Authorized file system operations:
|
353 |
*
|
354 |
* The Update manager module included with Drupal provides a mechanism for
|
355 |
* site administrators to securely install missing updates for the site
|
356 |
* directly through the web user interface. On securely-configured servers,
|
357 |
* the Update manager will require the administrator to provide SSH or FTP
|
358 |
* credentials before allowing the installation to proceed; this allows the
|
359 |
* site to update the new files as the user who owns all the Drupal files,
|
360 |
* instead of as the user the webserver is running as. On servers where the
|
361 |
* webserver user is itself the owner of the Drupal files, the administrator
|
362 |
* will not be prompted for SSH or FTP credentials (note that these server
|
363 |
* setups are common on shared hosting, but are inherently insecure).
|
364 |
*
|
365 |
* Some sites might wish to disable the above functionality, and only update
|
366 |
* the code directly via SSH or FTP themselves. This setting completely
|
367 |
* disables all functionality related to these authorized file operations.
|
368 |
*
|
369 |
* @see http://drupal.org/node/244924
|
370 |
*
|
371 |
* Remove the leading hash signs to disable.
|
372 |
*/
|
373 |
$conf['allow_authorize_operations'] = FALSE; |
374 |
|
375 |
require dirname(__FILE__) . '/settings.local.php'; |