lighttpd

Protect your files directories

Submitted by Garrett Albright on Mon, 2009-09-21 22:31

Be wary of what folks can upload into the "files" directories on your Drupal site. They may be able to upload a PHP file, then try to access that PHP file in their web browser, thus being able to execute arbitrary code. This is dangerous!

I believe Drupal's .htaccess files block this sort of thing for Apache users, but what about us Lighty users? Fortunately, it's not too tough to stop this from happening; just add something like this to Lighty's config file:

Multisite with Drupal 6.13 on Lighttpd 1.4.9

Submitted by CosmoNerd on Sat, 2009-08-01 21:45

I am currently running a multisite installation with Drupal 6.13 on Lighttpd 1.4.19 and facing issues when creating Drupal sites in subdirectories.
After reading through countles posts here on the drupal sites, as well on lighttpd I am close to converting back to Apache as I can't get this to work.
The drupal directory structure looks like this

Drupal root: /home/www/drupal/sites

6 comments · Read more

Fast private file transfers for Drupal

Submitted by Arto on Thu, 2006-07-20 08:41

amazon s3 · apache2 · file API · file transfer · lighttpd · performance · scalability · x-sendfile

For those looking to have Drupal serve private files efficiently, I've posted a simple core patch that adds X-Sendfile support:
http://drupal.org/node/74472

Groups.drupal.org is a part of the drupal.org group of sites. Logging in on this site requires an account on the main drupal.org site. If you do not have an account on drupal.org, you will need to create one, log in over there, and then come back here where you should automatically be logged in.

Thanks!

lighttpd

Protect your files directories

Multisite with Drupal 6.13 on Lighttpd 1.4.9

Fast private file transfers for Drupal

New groups