#Create a readonly front-end multisite
Client wants to have a front-end 'readonly' site in which no users will ever login. The main goal of this is to create a secure site that someone cannot use access bypass or escalation of privileges to gain access to a trusted role of any kind. This example assumes the site is using syslog, not dblog, which is a general recommendation.
-
Create a database user which has readonly access to the database.
-
Add write access for the database user for the following tables:
-- Minium needed to function GRANT INSERT, UPDATE, DELETE ON project.semaphore TO 'project_ro'@'localhost'; -- Only needed if the project is database caching (NOT memcache or similar caching backend) GRANT INSERT, UPDATE, DELETE ON project.cache TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_block TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_bootstrap TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_field TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_form TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_image TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_menu TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_page TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_path TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.cache_update TO 'project_ro'@'localhost'; -- Only needed if users should be allowed to login GRANT INSERT, UPDATE, DELETE ON project.flood TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.users TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE, DELETE ON project.sessions TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.history TO 'project_ro'@'localhost'; -- Only needed if site allows comments GRANT INSERT, UPDATE ON project.comment TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.node_comment_statistics TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.field_data_comment_body TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.field_revision_comment_body TO 'project_ro'@'localhost'; GRANT INSERT, UPDATE ON project.search_dataset TO 'project_ro'@'localhost'; [depending on the site, other tables maybe needed] -
Create the multisite subdirectory for the new frontend url, and change settings.php:
-
Connect as the readonly database user.
-
Add database prefix for role table:
'prefix' => array( 'role' => 'readonly_', ), -
Set error_level to always be 0:
$conf['error_level'] = 0; -
Disallow authorize operations
$conf['allow_authorize_operations] = FALSE;
-
-
Create a copy of the role table in mysql:
CREATE TABLE readonly_role LIKE role; INSERT readonly_role SELECT * FROM role WHERE rid = 1; -- Only if users should be allowed to login, authenticated role is needed INSERT readonly_role SELECT * FROM role WHERE rid = 2;
Note: User 1 still appears to have all access when logging in from read-only site. This is due to Drupal's user_access() function bypassing any checks for user 1. The user account still will not be able to preform any actions against the database.
Hi.
For which Drupal version is this guide applicable?
Greetings