Now that we have fixed the usage of authorize.php when using Installer module for manual module installs (#1920), it's become clear that we should be using authorize.php for all downloading/installing of modules/themes/layouts.
Without using authorize.php, Installer module only works if the owner of web root directory and the web server user are the same. By using authorize.php, we could enable users to more securely set up their site and still allow modules to be downloaded/installed. If the owner of the web root is the web server user (as is the case in most shared hosting environments and Pantheon), then we don't have a problem. But when these users are different, authorize.php could enable the use of the Installer UI.
GitHub Issue #:
2271
Recent comments
Hi Enthusiast, I had that problem with a site a while back and in that case it was a hosting problem with IPv6, which didn't work properly on the server this site was on. I updated...
Error when trying to check for updates
Hi. Welcome to Backdrop. Out of the box, there are two places you can set visibility by user ID and they are related: The layout configure screen under "Visibility conditions" (admin/structure/...
Use visibility User by uid
Start with clean URLs, add Pathauto and Metatag modules, submit your XML sitemap to Google Search Console, and keep your content original and well-structured.
How to Improve SEO Performance in Backdrop CMS