I would like us to have a dedicated "Security" admin page and a respective Admin menu item in order to:
- show that we take security seriously
- allow site admins to perform security-related tasks in one single place
- provide a "home" for security-related contrib modules
Ideas for this page include:
- settings for blocking users (failed login attempts, bots etc.) - #1878
- provide a default security.txt file ((https://www.drupal.org/project/securitytxt)), and an easy way to edit that info via the UI. The default, out of the box text should point to contact details for reporting security issues in b.org, but site owners should be able to change that if required by their organization (same as we allow them to edit the maintenance mode message)
- settings for protecting forms from spam (expose honeypot settings etc.) - #1169
- settings for the
trusted_host_patterns
variable - #2568 - settings for the
x_frame_options
variable - #4080 - checkbox to ignore outdated php warning - #3490
- link to our https://backdropcms.org/security page
- database (SSL) connection status - #4945
- enable/disable FLoC - #5103
- a setting to enable better security/privacy on login/password reset forms - #4696
- a setting to use 404s instead of 403s when trying to access user pages without the proper permission #5802
Other ideas:
- A "Security overview" block for the dashboard (#495)
- https://www.drupal.org/project/security_review
- https://backdropcms.org/project/remove_generator (only 3 lines of code really)
- any settings that may be required for #3270
- warning when anonymous users can create accounts (#574)
- expose the image_style_flood_limit
setting introduced in https://github.com/backdrop/backdrop-issues/issues/34 / https://github.com/backdrop/backdrop/pull/635
- ???
Recent comments
Hello, @yorkshirepudding! Thanks a lot, I got it, all sorted out.
My layout template (layout--blog.tpl.php) doesn't work
Hi @Gnome and welcome to Backdrop When I create custom layout templates I put them in /layouts/custom/my_layout Note: you can split modules and layouts between contrib and custom...
My layout template (layout--blog.tpl.php) doesn't work
This post explains how to do this in Drupal 7. In Backdrop, File Entity is already part of core. You will need to download and install module Views Field View. https://drupal.stackexchange...
I Need to Display an Image in a View that was Uploaded to a Webform