How to secure a Drupal site

Awhile back, I was working on a private Drupal website for members only. Now, Drupal has a module called Secure Site which can be used for this. However, Secure Site throws up an HTTP 401 error to request authentication from the user. If you've ever seen a "enter username and password" box pop up in your browser, that's an HTTP 401 error. That's okay, but I don't think it's the best UI out there. I wanted something a little user-friendlier.

So, I came up with the code below. Put it in your index.php file (or better yet, in a file included by index.php) right after the call to drupal_bootstrap(). It will redirect all but a certain subset of pages to the login page, and prompt users to log in.

Enjoy!

3
Average: 3 (3 votes)
Your rating: None