allowAdminChanges => false and other "better" defaults for production settings in general.php
frank-laemmer opened this issue · 3 comments
I'd like to suggest the following change for the default general.php file that ships with Craft CMS:
Current
// Production environment settings
'production' => [
// Set this to `false` to prevent administrative changes from being made on production
'allowAdminChanges' => true,
]Suggest change
return [
'production' => [
'devMode' => false,
'allowAdminChanges' => false,
'allowUpdates' => false,
],
]Why?
The suggested change is making sure that best practices are set by default.
allowAdminChanges
The Craft documentation states:
Disable the
allowAdminChangesconfig setting on all non-development environments, to avoid losing changes unexpectedly going forward.
devMode
As far as I understand devMode, this should also be set to false in production, as it might leak information on the system outside, like printing debugging information instead of a nicely designed error.
allowUpdates
Last not least, I think the same applies for the updates. To make sure updates work as expected and that the local environment is sync with production, updates should best first be run locally. And for sure by a developer and not the client (I know there are permissions as well but better make sure).
Why not?
I don't know. I tried to think about some cases … I can imagine that maybe less experienced developers who do not have an advanced setup including multiple environments could potentially get locked out of getting updates. But having multiple environments is optional. It's not required to set up something for production. It's just when there is something like production, let's set some good defaults right away.
Why am I asking this?
Shameless plug: We at fortrabbit pre-populate ENVIRONMENT=production with the ENV vars on our Apps. Now having "better" (<- our opinion) defaults would help us with some issues we are facing in support. Not all clients are following our guides and so they end up making different changes in productions and locally and that can turn into a hustle.
It would great if there are no changes that need to be made in general.php for a good setup.
Some feedback on this would be nice.
I have heard that allowUpdates => false is now going to be the default. So this is already partly applied.
The default is now dependent on the environment, and defaults to false for production:
This was released in version 1.1.1 of this project. Thanks.