Several times the last few months we received the following question: what about the safety of our files that we upload in our Drupal social intranet? Is it possible to encrypt the files to provide an additional layer of protection to sensitive information?
In a standard Drupal installation uploaded files are not encrypted, which means they can be opened when you have access to the directory on the server. If you have a public website, this is not a problem. Your images and downloads are freely accessible to everybody.
If you have a Drupal social intranet, then it is recommended to make files 'private'. This means they are not freely accessible, except to people who receive the explicit permission to do so. This 'private files' option is a standard feature in the Drupal core.
One step further is to encrypt files, making them unreadable unless you have the keys. When unauthorized users somehow get their hands on the file, they will not be able to see the content.
Whether Drupal gives you the keys to the file is determined by Drupal's node access system, using grants. The Drupal module ‘Encrypted Files’ provides the encryption of files. Here's how to implement this:
Installation and configuration ‘Encrypted files’
1. Download and install 3 modules
2. Set AES as default
Go to admin/config/system/encrypt and click edit:
Then you can configure the 'Encryption method’:
In the tab ‘Encryption method setting’, select ‘Mcrypt AES 256’. AES is stronger than the default.
3. Configure ‘Default download method’
Go to admin/config/media/file-system:
- Make sure the private files are outside the public webroot (1).
- Set the ‘Default download method’ to ‘Private, encrypted local files served by Drupal’ (2).
4. Configure a new ‘File field’
When a new file field is added, you will now get the option ‘Encrypted files’:
5. Test it
Upload a file via the newly added field in the particular content type. When the file is then opened directly from the server, you will get to see an encrypted version:
When using image galleries like IMCE, then there is a chance they are not working well.
Protect the keys
The module saves one of the keys in the private files folder; set the permissions on those files and folders as strictly as possible. Your server should be able to read and write to these files, any other user should not have access.
Whether this is possible depends on the configuration of your server, such as under which user the Drupel social intranet is running. For example, if Drupal runs under the same user as the one who is managing the private files folder and its files, then you can give the appropriate directory permissions 700 and the files 600.
This Drupal module stores the second key in the database, therefore also ensure an optimal protection of your database, examples:
- Use a strong password for the database user that Drupal uses.
- Only allow this user access to the database.
- Set a strict permission on your settings.php.
Further general safety measurements
- Periodically change your server passwords with strong combinations.
- Turn off all unnecessary services on your server.
- Only allow key-based SSH access.
- Filter by IP: allow for example only the IP of your office.