Our security team ran a web-inspect security scan on our Drupal 7 site and reported that our site is vulnerable to verb tunneling using headers or query parameters such as X-HTTP-Method, X-HTTP-Method-Override, X-Method-Override, or a query parameter such as _method to use an override method to gain access to restricted HTTP methods. Not sure if this is a legitimate vulnerability for drupal 7 or can these kind of HTTP headers for verb tunneling be disabled?. Any response is greatly appreciated. We are using nginx and php-fpm on a Linux server for our Drupal 7 application.
I am unable to find a stable solution in order to accept both IDEAL with EURO's and Credit Cards with Dollars.
I tried to use Mollie which handles both IDEAL and Credit Cards but it does so by only allowing EURO as currency. Having Dollars will not allow the installation of Mollie.
I have looked at Adyen but there is hardly any work on that module and alot of open issues (open for years)
I create user-profile.tpl.php but in user profile page show header and fooder from page.tpl.php
on user page, I want to new header and footer in user profile page
how to remove it?
if I remove the from page.tpl.php than it will remove from all pages but I want to remove only user profile page
I had installed drupal on folder.domain.com and i want to move it to domain.com. I copied all data to root, took backup of database -> created a new db and restore old database onto new one. I have also changed $base_url in settings.php. Now both floder.domain.com and domain.com throws "Internal 500 Error".
Can some one please help me to get back on track as i have to launch this website in before the weekend, sorry for something such urgent.
Not attending DrupalCon Vienna 2025? We would love to hear why. Your feedback helps us understand the community better.
