Drupal 8 Installation Guide (V7 wUpdates)

drupal logo


  • source:

Step 1: Download and extract Drupal

Source: https://www.drupal.org/docs/7/installing-drupal-7/step-1-download-and-extract-drupal


Last updated on

5 August 2016

Drupal is available in two supported versions: the most recent and the previous. Currently that is Drupal 8 (released November 2015) and Drupal 7. The Recommended releases are the latest stable releases of either version. To learn more about versions, see the Drupal version information page.

To install a Drupal site in a language other than English, see http://localize.drupal.org/translate. You can also add additional languages after the installation.
Note: If you install Drupal 8, you can choose the installation language as the first option in the interface of the installation script itself.

You can download and extract Drupal in six different ways:

So, follow one of the methods below for downloading, and then...

Before continuing to the next page ...

The base URL for your Drupal installation is set in your web server's configuration file. You need to know this URL before proceeding to the next steps of the installation.
If you are installing Drupal on your local machine, the base URL may be http://localhost.
If you're installing Drupal to a web server, your base URL may be a specific domain name, such as http://example.com.


Drush is a command line tool to maintain and administer Drupal sites. It offers the most convenient way of downloading Drupal by using a single command: pm-download (or its alias dl):

drush dl drupal

This command will download the recommended version into the current folder. Check drush help dl to see additional options such as how to download a specific version.

Drupal Console

Drupal Console is the new command line interface (CLI) for Drupal. The Drupal Console is a tool to generate boilerplate code, interact and debug Drupal 8. It offers a convenient way of downloading Drupal by using a single command: site:new:

# specifying to download version 8.0.2 into folder "mydrupalsite" drupal site:new mydrupalsite 8.0.2 # select version from interactive mode drupal site:new mydrupalsite

This command will download the specified version into the current folder. Check drupal site:new --help or visit the documentation.

From the command line


Log into your server on using ssh and navigate to the directory from which you will be serving your Drupal site.
On many *nix computers the path from the server's root will be /var/www/html, so cd /var/www/html. On a shared server, or a server that hosts multiple domains, the path will be different (try cd ~/www or cd ~/public_html). If you are unsure of the directory, ask your hosting provider for assistance.

Download Drupal from the command line, for example using wget or curl.
The commands are, respectively:

wget http://ftp.drupal.org/files/projects/drupal-x.x.tar.gz


curl -O http://ftp.drupal.org/files/projects/drupal-x.x.tar.gz

Note: The curl command option is the upper case letter "O" and not the numeral that stands for zero.

Replace http://ftp.drupal.org/files/projects/drupal-x.x.tar.gz with the link for the version you want to install.
The links to the recommended versions are available on Drupal Core project page, where you can copy them from the Download column.
All other versions are available on the Releases for Drupal core page.

Extracting files

Type the following command and replace "x.x" with your downloaded version's number:

tar -xvzf drupal-x.x.tar.gz

Then remove the compressed version of the file by using the following command:

rm drupal-x.x.tar.gz

Moving to its intended location

Now you need to move the contents of the drupal-x.x directory one level "up" into the web server's document root or your public HTML directory:

mv drupal-x.x/* drupal-x.x/.htaccess ./

For Drupal 7, also add:
mv drupal-x.x/.gitignore ./

Drupal 8 comes with several additional hidden files that all need to be moved as well.
Alternative, you can extract the the tar archive directly into the correct directory by typing:
tar --strip-components=1 -xvzf drupal-x.x.tar.gz

The files from the directory you downloaded and decompressed have now been moved up a level into your web directory, and you can delete the (now empty) drupal-x.x directory:

rmdir drupal-x.x

Using FTP

You can download Drupal using your favorite FTP-tool.

  1. Download a Drupal tar.gz or zip file to your local computer from https://www.drupal.org/project/drupal by clicking on the link for the version you want to install.
  2. When you download the file, your browser will ask you what to do with it. Choose "Extract" and extract it to your local computer. Or, save the file and extract it using your computer's software (7-zip for example) that deals with archive files. The exact steps to do this differ by software, but you should end up with a folder/directory called something like "drupal-7.32" on your local computer.
  3. Use FTP to transfer the entire contents of this folder, including hidden files like .htaccess, to your hosting account's HTML document root. Details of how to do this depend on your FTP software.

    Note: Drupal 8 includes about 10 times as many files as earlier versions (due to its new framework), that may take significantly longer to upload to a server by FTP than earlier versions. A faster way to upload Drupal 8 as a single ZIP files, suitable for some hosts is described here.

Using Git

The Drupal project page has great version control instructions, which starts with setting up repository for the first time by cloning Drupal.

When cloning Drupal 8.1.x or higher you will need to use composer to install the latest dependencies. From the root directory of the Drupal repository you cloned run composer install, this will download all the dependencies to the location expected by Drupal. See also this method for building sites with composer.

If you do not have composer installed follow their documentation.


Step 2: Create the database

Source: https://www.drupal.org/docs/7/installing-drupal-7/step-2-create-the-database


Last updated on

17 August 2016

Note: Since 8.x, it is not necessary to create a database before installing Drupal. Now, if you enter credentials of a user capable of creating databases (for example the 'CREATE' privilege in MySQL/MariaDB or the 'CREATEDB' privilege in postgresql), the specified database name will be created at the time of Drupal installation if it doesn't already exist. See the relevant change notice for more information and screenshots. If you do have a user with these privileges, you can move to the next step.

Before running the installation script, you must create an empty database and database user (a user name assigned the rights to use the Drupal database).

This page provides direction for creating your Drupal database using one of the following methods:

Selection of characters in MySQL/MariaDB database name:

Drupal 7

  • If you use capital letters in the database name, they will be converted to lower case.
  • A "-" (hyphen) in the database name will be encoded as "@002d" in the database folder name. For example, the folder name for database a-b-c will be a@002db@002dc. Other characters besides a..z, 0..9, and "_" (underscore) are similarly encoded. [ref, ref]

Drupal 8

  • If you use capital letters in the database name, they will be converted to lower case.
  • Allowed characters are a..z, 0..9, and "_" (underscore).


Create a database and user via a browser-based control panel

Most web hosting accounts provide a Web-based control panel to help you administer your site. These tools include easy-to-use features for creating a new database, and for creating a "user" with rights to the database. To create a database using a browser-based control panel consult the documentation or ask your web host service provider.

When you create the user for your database, you may see a page where you can specify the privileges that user will have for various operations on the database. In most web control panels' "database wizard", if you simply check "All" privileges for the user you create (and then uncheck "Grant" if it is listed as a privilege) your user will be set up correctly.

Take note of the username, password, database name and hostname (for example, are you installing in http://example.com, or in http://drupal.example.com, or http://example.com/blog etc.) as you create the database. You will enter these items into fields in your browser when running the install script

Note that in many cases when creating databases and users via a web-based interface, the username you use to log into your control panel is added as a prefix to the database name and possibly to the database username as well. For example, if you log into your site's control panel as "webadmin" and create a database named "drupal7db" and a user for that database named "d7user", when running the Install script (see next page) the database and user may need to be typed in as "webadmin_drupal7db" and "webadmin_d7user". (This is because many hosting accounts are on shared servers, and on one server each database and user name must be unique across all accounts on the server.)

If you used the procedure in this section to create your database and user using a web-based interface, continue to the Step 3: Create the settings.php file page of the Installation Guide.


Create a database and user using phpMyAdmin


The most secure method to use when creating a database with phpMyAdmin is to create a user that has all privileges to the new database, but no privileges to the other databases. This is more secure than using a general username and password for all of your sites on the same server, as it limits access to your databases if someone gets hold of your database logins.

Note: This procedure assumes that you have root access to phpMyAdmin, and that you're using phpMyAdmin 3.5.x.

  1. Sign in to phpMyAdmin as the root user.
  2. Click Users, and then click Add user.
    Note: You can use the root user credential as well..
  3. In the User name field, enter the username that you want to use.
  4. In the Host field, select Local, which is a more secure setting, unless you'll be accessing the database with this user from another server.
  5. Enter or generate a password for the user.
  6. In the Database for User section, select Create database with same name and grant all privileges.
  7. Make sure you select COLLATION utf8_general_ci or utf8_unicode_ci
  8. Click Go to create the user.

phpMyAdmin creates the new database with the same name as the user account. If you want to have a different name for the database and the user:

  1. Click Databases, and then click the link for the database that you want to rename.
  2. Click Operations.
  3. In the Rename database to section, enter the new database name.
  4. Click Go in the Rename database to section.

If you need more details about using phpMyAdmin, check out the official wiki.

Take note of the username, password, database name and hostname (for example, are you installing in http://example.com, or in http://drupal.example.com, or http://example.com/blog) as you create the database. You will enter these items into fields in your browser when running the install script.

In many cases, when creating databases and users using a web interface, the username that you use to sign in to your control panel is added as a prefix to the database name, and possibly to the database username as well. For example, if you sign into your site's control panel as "webadmin" and create a database named "drupal7db" and a user for that database named "d7user", when running the Install script the database and user may need to be typed in as "webadmin_drupal7db" and "webadmin_d7user". (This is because many hosting accounts are on shared servers, and on one server each database and username must be unique across all accounts on the server.)

If you used the procedure in this section to create your database and user using phpMyAdmin, continue to the Step 3: Create the settings.php file page of the Installation Guide.


Create a database from the command line

If you do not use a Web control panel or are experienced with and prefer to use MySQL, MariaDB or PostgreSQL commands, you can use the information in the following sections.

Additional information about privileges, and instructions to create a database using the command line are available in the INSTALL.mysql.txt file for MySQL/MariaDB and in the INSTALL.pgsql.txt file for PostgreSQL.


Create a database using MySQL/MariaDB commands


Note: The database should be created with UTF-8 (Unicode) encoding, for example utf8_general_ci.

For information on installing and configuring MySQL see http://dev.mysql.com/doc/refman/5.7/en/index.html

For information on installing and configuring MariaDB, see https://mariadb.com/kb/en/

In the following examples, 'username' is an example MySQL/MariaDB user who will have the CREATE and GRANT privileges and 'databasename' is the name of the new database Use the appropriate names for your system.

  1. Create a new database for your site (change the username and databasename):

    mysql -u username -p -e "CREATE DATABASE databasename CHARACTER SET utf8 COLLATE utf8_general_ci";

    MySQL/MariaDB prompts for the 'username' database password, and creates the initial database files.

  2. Log in and set the access database rights:

    mysql -u username -p

    MySQL/MariaDB prompts for the 'username' database password.

  3. At the MySQL/MariaDB prompt, create the user and set the permissions using the following command:

    CREATE USER username@localhost IDENTIFIED BY 'password';


    In this case:

    • databasename is the name of your database
    • 'username' is the username of your MySQL or MariaDB user account
    • 'localhost' is the host where Drupal is installed
    • 'password' is the password required for that username

    Be sure to use backticks ( ` ) around the database name if you used a MySQL or MariaDB escape character (_ or %) in your database name.

    For example, because the underscore character is a wildcard, drupal_test_account.* should be `drupal\_test\_account`.* for security. Otherwise the underscores would match any character and could accidentally give access to other similarly named databases.

    Note: Unless the database user/host combination for your Drupal installation has all of the privileges listed above (except possibly CREATE TEMPORARY TABLES, which is currently only used by Drupal core automated tests and some contributed modules), you will not be able to install or run Drupal.

    For further information on the GRANT statement see http://dev.mysql.com/doc/refman/5.0/en/grant.html

  4. If successful, MySQL/MariaDB will reply with:

    Query OK, 0 rows affected

  5. Now exit the MYSQL/MariaDB prompt by typing:
    The server will answer by saying


Create a database using PostgreSQL


The database must be created with UTF-8 (Unicode) encoding.

  1. Create a database user
    This step is only necessary if you don't already have a user setup (e.g. by your host) or you want to create new user for use with Drupal only. The following command creates a new user named 'username' (you should substitute this with the desired username), and prompts for a password for that user:

    createuser --pwprompt --encrypted --no-adduser --no-createdb username

    If everything works correctly, you'll see a CREATE USER notice.

  2. Create the database

    This step is only necessary if you don't already have a database setup (e.g. by your host) or you want to create new database for use with Drupal only. The following command creates a new database named "databasename" (you should substitute this with the desired database name), which is owned by previously created "username":

    createdb --encoding=UNICODE --owner=username databasename

    If everything works correctly, you'll see a CREATE DATABASE notice.



Step 3: Create settings.php and the files directory

Source: https://www.drupal.org/docs/7/installing-drupal-7/step-3-create-settingsphp-and-the-files-directory



Last updated on

4 December 2016

Drupal Config File "settings.php" and "services.yml" Overview

In order for Drupal to work, you have to configure where the database is, what the database is called, and the database credentials to access the database. This information is stored in the settings.php file which is located in:


The settings.php file is common to Drupal 6, 7 and 8

When you first extract Drupal, it doesn't come with a settings.php file, instead it comes with default.settings.php. When you first install Drupal 7, it will attempt to copy and rename default.settings.php -> settings.php for you. There are some rare instances where you will need to do this manually which are covered in detail further down on this page.

New to Drupal 8 in the sites/default folder, is a file named default.services.yml. Just like default.settings.php, default.services.yml has to be renamed in order to work. However, this file is designed for overriding the core services.yml file if you need to override it and 99% of sites out there, won't ever need to override the core services.yml file. It is made available if you do need to override those settings though. In early development, this file was automatically copied and renamed during install, however Stop creating services.yml by default supersedes the early method. In other words, don't ever worry about default.services.yml / services.yml unless something tells you otherwise.

Finally, the purpose of having default.[config-file].php is so you can easily update Drupal, without overwriting the entire configuration that runs your site. Yes, there was a time when that happened...

Automatic settings.php Overview

By default, Drupal 7 and 8 will attempt to create and populate the settings.php file automatically when you use install.php to setup the site. The script also changes the permission on the file to secure it once it is finished and then creates a sites/default/files directory for housing all of your non-core files. Unfortunately, some types of shared/local hosting are configured so PHP and Apache run as the same user. This might result in the install script failing to execute the creation and population of the settings.php file, along with setting permissions and creating the files directory. If you get errors referring to the Settings file during installation, you will have to manually create the settings.php file and do a few more tasks before you can run install.php. Once it is created with write permissions, the installation script will automatically populate the proper information for your site config. Afterwards, you will have to re-secure the settings.php file.

At this point, jump to the next page step: Step 4: Run the installation script. If you run into problems with the installation due to the Settings, come back here and follow the Manual steps outlined below.

Manual settings.php Overview

Drupal 6, 7 and 8 come with a sample settings.php configuration file located at: sites/default/default.settings.php
Before you run the installation script (install.php), you need to copy default.settings.php file as a new file called settings.php and change its permissions to be writeable. After the installation, you will need to restrict the permissions again.

Manual settings.php Detailed Instructions

Step 1 - Navigation & Creation

Navigate to sites/default of your root Drupal install.

Copy the default.settings.php file and save the new file as settings.php in the same directory (see note below about renaming). If you have shell access (command line) run the following command from the directory that contains your Drupal installation files:

cp sites/default/default.settings.php sites/default/settings.php

Note: Do not simply rename the file. The Drupal installer needs both files.

If you only have FTP access, you will have to download the file to your computer, rename it, then upload it. Some hosting providers have a file manager on the dashboard where the file can be copied and renamed.

Step 2 - Check the Permissions Are Writeable

By default, the sites/default directory and the settings.php file should be writeable. You can check that the permissions of sites/default and settings.php are writeable by issuing the following commands:

ls -l sites/

Permission on sites/default should be 755 [drwxr-xr-x]:

ls -l sites/default/settings.php

Permission on settings.php should be 644 [-rw-r--r--]:

If they are anything but writeable, you can issue the following commands:

chmod 644 sites/default/settings.php

Note: If you are in the same group as the web user, then changing the permissions to 664 will be sufficient.

Several FTP tools like Filezilla, Transmit, and Fetch etc. allow you to change file permissions, using a 'file attribute' or 'get info' command. In this case the file permission should be set to 644. If your FTP client has checkboxes for setting permissions, check both the Read and Write boxes for "Owner", "Group", and "Others" (but leave the Execute boxes unchecked). For some situations, you may need a permission of 664. Some hosting providers allow a similar operation through the dashboard file manager.

Step 3 - Try the Install

At this point, give the install a go. See if you can get through the installation by running http://[yoursite]/install.php. If you are successful, the first page you will want to visit is Reports -> Status report (admin/reports/status)

On the reports page, look for a line that says: File system. If it says anything other than "Writeable", you will need to follow Step 4 below.

Next, look for a line that says: Configuration file. If it says anything other than "Protected", then you will need to re-secure the configuration files as described in Step 5 below.

Step 4 - Create the Files Directory

The installation should have created the sites/default/files directory for you, but in the off chance it didn't, you will need to create it manually and set the right permissions on it.

mkdir sites/default/files

Note:On most linux systems, a newly created directory is already setup with the 755 permission. In case it isn't, you can issue the command:

chmod 755 sites/default/files

This sets the files directory to 755 [drwx-rw-rw].

Depending on how your apache configuration is setup, you might have to instead run:

chmod 777 sites/default/files

This sets the files directory to 777 [drwxrwxrwx]. It is less secure than 755, but there's nothing you can do about it if that's how your server is setup.

Step 5 - Post Install Permission Check

After the installation script has run, Drupal tries to set the permissions automatically to:

555 (read-execute) [dr-xr-xr-x] for the sites/default folder.
444 (read-only) [-r--r--r--] for the settings.php

If not, you will need to manually set them:

chmod 555 sites/default

chmod 444 sites/default/settings.php

These permissions are correct, and should not be changed, because changing these opens up a security risk.

OS specific instructions

Fedora Linux settings.php notes

If you have clean Fedora (or RHEL, CentOS, Scientific Linux) you have SELinux enabled by default after clean installation. There are few more steps to be done to be able to finish Drupal installation on SELinux enabled site to gain more security by SELinux.

If you don't want to use SELinux you may simply disable it, but this is not recommended as SELinux is able to block some exploits. Also you may turn SELinux into permissive mode to go through creating the settings.php file (because even if you have set the permissions for writing to settings.php, the install script will think you don't because SELinux is active and is blocking writing to settings.php file).

To go through installation, do this (as root):

  1. Enable allow_httpd_anon_write boolean:

    setsebool allow_httpd_anon_write=1

  2. Change type of default directory and settings.php to public_content_rw_t (whole command is in one line):

    chcon -t public_content_rw_t sites/default sites/default/settings.php sites/default/files

After the installation finishes, revert previous settings to benefit from SELinux:

  1. Disable allow_httpd_anon_write boolean:

    setsebool allow_httpd_anon_write=0

  2. Reset security context:

    chcon -R -t httpd_sys_content_t sites/default

OS X settings.php notes

For information about setting up a local MAMP (Mac, Apache, MySQL, and PHP) server, see HowTo: Create a local environment using MAMP.

For an external server, follow these steps:

Note: If you're using Snow Leopard, you must first enable the GD library. Unlike previous versions of OS X, Snow Leopard comes with a version of PHP that supports the GD library without having to recompile PHP. To enable the GD library in PHP, edit the /etc/php.ini file, and then remove the initial semicolon (which comments the line) from the following line:


After you remove the semi-colon, restart the Apache server. The GD libraries will then be available in PHP.

Rebuild PHP5 to include the GD tools according to the instructions here.

  1. Install Drupal 7.0 as /Users/xxx/Sites/drupal, where user xxx is in the _www group, and ensuring that the entire installation is group-writable. Create a soft link from
    /Library/WebServer/Documents/xxx to /Users/xxx/Sites.
  2. Re-writing seems to be enabled by default in Apache2 on Leopard. Enable PHP5 and virtual hosts in Apache2 by uncommenting the following lines in /etc/apache2/httpd.conf:

    #Dynamic Shared Object (DSO) Support #LoadModule libexec/apache2/libphp5.so #Virtual hosts (This is just a marker for what follows so you should leave the #.) #Include /private/etc/apache2/extra/httpd-vhosts.conf

  3. Add a virtual host stanza to the /private/etc/apache2/extra/httpd-vhosts.conf file that has at least this in it:

    <VirtualHost *:80> DocumentRoot /Library/WebServer/Documents ServerName localhost <Directory /Library/WebServer/Documents> Options FollowSymLinks Indexes MultiViews AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost>

  4. Add a variant of the RewriteBase /drupal line in the stock /Users/xxx/Sites/drupal/.htaccess file:

    IfModule mod_rewrite. RewriteEngine on # Modify the RewriteBase if you are using Drupal in a subdirectory or in a # VirtualDocumentRoot and the rewrite rules are not working properly. # For example if your site is at <a href="http://example.com/drupal" title="http://example.com/drupal" rel="nofollow">http://example.com/drupal</a> uncomment and # modify the following line: # RewriteBase /drupal RewriteBase /xxx/drupal # Rewrite URLs of the form & to the form index.php?q=x&. RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !=/favicon.ico<br /> RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] IfModule

  5. Make a copy of the /Users/xxx/Sites/drupal/sites/default directory tree as /Users/xxx/Sites/drupal/sites/localhost., and make sure this directory is writable by the _www group.
  6. Manually create the database in MySQL. Make a copy of
    /Users/xxx/Sites/drupal/sites/localhost/default.settings.php file as
    /Users/xxx/Sites/drupal/sites/settings.php, and then make this file writable by the _www group.

    Configure the database in /Users/xxx/Sites/drupal/sites/settings.php:

    $databases['default']['default'] = array( 'driver' => 'mysql', 'database' => 'databasename', 'username' => 'username', 'password' => 'password', 'host' => 'localhost', 'prefix' => 'main_', 'collation' => 'utf8_general_ci', );

You're now ready to install Drupal on your external server. Continue to Step 4: Run the installation script.

Windows (IIS) settings.php notes

On a Windows computer using Internet Information Server (IIS), complete the following steps:

  1. Right-click sites\default\settings.php.
  2. Grant Write permissions to IUSR_MachineName (IIS6) or IUSR (IIS7).

Note: On Windows Server 2008, you can also do this from the command line by running the following command from your sites\default directory:

icacls settings.php /grant IUSR:W

The installer will change the file back to Read Only after installation, but you should verify this after installation.

For more information about modifying Windows file permissions, see the Troubleshooting FAQ.






Step 4: Run the installation script

Source: https://www.drupal.org/docs/7/installing-drupal-7/step-4-run-the-installation-script


Last updated on

7 September 2016

Select the method based on the version of Drupal that you want to install:


Drupal 7 installation script

To run the Drupal install script, point your browser to the base URL of your website.

The base URL means the document root (directory) where you placed your Drupal files (and is defined in your web server configuration file). If you have installed Drupal on a web host this will likely be a domain name such as http://www.example.com. If you installed Drupal in a subfolder, you should point your browser to the subfolder (for example, http://example.com/subfolder). If you installed Drupal on your desktop machine, the URL might be http://localhost/drupal.

If the installation process does not simply appear by entering the base URL of your site, add the file name install.php to the end of your site's URL (for example, http://www.example.com/install.php).

Installation process

After you run install.php, you'll be guided through several pages:

Image removed.

  1. Choose which profile to use for the installation (standard or minimal or your chosen distribution).

    Most people should select the "standard" option. The standard option comes with default content types already enabled, such as Article and Page, and with appropriate publishing options already set. (Of course you can later edit these default content types and their settings, or add additional ones.) The standard profile also has a useful collection of modules pre-enabled for you.

    The "minimal" option is targeted toward more experienced Drupal site creators who wish to set up their own content types with associated publishing options. The minimal profile has only three modules enabled: Block, Database logging, and Update status.

    Choose the 'name of your distribution', if you have downloaded a distribution and not a normal drupal at step one.

    Image removed.

  2. If you want to install using a language other than the default English, click the Learn how to install Drupal in other languages link.

    Image removed.

  3. If your installation directory is not yet configured properly, you'll be informed on this page. You can correct the settings individually and either refresh the browser screen or click 'Try again' to see whether there are any errors left.

    Image removed.

    Reported errors can include:

    • Missing directories and/or incorrect permissions
      The installer will attempt to automatically set up a number of directories, but this may fail due to permission settings. In this case you will find the missing directories listed.
      • sites/default/files
      • sites/default/private
      • sites/default/private/files

      These directories should be set to the following permissions:

      chmod o+w sites/default/files


      chmod 777 sites/default/files

    • Missing settings.php or incorrect permissions
      If settings.php is missing or not accessible, follow the instructions in Step 3: Create the settings.php file. Note that you will need both the default.settings.php and settings.php files.
  4. Enter the database name, the username, and the password for the database that you created in Step 2: Create the database. This username and password information allows Drupal to access your database so the install script can create tables. Note that this is not the username and password for administering Drupal; these will be created in the next step.

    Image removed.

    The Advanced options allow you to change the database host ('localhost' is usually used in this entry: wamp/bin/apache/Apache2.2.11/bin/php.ini as an example of the location on a Windows computer running WAMP). You can also change the port and the table prefix. You only need to change the port if you are using a non-standard port number. The table prefix is useful if you are installing multiple instances of Drupal tables that share the same database.

    Click Save and continue at the bottom of the page.

  5. A progress bar will appear and display notes from the installer regarding the progress of the installation. If no errors are encountered, the next page will automatically load in your browser.
  6. After the installer completes, input the information for the first user account (which will be automatically assigned full administration permissions) and provide basic website settings.
    • In the Site name field enter the name you wish to use for the site. You can also edit it later through the administration interface.
    • In the Site e-mail address field, enter the e-mail address that will be used by Drupal when it sends out notifications such as registration information.
    • In the Site maintenance account field, enter the Username, E-mail address, and password for the main administration account.

      Note that as of Drupal 7 there is a distinction between the main administration account that you set up on this page, and the "Administrator" site administrator user role that you will see when you visit the "Roles" and "Permissions" pages in the administration interface. The account you set up in the Site maintenance account section during installation is a super-user who has overall control over every aspect of the management and configuration of the site. (For those of you familiar with the account from earlier versions of Drupal, this will be http://www.example.com/user/1.)
      Image removed.

    • In the Server settings field, select your Default country and Default time zone.
    • In the Update notifications field, leave both check boxes selected if you want your Drupal server to alert you when updates are required. Often updates relate to security issues and are important to perform. However, if you have restricted Internet connectivity (for example, if you are behind a corporate firewall) you may want to leave these settings unselected and then test them later.
      Image removed.

    Click "Save and continue". On success you will see the Drupal installation complete screen. If there are any error messages, review and correct them now.
    Image removed.

Secure your site

After the installation is complete, you will want to change the permissions on the settings.php file back so that it is protected:

chmod u=rw,o=r,a=r sites/default/settings.php


chmod 644 sites/default/settings.php

If you make manual changes to the settings.php file later, be sure to protect it again after making your modifications.

Important: Failing to remove write permissions to the settings.php file is a security risk.

Although the default location for the settings.php file is at sites/default/settings.php, it may be in another location if you use the multisite setup.


Drupal 8 installation script

Currently, the Drupal 8 Install steps are mostly identical to Drupal 7 above, with a couple of exceptions:

The order of the steps:

  1. Choose Language
  2. Choose Profile
  3. Verify Requirements
  4. Setup Database
  5. Install Site
  6. Configure Site

Aside from these points and a slightly different interface, the steps and information required in the installation process are the same as the Drupal 7 instructions above.


Drupal 6 installation script

Note: Drupal 6 has reached end of life and is no longer supported. You are highly encouraged to instally D7 or above.

To run the install script point your browser to the base URL of your website.

The base URL is defined in your Web server configuration file and is specific to the document root where you placed your Drupal files. If you have installed Drupal on a Web server this will likely be a domain name, such as http://example.com. If you have installed Drupal on your local computer, this URL might be http://localhost.

Image removed.

You will be guided through several screens to set up the database and create tables.

Image removed.

Next, add the first user account and provide basic website settings.

Image removed.

If you get any errors regarding the files directory and its permissions, read more information about the Files directory.



Setting up the files directory

Source: https://www.drupal.org/docs/7/install/setting-up-the-files-directory


Last updated on

13 January 2017

In most cases, Drupal would create the files directory for you. If Drupal can't create the directory (which most probably is due to lack of required permissions), follow the instructions below.

After installing Drupal, you will need to ensure the directory files can be accessed by your Web server. If it does not have the correct permissions, you may get an error message stating that "sites/default/files does not exist ..."

Here’s how:

  1. In the folder sites/default create a new directory called files.
  2. Grant read, write and execute permissions on the new directory to the Web server.

Most FTP programs will allow you to create the new directory and set its permissions.

Once you've completed these steps confirm the appropriate permissions have been assigned by navigating to Administer -> Reports -> Status report. Scroll to the section labelled, "File system" and confirm your settings are now correct.

Troubleshooting Apache-based Web Servers

If the directory files is not "owned" by the Web server there are two ways to proceed. These instructions assume you have shell access to the Web server. If you do not have shell access, please contact your hosting provider for additional support.

Ideally you will be able to change the "owner" of the directory files to match the name of the Web server. On a Unix or Linux-based server you may verify "who" the Web server is running as by issuing the following commands.

For Apache 2.x:

$ ps aux |grep apache

For Apache 1.x:

$ ps aux |grep httpd

Depending on your Web server one of these commands will return a series of lines like this:

www-data 13612 0.1 0.9 50640 20340 ? S 12:29 0:08 /usr/sbin/apache2 -k start

The first column in the returned text is the "user" that your Web server is operating as. In this case the user is www-data. To make your files directory writeable by the Web server you need to reassign its ownership using the following command:

$ chown -R www-data sites/default/files

If you do not have sufficient permissions on your server to change the ownership of the folder, the next best option is to provide group-write access to the folder with the following command:

$ chmod -R 0770 sites/default/files

You should also be able to adjust the directory's permissions using an FTP program as outlined above.

Once you've completed these steps confirm the appropriate permissions have been assigned by navigating to Administer -> Reports -> Status report. Scroll to the section labelled, "File system" and confirm your settings are now correct.


The most dangerous and least secure option is to assign write access to "everyone." This option should be avoided at all costs. If the steps outlined above do not work, please consider adjusting your hosting configuration (e.g. add your Web server to the appropriate group) instead of granting write access to "everyone."

SELinux enabled environment

If you have SELinux enabled (Fedora, RHEL, CentOS, Scientific Linux), you have to allow write by SELinux too, as even you set the correct permissions, the write does not proceed because SELinux. Run these commands as root:

chcon -Rt public_content_rw_t sites/default/files setsebool -P allow_httpd_anon_write=1

Unix and FileZilla file permissions

We programmers assume you users know all about this. If you don't, here's the upshot.

Every user (human, etc) has an account on the computer. If it's a different computer, your account on it might be very different. In fact some programs like MySQL and Drupal have their own unattached user/permissions system where your username and password can be completely different. This section is about your Unix computer account, which you used to connect and mess around with your files on your Unix server.

The computer also has groups of users, like maybe the other people in your department or your classroom or platoon or rank. This way, they can give, or take away, permissions to a whole group of people at once.

Now there's three users that are important: you, the web server, and everybody else. Usually the web server's account name is www or _www or nobody or daemon or apache. Everything that Drupal and PHP do, they do as this user. Usually no actual person logs in as www, it's reserved for the server, and magic makes the server assume the www user identity. Even if Atilla the Hun comes surfing to your web server, what he does, he does as www as far as the files are concerned.

So you have to make sure that each of you can do what you need to do:
- you should probably be able to read and write the files in the website you're making
- www (drupal) needs to be able to read all the files, and needs to be able to write inside the files directory.
- everybody else probably should not be allowed any access at all.

Each file, and each directory (folder), has permissions on it telling who can mess with it, and how:

r means Read permission, you can see what's inside. For a directory, it means you can see what files are inside. You might not have permission to do anything with those files, but at least you can see their names, and see what permissions you have with them.

w means Write permission, you can change the data in it. For a directory, it means you can add and remove and rename files in it. If you can't delete a file, it's not cuz because you can't write the file, it's cuz because you can't write its directory.

x means Execute permission. For a directory, that means you can use it to get at files inside. Even if you don't have read permission! If you know the name of the file, and you have x permission, you can use that file or directory (and directories beneath, if any).

Each file remembers three kinds of people who can mess with it:
- the User is one particular user, usually whoever created it, the 'owner'.
- the Group is some group, oh, you can often change this if you're the User. (If you are both the User and the Group, you only get the User permissions.)
- the Other is the rest of all the users, excluding the User and the Group.
This isn't always convenient; sometimes you want only three different users to access it, or two groups, or whatever, but this is the way it's worked since before 1980. Usually, you can figure out a way to make it work for you and the server.

OK so if you see permissions like this:
rwx rwx rwx nancy staff
that means that the User named Nancy can read & write & execute it, and so can the Group named Staff, and so can everybody else.

This however:
rwx --- --- nancy staff
means that Nancy can do everything, but nobody else can. Very private. And this:
rw- r-- --- nancy staff
means that Nancy can read and write, the staff can just read and everybody else is locked out. Programmers often abbreviate this into 3 digits where:
r = 4
w = 2
x = 1
and you add them to get a single digit, so rw- r-- --- turns into: 640. Compact but confusing if you're not used to it. You'll see these commonly:
rw = 6 (common on files you can change)
rx = 5 (common on directories you can't change)
rwx = 7 (common on directories you can do anything with)

So probably you'll need some situation where you and the server can get at what you have to get at, and everybody else is locked out. Remember that you can lock people out by simply removing x permission from a directory at the top - you don't have to change every file.




Built-in Installation Profiles

Source: https://www.drupal.org/docs/7/installing-drupal-7/built-in-installation-profiles-drupal-7


Last updated on

16 September 2016

Drupal includes installation profiles that control what's included as you get started. Select from either the Standard or the Minimal profile.

  • The Standard profile has several core modules enabled. It has more default configuration set up, including several default admin tools. This profile does more to show what core can do, and can save site building time by having defaults for common use cases.
  • The Minimal profile has only a few very basic modules installed. This profile is useful if you only want very specific features, or if it will take more work to undo the defaults provided with the Standard profile.


The following table lists the modules enabled by the Standard profile, as compared to the Minimal profile:

Modules enabled by profile





Contextual Links


Database Loggingxx


Field SQL storagexx

Field UI




















Note: There are core modules not enabled in either profile, and those are not included in the table. It is correct to say that Database Logging and Block are the only two modules that are enabled in Minimal. The other modules are required by Drupal. Update Status depends on the user choosing updates during installation.


Content types

  • Minimal - There are no content types to start.
  • Standard - 2 premade content types, Basic Page, and Article
    • Basic Page - not promoted to front page, comments disabled, author and date not set to display, rdf mapping 'foaf:Document'
    • Article - a default taxonomy named "Tags" enabled. Set to display author and date info, comments enabled. Comes with an image field. The image field has an rdf mapping of 'og:image', 'rdfs:seeAlso' and the tags field has a rdf mapping of 'dc:subject'


  • Both - 4 default menus. The Navigation and Management menu blocks appear by default in Bartik's first sidebar, and the user menu is printed in the upper right.
  • Minimal - The menu module is not enabled. Menus cannot be added or edited under Structure > Menus until the Menu module is enabled.
  • Standard - Default home link in the Main Menu


  • Minimal - The default Bartik theme has the following blocks enabled:
    • System help in the Help section
    • Main page content in the Content section
    • Navigation, User login, and Management in the Sidebar first section
  • Standard - The default Bartik theme has the following blocks enabled:
    • System help in the Help section
    • Main page content in the Content section
    • Search, Navigation, User login in the Sidebar first section
    • Powered by Drupal in the Footer


  • Minimal - Bartik is the default theme and the default admin theme
  • Standard
    • Bartik is the default theme
    • Seven is set as the admin theme, and set to appear when editing or creating content
    • Global and Bartik initial theme settings are the same.


Account settings

  • Minimal - No default roles, and no default admin role
  • Standard - There is a default role for administrator, who is set as the default admin role. User pictures are enabled.

Text formats

  • Minimal - One text format: Plain text (default with Drupal)
  • Standard - Three text formats: Plain text, Full HTML, and Filtered HTML


  • Minimal - Image module is disabled
  • Standard - Three default styles: thumbnail, medium, and large

Database tables installed

  • Minimal - 48 tables installed in the database
  • Standard - 73 tables installed in the database



OS specific download notes

Source: https://www.drupal.org/docs/7/install/os-specific-download-notes


Last updated on

16 September 2016

Follow the links below to download and install Drupal 7 on specific operating systems:

OS X download notes

If you are installing on a Mac server, or are creating a test site on your Mac, you may also want review these handbook pages during installation:

Windows download notes

Note: By default, Windows cannot uncompress files saved in the .tar.gz format. This page assumes that you've downloaded and installed the freely available 7-Zip utility to extract .tar.gz files. A number of other file compression utilities are also available.

To download Drupal on your Windows computer:

  1. On the Drupal project download page find the version that you want to download. In this case, select the first Drupal 7 version under the section 'Official Releases.' Click Download and save the file without opening it.
  2. Right-click the .tar.gz Drupal installation file, and then select 7-Zip >> Extract here.

    The utility extracts a .tar file.

  3. Right-click the .tar file, and then select 7-Zip >> Extract here.

    You will now see the final Drupal folder. Drag the folder to where you need it to be in the file hierarchy.


    • If you extract the files into a folder other than your web site's folder, copy the contents of the Drupal folder into the appropriate web folder, rather than cutting/pasting them. (This will ensure the files will inherit the appropriate permissions for the web server.)
    • If you're using Apache instead of IIS, skip the remaining steps on this page.
  4. In the sites/default folder, create a folder called files and grant modify permissions for it to IIS_WPG (IIS6) or IIS_IUSRS (IIS7).
  5. Drupal distributions come with .htaccess files for *nix use. IIS7 users should convert this file to a web.config file for their site. If you have used the IIS Manager to create a new site, a basic web.config file will exist in your site's root directory. Edit the file to look like this example:

<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <!-- Don't show directory listings for URLs which map to a directory. --> <directoryBrowse enabled="false" /> <!-- Caching configuration was not delegated by default. Some hosters may not delegate the caching configuration to site owners by default and that may cause errors when users install. Uncomment this if you want to and are allowed to enable caching --> <!-- <caching> <profiles> <add extension=".php" policy="DisableCache" kernelCachePolicy="DisableCache" /> <add extension=".html" policy="CacheForTimePeriod" kernelCachePolicy="CacheForTimePeriod" duration="14:00:00" /> </profiles> </caching> --> <rewrite> <rules> <!-- rule name="postinst-redirect" stopProcessing="true"> <match url=".*" /> <action type="Rewrite" url="postinst.php"/> </rule --> <rule name="Protect files and directories from prying eyes" stopProcessing="true"> <match url="\.(engine|inc|info|install|module|profile|test|po|sh|.*sql|postinst.1|theme|tpl(\.php)?|xtmpl|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format)$" /> <action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." /> </rule> <rule name="Force simple error message for requests for non-existent favicon.ico" stopProcessing="true"> <match url="favicon\.ico" /> <action type="CustomResponse" statusCode="404" subStatusCode="1" statusReason="File Not Found" statusDescription="The requested file favicon.ico was not found" /> </rule> <!-- To redirect all users to access the site WITH the 'www.' prefix, http://example.com/... will be redirected to http://www.example.com/...) adapt and uncomment the following: --> <!-- <rule name="Redirect to add www" stopProcessing="true"> <match url="^(.*)$" ignoreCase="false" /> <conditions> <add input="{HTTP_HOST}" pattern="^example\.com$" /> </conditions> <action type="Redirect" redirectType="Permanent" url="http://www.example.com/{R:1}" /> </rule> --> <!-- To redirect all users to access the site WITHOUT the 'www.' prefix, http://www.example.com/... will be redirected to http://example.com/...) adapt and uncomment the following: --> <!-- <rule name="Redirect to remove www" stopProcessing="true"> <match url="^(.*)$" ignoreCase="false" /> <conditions> <add input="{HTTP_HOST}" pattern="^www\.example\.com$" /> </conditions> <action type="Redirect" redirectType="Permanent" url="http://example.com/{R:1}" /> </rule> --> <!-- Rewrite URLs of the form 'x' to the form 'index.php?q=x'. --> <rule name="Short URLS" stopProcessing="true"> <match url="^(.*)$" ignoreCase="false" /> <conditions> <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" /> <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" /> <add input="{URL}" pattern="^/favicon.ico$" ignoreCase="false" negate="true" /> </conditions> <action type="Rewrite" url="index.php?q={R:1}" appendQueryString="true" /> </rule> </rules> </rewrite> <!-- httpErrors> <remove statusCode="404" subStatusCode="-1" /> <error statusCode="404" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" /> </httpErrors --> <defaultDocument> <!-- Set the default document --> <files> <remove value="index.php" /> <add value="index.php" /> </files> </defaultDocument> </system.webServer> </configuration>

Further reading available at: http://chrislarson.me/blog/installing-drupal-iis-microsoft-sql.html & http://www.drupalonwindows.com/en/blog/installing-drupal-windows-and-sql-server

SELinux download notes

To install on a Fedora-based distro (RHEL, CentOS, etc.) there are two main options:

  • Install from the repository through a yum install drupal command. (In Fedora 23, it is dnf install drupal7)
  • Install it yourself.

The installation instructions will vary a bit depending on your choice, as will the version you wind up with in some cases.

To be compliant with FHS guidelines on architecture independent system components (http://www.pathname.com/fhs/pub/fhs-2.3.html#THEUSRHIERARCHY) vs transient data placement (http://www.pathname.com/fhs/pub/fhs-2.3.html#THEVARHIERARCHY) and to enforce Fedora-ish system segregation Fedora and its derivatives place the code part of systems like Drupal and WikiMedia in /usr/share and the data elements (like files/ and images/) in /var/www. These parts are bound together through a series of symlinks, as the original development concept behind Drupal and other such systems did not take the FHS into account (there is a pretty big generation/culture gap between core Unix developers and web developers -- and embedding code to this extent inside of what used to be public data files (.html files becoming .php files and totally bypassing cgi-bin) was never thought of when the FHS was originally conceived). This can be confusing for newcomers.

In either case, the placement of the Drupal code (all those .php files) in the filesystem is irrelevant to the function of SELinux. Apache's daemon, httpd, has a context group within the Fedora SELinux policy structure. Any files or directories that Apache needs to interact with must be placed in an httpd_* type context. Yum will handle this for you if you do a yum install drupal install and the stickiness of the /var/www filesystem hierarchy will do it for you if you unpack it directly into a sub-directory there. However, installation cases outside of this where SELinux is set to enforce but the default SELinux policies are either grossly underdeveloped (Ubuntu, for example) or nonexistant (Slackware / LFS + SELinux -- yes, some people do this) will have to make the change on their own:

chcon -R -t httpd_sys_content_t /path/to/drupal/files

The other area where SELinux can trip one up is basic policy permissions for allowing Apache to do things like send email (to prevent compromised systems from becoming proxy spam-generators -- a problem far more common than most Ubuntu new administrators seem to be aware), make calls across network sockets to database servers (a wonderful way to bypass password protections and steal user data from a site), or directly alter files on behalf of scripts (an entry to the first two). To enable this small list of abilities but keep your system otherwise locked down with an SELinux policy set to "enforce" run the following three commands:

# setsebool -P httpd_can_network_connect_db=1 # setsebool -P httpd_can_sendmail=1 # setsebool -P httpd_unified=1

Unfortunately, in an excited rush to get things up quickly most people who opt for the increased security that SELinux provides by choosing a Fedora-based distro usually toss all their gains at the first sign of SELinux conflicts by turning SELinux off instead of digging further (because learning 4 more file security attributes is hard -- and admittedly, SELinux is rarely explained so simply in currently available resources).

Outside of granting Apache permission to do things Drupal needs to work correctly (those three setsebool commands) and then telling SELinux where these permissions should apply (the chcon command above), the installation process is no different from any other system. It is useful to remember if you run into an FHS-compliant installation where /var/www/html/drupalxx is largely empty but for a few symlinks and data folders (like config/) that all of the code is over in /usr/share and conceptually nothing has really changed.

Also, if you use LDAP, you may be interested:
# setsebool httpd_can_connect_ldap on

tl;dr reference on rpm-based Systems: http://zxq9.com/archives/442