Issue
What if I want to keep some information out of my settings.php
file?
Resolution
In many cases, your website's settings.php
file is committed to your version control repository. If you're using an external repository, you may not be comfortable with the idea of pushing a file that contains sensitive information (such as usernames and passwords) out to a public repository. Because of this, you may want to keep information out of your settings.php
file.
Drupal provides the ability to use a local settings.php
file, based on your installed version of Drupal.
Drupal 8
Drupal 8 provides this functionality by default by using a settings.local.php
file for private settings.
There is also an issue to rename this file to local.settings.php
to more consistently follow standard file naming, but this will not be approached until Drupal 9.
Drupal 7
If you need to keep a local set of credentials or other pieces of settings.php
that you do not want to commit to your repository, complete the following steps:
- Create a
settings.local.php
file in yoursites/*/
directory (whereversettings.php
is located). - Include the following code in your
settings.php
file after the Acquia include line, which calls the local file:if (file_exists(DRUPAL_ROOT . '/' . conf_path() . '/settings.local.php')) { include DRUPAL_ROOT . '/' . conf_path() . '/settings.local.php'; }
- If you're using Git, add
docroot/sites/*/settings.local.php
to your.gitignore
file.