Updating Drupal 6.x to 6.25 in 10 steps – Running security patches on existing Drupal 6 web site
This February Drupal core security updates were released not only for version 6 but also for version 7. Today I want to share my experience of running these updates on a Drupal 6 site and here I will explain this whole procedure in just 10 steps in the order and may be some of the points which I am going to share here you won’t find them in UPGRADE.txt file..
- Create backup of everything including database, Drupal installation directory etc..
- First of all log in with main administrator account and apply any Drupal core theme like Garland for visitors as well as admin users.
- Switch on Site-off maintenance mode and clear all website cache by visiting Performance panel.
- Don’t forget to set health checks off at your server settings otherwise you won’t be able to put your website on maintenance mode.
- Most of the Drupal developers recommend disabling all modules except the core ones but I didn’t find this as necessary, I applied this update several times without disabling any kind of module during this whole updating process.
- Download latest Drupal core zip file and unzip it in any location at your own machine. Then select and copy everything in new Drupal core folder except ‘sites’ directory, .htaccess and robots.txt files and paste them at Drupal Installation directory by replacing all existing older files and folders.
- Run update.php file , it should be located at www.yoursite.com/update.php if your drupal installation directory is located at root directory.
- Most probably you will get the below message. Do not worry about it just open up settings file which can be found at sites/default/settings.php . First make it a writeable file and open it in any editor, find $update_free_access = FALSE; make it read:$update_free_access = TRUE; then save it.
- Again run /update.php file, this time you will be able to run it successfully, now there should be no problem in all upcoming steps just read and follow instructions.
- After checking Review log message in the end apply back your custom website theme for visitors , now you can switch off maintenace mode so viewers can again visit all pages of your website. At this stage you can run cron manually and check the status report. In report you will find Access to update.php as Unprotected therefore rollback settings.php file to $update_free_access = FALSE; and save it again with just read only file access permission.
Take a look around the website to make sure everything is how it should be. Ask me if you have any questions