Planet Drupal

Subscribe to Planet Drupal feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 15 hours 18 min ago

Zivtech: How to Prevent Your Drupal Site from Getting Hacked: Part 2

3 April 2018 - 2:00am

In part one of this post, I went over how Drupal Security Advisories, SSL/TLS certificates, and thorough user account security help lay the foundation for keeping your Drupal site secure. In part two, we’ll take a look at user roles and permissions, input filters and text formats, and third party libraries.

User Roles and Permissions

To keep your site secure, always make sure that your user roles and permissions are configured properly. Depending on the modules installed and third party integrations, there could be additional permissions and/or roles to configure to ensure the site is still secure after installing a particular module. It’s important to read the full module README and/or module documentation to verify that all configuration options and permissions have been set up securely. In many cases, modules with very important security related permissions will either set them to a sane default configuration, or put up a notice on the modules page within the admin UI. Some will do both. Some will do neither, so that’s why you need to be aware. 

For each module you enable, there can be optional or required permissions that need to be configured. This is one of the easiest things to overlook as a Drupal beginner, so keep an eye on which modules you’re enabling, and if you have permissions set for all your roles before launching the site. 

Read more
Categories: Drupal

ADCI Solutions: Let's talk about Leadership and Marketing at DrupalCon

2 April 2018 - 7:15pm

The ADCI Solutions team is ready to set off to DrupalCon Nashville. Meet us there! This time we bring up the topics of leadership and marketing of Drupal. We'd love to see you at the session and BoF! Let’s gather and chat!

 

Find more details here. 

 

Categories: Drupal

Jacob Rockowitz: Drupal is the worst Content Management System except for all those other solutions

2 April 2018 - 3:03pm

Recently I read Why is Drupal now the second most-hated platform behind SharePoint? followed by the predictable Reddit discussion trashing Drupal. Every time I read someone's negative, yet reasonable, criticism of Drupal, I can't help but rephrase Winston Churchill's famous quote about democracy in the context of Drupal and Open Source.

Churchill's defense of democracy came at a time when the notion of democracy was under a direct threat. Drupal and Open Source are not imperil in the same way, but the lesson Drupal and Open Source can learn from history is that it is essential to recognize, respond, and adapt to potential threats. Ignoring problems is the worst thing anyone can do.

Introspection and discussion is a significant part of our process to improve and affect change within Drupal. I am looking forward to Owen Lansbury's DrupalCon Nashville presentation called Have We Reached Peak Drupal?. I have seen a preview of his presentation and it puts Drupal’s current state into perspective while also looking at its future. If you want to learn more about the discussion around "peak drupal" you should also check out Dave Hall's blog post, "Drupal, We Need To Talk."

While building and maintaining the Webform module for Drupal 8, I have thought a lot about the future of Drupal and the Webform module.

How do we increase Drupal's adoption?

I no longer feel adoption is a Drupal 8 specific issue but rather it’s a...Read More

Categories: Drupal

Acro Media: Drupal Commerce 2: A Comprehensive Technical Overview

2 April 2018 - 8:40am

The development of Drupal Commerce 2 has come a long ways. We've had an official release for a while now and many of the sub-modules and add-on modules are coming along nicely. However, with all of the focus being on development, it can be hard to find good documentation for Drupal developers and Technical Managers who want to know more about the underlying systems and design.

Look no further!

A while ago we contact Steve Oliver and asked him to help us out. Steve has been developing Drupal for a long time (at the time of writing, his Drupal.org profile is 12 years, 3 months old). He's contributed to all aspects of Drupal, including Commerce, and is quite active in IRC and Slack, providing support. We asked him if he would be interested in providing us with one document that contained everything you might want to know about Drupal Commerce from a technical perspective. We're talking about the systems, design patterns, concepts, core modules, contrib modules, and more. Steve blew us away, coming back to us with a 22 page document that has it all. We've taken all of that wonderful information and put it on our site for everyone to enjoy. It's a great starting point or general refresher.

So without further delay, take a look for yourself. I bet you'll be happy that you did!

You may also like

Categories: Drupal

Acquia Developer Center Blog: Introducing the Acquia Decoupled Starter Kit for React

2 April 2018 - 8:11am

The Starter Kit includes three separate applications to demonstrate various Headless Drupal design patterns: a React application, a GraphQL application, and a Headless Lightning Drupal website. Each application was created to work in tandem with each other, but also as a collection of boilerplate tools for your personal applications.

Tags: acquia drupal planet
Categories: Drupal

Specbee: Symphony2 Components In Drupal 8 : An Integration Every Drupaler Must Know About

2 April 2018 - 6:13am

Symphony is an open source PHP based web application framework. Symphony uses a set of reusable PHP components to build web applications from scratch. Symphony follows MVC architecture. A kernel is the heart of symphony (Its just a class) and symphony extends this class to in its built applications.

Categories: Drupal

Sooper Drupal Themes: SooperThemes Drupal 8 Release Candidate 3. Patch update for Glazed and Glazed Builder Drupal 7.

2 April 2018 - 5:03am

Our latest update for Drupal 8 and 7 fixes a bug with Chrome browser's latest release and the 3rd level "dropdown" menus in mobile navigation and side-header navigation. If your websites does not use 3rd level dropdown menus these updates are probably not important for you. We also use the opportunity to get our Drupal 8 products up to date with Drupal 8.5 and we made sure everything is tested to work with the recent highly critical security updates.

Drupal 8 RC3

Fixing an issue with Font Awesome 5 Pro icons and some other minor issues, our RC3 release is ready to quickly transition into a stable release. We're now focused on updating our product pages, documentation, and other sooperthemes.com infrastructure to make sure downloading, using, and updating our Drupal 8 projects will be a smooth experience. We expect to be ready for the official Drupal 8 launch of all our products in about 2 weeks, but this release candidate is a perfectly fine starting point if you're already looking to start a Drupal 8 project with Glazed Theme, Glazed Builder, or our SooperThemes Portfolio module.

Glazed 7.x-2.6.9 and Glazed Builder 7.x-1.1.8

We release patch updates for Drupal 7 Glazed Theme and Glazed Builder, making minor improvements to both products and of course we've done extensive testing to make sure everything works after the recent Drupal core security updates that touched some very "core" parts of Drupal. See the Glazed CHANGELOG and Glazed Builder CHANGELOG for an overview of changes. No changes related to the security update were made.

SooperThemes Updates Coming Soon

The Drupal 8 stable release has been a long time coming, and now the product is ready. We're just holding off the official launch until our website and documentation are also brought up to date to support Drupal 8. If you're interested in our progress just keep an eye on the website. Sooperthemes.com will be undergoing changes in both content and design. For a sneak preview check out our "work in progress" Glazed Builder product page, which now features tons more information than before. You'll also find that I'm experimenting with a video format that I'd like to use for both documentation and marketing communications.

When we are finally completely stable with all our Drupal 8 products we will develop new product features and Glazed Theme demo designs. All product updates will be available to both Drupal 7 and 8 product versions. The specifics of development we'll be focussing on will be determined in the near future by asking you guys what you want and need.

Open Source Contributions Scheduled After Stable Drupal 8 Release

I regret that while working so hard on our Drupal 8 product updates for premium products, our open source projects have been neglected. This was an inevitable result of our Drupal 8 work overrunning budget and timelines by huge margins. I'm looking forward to start investing again in the free version of Glazed Theme we host on drupal.org, and of course publish a stable Drupal 8 version of the free theme and Glazed CMS distribution on drupal.org. We'll make sure Drupal 8 gets the free theme it deserves, with more flexibility and customizability than any other free Drupal theme. 

Categories: Drupal

ADCI Solutions: Cloud hosting platforms. Part two: Acquia Cloud

2 April 2018 - 1:00am
A basic web hosting stores code and a database of a site and makes it accessible for internet users. However, modern hosting platforms do more than that - they act as a tool of the development process. Acquia Cloud is one of such modern hosting platforms that can enhance your work in a number of ways.
Categories: Drupal

DrupalCon News: So It's Your First Time at DrupalCon

1 April 2018 - 10:25pm

If you are getting ready to attend your first DrupalCon, here are a few ideas to help you prepare for an intense week of open source software community from @horncologne. Watch the interview video for more tips and inspiration from my Drupal friends.

Categories: Drupal

Matt Glaman: drupal_install_test.ibd: To start over, you must empty your existing database

1 April 2018 - 9:00pm
drupal_install_test.ibd: To start over, you must empty your existing database mglaman Sun, 04/01/2018 - 23:00

In prep for DrupalCon Nashville, I was working on our Drupal Commerce demo sites that we'll be showing off. They have been running in silent mode for some time and recently received an overhaul so they use our demo and out of the box theme for Drupal Commerce, Belgrade.

Categories: Drupal

Gbyte blog: Clone entity data into existing entities in Drupal 8

30 March 2018 - 9:55am
Creating a duplicate of an entity

Creating a duplicate of an entity is easily done via the entity API method Entity::createDuplicate(). This is a convenient method if the goal is to clone an entity into a new entity, as all identifiers of the previous entity get unset when using this method.

Categories: Drupal

Nextide Blog: Maestro 2.1 Release and Demo Site

30 March 2018 - 9:44am

The Maestro module and it's use-case can be challenging to understand and we recognized there was a need to provide a better explanation and examples.

It's fair to say that every company and organization from small to large has business processes involving the movement of forms and or documents with varying degrees of complexity and number of participating internal and external users. Maestro was developed to help automate these processes with it's workflow editor and workflow engine.

If it can be flow-charted, then it can be automated with Maestro.

This is not a just a clever saying. It's true. With Maestro, the method to automate your process starts with our visual workflow editor with which you drag, drop and connect your workflow steps together. The maestro workflow editor can be used by business users to map out their business process. 

Categories: Drupal

Drop Guard: Best of - Update marathon 2018

30 March 2018 - 3:30am
Best of - Update marathon 2018

I've collected a bunch of articles for you, where Drupal agencies describe their processes, workflows and experience with the Drupal update release PSA-2018-001.

Hard facts: The update was announced one week earlier and released on March 28th between 18:00 and 19:30 UTC. Due to the flood of site views and very motivated F5 finger exercises, Drupal.org was down for around an hour. Fortunately, the Drupal Community worldwide was prepared with snacks, pizza, and more pizza, remote hangman, and a lot of memes.

For detailed information, the Drupal Security Team provided this FAQ about SA-CORE-2018-002.

Drupal Drupal Planet Business Update Automation
Categories: Drupal

Lucius Digital: Drupal patch party | 20 cool Tweets

30 March 2018 - 2:07am
Last week there was a Public Service Announcement done by the Drupal security team: a highly critical security update would be released last Wednesday, around 20.00h Dutch time.
Categories: Drupal

Matt Glaman: From Drupal to Medium: automated cross posting

30 March 2018 - 2:00am
From Drupal to Medium: automated cross posting mglaman Fri, 03/30/2018 - 04:00 Back in February, I automated some of my content workflows. I use the Scheduler module to publish posts and have them automatically pushed into Buffer to be shared across my social networks. I'm attempting a new experiment once this node publishes. This should show up at my Medium account, https://medium.com/@mglaman.
Categories: Drupal

Agiledrop.com Blog: AGILEDROP: Interview with Aleš, our Client adviser

30 March 2018 - 1:28am
We have sat down with our Client adviser Aleš and ask him a couple of questions. Enjoy the interview.   When did you start working at AGILEDROP and what were your initial responsibilities? I started working at AGILEDROP in the summer of 2017, August 1st was my first day in the office. I was actually the first one employed in the department besides our commercial director Iztok to assist him dealing with new clients. Initially, I had to get acquainted with the specifics and specialities of the job requirement. But I do have to say that with the help of the team I quickly settled in and was… READ MORE
Categories: Drupal

Annertech: Your Site's Security is Our Top Priority.

30 March 2018 - 1:23am
Your Site's Security is Our Top Priority.

On Wednesday 21 March, the Drupal security team announced a that there would be an extremely important security release of Drupal (SA CORE 2018 002) which would fix a vulnerability in the core code. This vulnerability affected every single Drupal site, whether on 8, 7, 6 or even 5.

This is not a new phenomenon, and is testament to the efficiency and professionalism of the Drupal Security Team that these vulnerabilities are found, fixed, and the releases managed appropriately.

Categories: Drupal

Hook 42: Hook 42 at Stanford Camp 2018

29 March 2018 - 7:52pm

If DrupalCon is right around the corner, then Stanford Drupal Camp is right in front of us! We’re excited to spend a couple days almost in our own backyard at Stanford before heading to Nashville. 

We have a bunch of sessions lined up on a variety of subjects... from DevOps to decoupled Drupal, technical TLAs to development tips, and even a case study about a Stanford project. We’ve got something for everyone, so we hope to see you there!

Categories: Drupal

Freelock : Drupalgeddon2: Should I worry about critical security updates?

29 March 2018 - 5:00pm
Drupalgeddon2: Should I worry about critical security updates? John Locke Thu, 03/29/2018 - 18:00

No, you should not. You should let us worry about them, and go back to your business.

Seriously, we're getting questions from all kinds of people about whether this matters. I'm a bit surprised that there is any question about that. Would you be concerned if your top salesperson was selling for somebody else? If your cashiers were jotting down credit card numbers when they charged a card? If your office became a well-known spot for illicit drug or gun dealers? If your office had a bunch of scammers squatting and running a pyramid scheme? If your confidential client information could be revealed as easily as using a bic pen on an old Kryptonite lock?

Bic Pen vs Kryptonite Lock

We've seen some variation of every single one of those scenarios. And all of them are possible with a remote code execution flaw in a web application, like yesterday's Drupal security vulnerability.

And yet people still

Drupal Drupal Planet Security WordPress
Categories: Drupal

Tandem's Drupal Blog: Migrating Drupal 7 Organic Groups to Drupal 8 Group

29 March 2018 - 5:00pm
March 30, 2018 Migrating Drupal 7 Organic Groups to Drupal 8 Group takes a little bit of effort and migration elbow grease. Use Case for this Migration We are currently helping a university client migrate their intranet to Drupal 8. The intranet was built with Open Atrium in Drupal 7. Unfortunately there is no Open Atrium Drupal 8 version and ...
Categories: Drupal

Pages