Planet Drupal

Subscribe to Planet Drupal feed - aggregated feeds in category Planet Drupal
Updated: 23 hours 22 min ago

XIO Blog: Combining Drupal 7 and 8: a new public site in Drupal 8, maintaining a separate login site for customers or members in Drupal 7

4 January 2017 - 3:15am
Often websites are upgraded to Drupal 8 because the time has come for a new, fresh look in order to generate business and attract new customers or members. This does not affect the separate member or customer section per se. There the emphasis tends to be on integrated tools for providing support to the users and these tools do not need to be upgraded that often.  
Categories: Drupal

Third & Grove: TPG Capital Drupal Case Study

4 January 2017 - 12:00am
TPG Capital Drupal Case Study antonella Wed, 01/04/2017 - 03:00
Categories: Drupal

Acquia Lightning Blog: Using the Workspace Preview System

3 January 2017 - 1:50pm
Using the Workspace Preview System Adam Balsam Tue, 01/03/2017 - 16:50

Back in October of 2016, we launched an experimental version of Lightning's Workspace Preview System. While it is still marked as experimental, great progress has been made and we wanted to share some more details about how one might use WPS.

Categories: Drupal

DrupalCon News: How are you building Drupal websites?

3 January 2017 - 12:25pm

Drupal's site configuration interface and contributed modules have evolved greatly over the years. We want to hear all about your experience with helpful tools and successful techniques.

Do you or your organization have recommendations for a successful site build? Are you harnessing an awesome new contrib module that everyone should hear about? Did you find a great technique for creating incredible Drupal websites through the administrative interface?  Do you like crab cakes or Baltimore beer?  Me too!  

We want to hear about it all!  

Categories: Drupal

OSTraining: How to Update Drupal 8 Sites

3 January 2017 - 11:24am

Throughout the life of your Drupal site, you'll have to perform updates. New features, bug fixes and security patches will be released for Drupal itself, plus modules and themes. This process is essential to maintain a healthy Drupal site.

We're going to take you through the process of updating your Drupal sites. Watch the following 5 videos below, and you'll see to update Drupal 8.

Categories: Drupal

Drupal Console: Drupal Console RC-13 is out

3 January 2017 - 9:10am
Latest DrupalConsole RC-13 is out including several changes and fixes. This is a summary of the most notable updates.
Categories: Drupal

Lullabot: HTTPS Everywhere: Quick Start With Cloudflare

3 January 2017 - 9:00am

This is a continuation of a series of articles about HTTPS, continuing from HTTPS Everywhere: Security is Not Just for Banks. If you own a website and understand the importance of serving sites over HTTPS, the next task is to figure out how to migrate a HTTP website to HTTPS. In this article, I’ll walk through an easy and inexpensive option for migrating your site to HTTPS, especially if you have little or no control over your website server or don't know much about managing HTTPS.

A Github Pages Site

I started with the simplest possible example. I have a website hosted by a free, shared hosting service, Github Pages, that doesn’t directly provide SSL for custom domains, I have no shell access to the server, and I just wanted to get my site switched to HTTPS as easily and inexpensively as possible. I used an example from the Cloudflare blog about how to use Cloudflare SSL for a Github Pages site.

Services like Cloudflare can provide HTTPS for any site, no matter where it is hosted. Cloudflare is a Content Delivery Network (CDN) that stands in front of your web site to catch traffic before it gets to your origin website server. A CDN provides caching and efficient delivery of resources, but Cloudflare also provides SSL certificates, and they have a free account option to add any domain to a existing SSL certificate for no charge. With this alternative there is no need to purchase an individual certificate, nor figure out how to get it uploaded and signed. Everything is managed by Cloudflare. The downside of this option is that the certificate will be shared with numerous other unrelated domains. Cloudflare has higher tier accounts that have more options for the SSL certificates, if that’s important. But the free option is an easy and inexpensive way to get basic HTTPS on any site.

It’s important to note that adding another server to your architecture means that content makes another hop between servers. Now, instead of content going directly from your origin website server to the user, it goes from the the origin website server to Cloudflare to the user. The default Cloudflare SSL configuration will encrypt traffic between end users and the Cloudflare server (front-end traffic), but not between Cloudflare and your origin website server (back-end traffic). They point out in their documentation that back-end traffic is much harder to intercept, so that might be an acceptable risk for some sites. But for true security you want back-end traffic encrypted as well. If your origin website server has any kind of SSL certificate on it, even a self-signed certificate, and is configured to manage HTTPS traffic, Cloudflare can encrypt the back-end traffic as well with a “Full SSL” option. If the web server has an SSL certificate that is valid for your specific domain, Cloudflare can provide even better security with the “Full SSL (strict)” option. Cloudflare also can provide you with a SSL certificate that you can manually add to your origin server to support Full SSL, if you need that.

The following screenshot illustrates the Cloudflare security options.

undefined Step 1. Add a new site to Cloudflare

I went to Cloudflare, clicked the button to add a site, typed in the domain name, and waited for Cloudflare to scan for the DNS information (that took a few minutes). Eventually a green button appeared that said ‘Continue Setup’.

undefined Step 2. Review DNS records

Next, Cloudflare displayed all the existing DNS records for my domain.

Network Solutions is my registrar (the place where I bought and manage my domain). Network Solutions was also my DNS provider (nameserver) where I set up the DNS records that indicate which IP addresses and aliases to use for my domain. Network Solutions will continue to be my registrar, but this switch will make Cloudflare my DNS provider, and I’ll manage my DNS records on Cloudflare after this change.

I opened up the domain management screen on Network Solutions and confirmed that the DNS information Cloudflare had discovered was a match for the information in my original DNS management screen. I will be able to add and delete DNS records in Cloudflare from this point forward, but for purposes of making the switch to Cloudflare I initially left everything alone.

undefined Step 3. Move the DNS to Cloudflare

Next, Cloudflare prompted me to choose a plan for this site. I chose the free plan option. I can change that later if I need to. Then I got a screen telling me to switch nameservers in my original DNS provider.


On my registrar, Network Solutions, I had to go through a couple of screens, opting to Change where domain points, then Domain Name Server, point domain to another hosting provider. That finally got me to a screen where I could input the new nameservers for my domain name.


Back on Cloudflare, I saw a screen like the following, telling me that the change was in progress. There was nothing to do for a while, I just needed to allow the change to propagate across the internet. The Cloudflare documentation assured me that the change should be seamless to end users, and that seemed logical since nothing had really changed so far except the switch in nameservers.


Several hours later, once the status changed from Pending to Active, I was able to continue the setup. I was ready to configure the SSL security level. There were three possible levels. The Flexible level was the default. That encrypts traffic between my users and Cloudflare, but not between Cloudflare and my site’s server. Further security is only possible if there is an SSL certificate on the origin web site server as well as on Cloudflare. Github pages has a SSL certificate on the server, since they provide HTTPS for non-custom domains. I selected the Crypto tab in Cloudflare to choose the SSL security level I wanted and changed the security level to Full.

undefined Step 4. Confirm that HTTPS is Working Correctly

What I had accomplished at this point was to make it possible to access my site using HTTPS with the original HTTP addresses still working as before.

Next, it was time to check that HTTPS was working correctly. I visited the production site, and manually changed the address in my browser from HTTP:// to HTTPS:// I checked the following things:

  • I confirmed there was a green lock displayed by the browser.
  • I clicked the green lock to view the security certificate details (see my previous article for a screenshot of what the certificate looks like), and confirmed it was displaying a security certificate from Cloudflare, and that it included my site’s name in its list of domains.
  • I checked the JavaScript console to be sure no mixed content errors were showing up. Mixed content occurs when you are still linking to HTTP resources on an HTTPS page, since that invalidates your security. I’ll discuss in more detail how to review a site for mixed content and other validation errors in the next article in this series.
Step 5. Set up Automatic Redirection to HTTPS

Once I was sure the HTTPS version of my site was working correctly, I could set up Cloudflare to handle automatic redirection to HTTPS, so my end users would automatically go to HTTPS instead of HTTP.

Cloudflare controls this with something it calls “Page Rules,” which are basically the kinds of logic you might ordinarily add to an .htaccess file. I selected the “Page Rules” tab and created a page rule that any HTTP address for this domain should always be switched to HTTPS.


Since I also want to standardize on instead of, I added another page rule to redirect traffic from HTTPS:// to HTTPS:// using a 301 redirect.


Finally, I tested the site again to be sure that any attempt to access HTTP redirected to HTTPS, and that attempts to access the bare domain redirected to the www sub-domain.

A Drupal Site Hosted on Pantheon

I also have several Drupal sites that are hosted on Pantheon and wanted to switch them to HTTPS, as well. Pantheon has instructions for installing individual SSL certificates for Professional accounts and above, but they also suggest an option of using the free Cloudflare account for any Pantheon account, including Personal accounts. Since most of my Pantheon accounts are small Personal accounts, I decided to set them up on Cloudflare as well.

The setup on Cloudflare for my Pantheon sites was basically the same as the setup for my Github Pages site. The only real difference was that the Pantheon documentation noted that I could make changes to settings.php that would do the same things that were addressed by Cloudflare’s page rules. Changes made in the Drupal settings.php file would work not just for traffic that hits Cloudflare, but also for traffic that happens to hit the origin server directly. Pantheon’s documentation notes that you don’t need to provide both Cloudflare page rules and Drupal settings.php configuration for redirects. You probably want to settle on one or the other to reduce future confusion. However, either, or both, will work.

These settings.php changes might also be adapted for Drupal sites not hosted on Pantheon, so I am copying them below.

// From // Set the $base_url parameter to HTTPS: if (defined('PANTHEON_ENVIRONMENT')) { if (PANTHEON_ENVIRONMENT == 'live') { $domain = ''; } else { // Fallback value for development environments. $domain = $_SERVER['HTTP_HOST']; } # This global variable determines the base for all URLs in Drupal. $base_url = 'https://'. $domain; } // From //Redirect all traffic to HTTPS and WWW on live site: if (isset($_SERVER['PANTHEON_ENVIRONMENT']) && ($_SERVER['PANTHEON_ENVIRONMENT'] === 'live') && (php_sapi_name() != "cli")) { if ($_SERVER['HTTP_HOST'] != '' || !isset($_SERVER['HTTP_X_SSL']) || $_SERVER['HTTP_X_SSL'] != 'ON' ) { header('HTTP/1.0 301 Moved Permanently'); header('Location:'. $_SERVER['REQUEST_URI']); exit(); } }

There was one final change I needed to make to my Pantheon sites that may or may not be necessary for other situations. My existing sites were configured with A records for the bare domain. That configuration uses Pantheon’s internal system for redirecting traffic from the bare domain to the www domain. But that redirection won’t work under SSL. Ordinarily you can’t use a CNAME record for the bare domain, but Cloudflare uses CNAME flattening to support a CNAME record for the bare domain. So once I switched DNS management to Cloudflare’s DNS service, I went to the DNS tab, deleted the original A record for the bare domain and replaced it with a CNAME record, then confirmed that the HTTPS bare domain properly redirected to the HTTPS www sub-domain.

undefined Next, A Deep Dive

Now that I have basic SSL working on a few sites, it’s time to dig in and try to get a better understanding about HTTPS/SSL terminology and options and see what else I can do to secure my web sites. I’ll address that in my next article, HTTPS Everywhere: Deep Dive Into Making the Switch.

Categories: Drupal

Third & Grove: Drupal Case Study

3 January 2017 - 8:15am Drupal Case Study antonella Tue, 01/03/2017 - 11:15
Categories: Drupal

Valuebound: 6 things to read if you are a Drupal Developer

2 January 2017 - 11:27pm

Happy new year!

2016 has been quite an year with all the hustle bustle around, lots of changes on its way to the next year. We recently celebrated Christmas with Joy and welcome 2017 whole heartedly.

We did a lot of articles, hands on trainings session and hope to bring more things to learn. We wrote about Cloud, …

Categories: Drupal

CU Boulder - Webcentral: Top 10 Contributing Higher Ed Organizations - January 2017

2 January 2017 - 4:15pm

When the Drupal Association launched their new list of organizations on in March of 2016, The University of Waterloo was in the #6 spot. Being so high on the list was an impressive feat since they were ranked above a number of large Drupal-centric consulting companies with far more developers. Since March, more organizations have made it a priority to create an organization node, add organization references to users, and structure their commit messages to get the commit credits the organization deserve.

It would be difficult for a higher education organization to break into the top 10 again, but we can still have some friendly competition relative to each other while contributing back to the Drupal community. The University of Waterloo has dropped to #74 overall, but they are still the top higher education organization contributing to based on how the Drupal Association is ranking organization contributions.

The Current Top 10 Contributing Higher Ed Organizations

  1. University of Waterloo
  2. University of Colorado Boulder
  3. The University of British Columbia
  4. Indian Institute of Technology (IIT) Bombay
  5. University of Adelaide
  6. The University of Arizona
  7. Iowa State University
  8. La Trobe University
  9. Pennsylvania State University
  10. Babson College

Since higher ed organizations love to be at the top of lists, I’m going to parse on the first of every month and post the resulting ranking in 2017.  I'm doing this for a few reasons.  One is to justify the time we spend at the University of Colorado contributing back on  I believe that contributing back should increases an organization's profile within the Drupal community.  This should make it easier to get issue resolved and to find qualified applicants when we have an opening, but this is hard to quantify.  

Another reason is to encourage more contributions from higher education.  I'm hoping that developers seeing this list every month motivates them to be more active on in 2017, but I'm also hoping that managers see this list, ask their teams why they aren't on the list and make contributing back a priority.

I know higher ed organizations also love to criticize ranked lists that don't include them. Before you jump on Twitter to complain or cry foul, let me try to preempt some likely complaints and explanations about why an organization isn't on this list or why we shouldn't care about this list.

This Methodology is Flawed

If you believe your organization should be on the list because of contributions you've made to documentation, training, camp organization or in some other way that the current algorithm doesn’t capture, everyone involved in maintaining the list on already acknowledges this issue. Now that the new Drupal User Guide project is managed with commits, some documentation contributions will be calculated into an organization's rank. Still, this list is largely influenced by only one type of contribution; commits of code by developers. There have been no shortage of issues, blogs, and tweets criticizing the approach used to sort the list since the Drupal Association started it, but there have been very few concrete suggestions for how to calculate anything other than commits. 

All we are doing to generate the higher ed specific version of the contributing organizations list is scraping, noting the placement of organizations we believe qualify as higher ed using a list of node ids we’ve compiled over time and ordering those results. 

We Use GitHub/BitBucket/Something Other than

So does the University of Colorado Boulder... and we're #2.  While most of our Drupal related commits are done in GitHub without the commit message structure that would give us any credit for this work, we do have a handful of modules we've developed over the years that were general purpose enough to share on Maintaining these on does add some overhead, but in several cases, we've received patches from the community for improvements we would have never had the time to make ourselves. Most recently, College of Western Idaho contributed to RAVE Alerts and AddWeb Solution has contributed to User External Invite

We've also made opening issues on and posting patches part of our process at the University of Colorado Boulder. If we find a bug in a contrib project, we don't fork the local copy of the contrib project into our GitHub repo. That is obviously faster and easier in the short term, but we force ourselves to do it "the right way" with Drush Patch File. We open an issue on first, post the fix as a patch, then integrate the patches into our codebase using with Drush Patch File. The goal is to get the patch rolled into the next stable release of the contrib project and removed from our patches.make in the next release. We don't always achieve this goal for a variety of reasons, but this forces us to fix issues with contrib projects on and increases the credit we get for doing the same amount of development we would have done otherwise.

We Are Now Ranked Higher Than X on

I'm not sure how often the list of is updated, but we are only checking the list on the 1st of each month.  The rankings will change during the month, but I'm confident organizations prioritizing contributing back on with properly configured organization nodes and commit credits will always be at the top of this list.

This Will Just Encourage Gaming the List

Maybe. But even if a higher education organization was gaming commits to make the top 10, they’d need an organization node, users, and projects on to be making commits with properly formatted messages. For many higher ed organizations, that would be more than they’ve ever done on to date. So let the games begin!  

My Organization Doesn’t Allow Me to Contribute to GPL Projects

IMLTHO that has never really been a valid argument, but it is really troubling that any organization would be using Drupal while enforcing a policy like this in 2016. I’ve heard this excuse a few times over the years. On the occasions I’ve had time to attempt to track down what would motivate an organization to maintain a no-GPL policy while using GPL, it has always turned out that it wasn’t an actual policy but rather just an excuse. If you do work at a higher ed organization with a policy like this, please contact me. If there is actually a need, I'm willing to put time into a package of resources university staff can use to justify contributing back to Drupal.

My Organization Has a Node, But It Isn't Showing Up

Sorry. It's possible we've missed you. While offers categories for the markets a service provider serves, it does not currently support categorizing organizations themselves. Current list of higher ed node ids is maintained on the new EDUDU site. This list was compiled by searching the list of organizations maintained on for nodes with the terms "university" or "college" in the title.  We've also added organizations we knew were using Drupal based on code they've shared or their participation in camps or cons.  Several high profile organizations are missing including Harvard, UC Berkeley, Brown, Dartmouth, etc.  If you know of a organization node related to higher ed we are currently not tracking, please use the form on EDUDU to let us know and we'll be happy to add your organization node to the list we are tracking.

My Organization Does Not Have a Node

While still focussed on the Marketplace, this documentation about organization nodes and giving an organization credit in commits is very helpful. Any confirmed user can create an organization page on  Please don't get caught up in who should create the organization node.  Node ownership can be transfered, but until the organization exists, users can't relate themselves to it, project maintainers can't relate the project to organization and developers can't start crediting the organization in their commit messages.  It takes some time and effort to get credit for all activity on from members of an organization, but breaking into the top is actually pretty easy.  Babson College only has 3 people on with a total of 2 commit credits in the last 90 days.  

While the staff at the University of Colorado Boulder has made it our goal to contribute more than Waterloo in January and take the #1 spot by February, we welcome the compition from schools who are active on that aren't currently being tracked.  

If every higher ed organization using Drupal makes contributing back to Drupal on a priority, 2017 will be an even better year for Drupal!


Developer Blog
Categories: Drupal

OSTraining: When is Drupal 7 End-of-Life?

2 January 2017 - 1:50pm

So Drupal 8 is here and that has a significant impact on Drupal 7 users. Drupal 7 is no longer the latest and greatest version.

One question we often get now is this:

When will Drupal 7 reach end-of-life and no longer be supported?

The simple answer is, "We don't know".

The longer answer is, "We can have a good guess". That's what this blog post is about. We hope to give you more details so you can plan for the future of your Drupal 7 site.

Categories: Drupal

Palantir: Saving Money With Open Source

2 January 2017 - 10:44am
Saving Money With Open Source brandt Mon, 01/02/2017 - 12:44 Ken Rickard Jan 2, 2017" typeof="foaf:Image" />

Open source software like Drupal helps remove common business constraints.

In this post we will cover...
  • what the fundamental tenets of open source software are
  • how open source software can have a direct impact on total cost of your project
  • some items to consider when planning your budget

We want to make your project a success.

Let's Chat.

Software decisions are a critical part of business strategy. Software powers everything from marketing websites (content management systems — CMS) to student and customer records. It stores employee records, provides communications infrastructure, and creates and distributes marketing campaigns (marketing automation, customer relationship management — CRM).

When we discuss software purchasing and usage with our partners, we need to take into account the different contexts and uses of that software. The question of context is central to how we think about software decisions. What are your constraints? Are you constrained by budgets? Security policies? License agreements?

One of the main reasons that we work with open source software like Drupal is that it helps remove business constraints. The fundamental tenets of open source software are:

  • Included source code and the ability to modify that code 
  • The right to freely redistribute the software and any modifications
  • Bans on discriminating who may use the software, and for what purpose
  • Non-restrictive licensing, so the software is neither tied to a specific product nor restricts the development or functioning of other software.

These freedoms have a direct effect on the cost of acquisition and maintenance for your software project. Need to connect disparate systems together? An open source license makes that easier, since it removes any restrictions on how you might integrate those systems. For marketing applications, the use of open source software platforms such as Drupal and WordPress ensures your content management system can be extended and adapted to meet your needs.

Open source software frequently runs on community contributions such as money, time, or expertise. You need to factor this aspect of open source into your software decisions. Do you have the resources to devote to supporting the software? If not, is your goal to encourage adding the needed resources within your organization? For example, a 1,000-person organization may need to dedicate three full-time employees to supporting an open source application.

The pros and cons of a commitment to maintaining open source systems must be measured as a question of total return. In the example just given, having three developers devoted to the project may be less expensive than purchasing an application that could be licensed to all users. It may also be cheaper than building and maintaining the software in-house. The skills and training that the three people develop, and putting them in an active, committed role of improving the software, may produce a better return on investment than having them install and maintain proprietary software.

When planning your budgets, look for these items, and consider where you get the best value for investing your time and money:

Licensing. Proprietary software solutions charge license fees. I’ve worked on projects where we replaced proprietary software that had a 7-figure license fee. These used to be one-time fees but now tend to be annual subscription costs (such as you might pay on a smaller scale for Adobe Creative Suite). In extreme cases, the license fee can be per user (also called per seat licensing). In such cases, moving from a team of 3 to a team of 5 can have exponential cost increases.

Support. Before I joined Palantir, I worked at a company that made and sold software. We included a fee of 20% of the purchase price per year as a support fee, which is still fairly standard for enterprise software. The fee was collected regardless of the level of support actually provided. Without it, security and other critical updates wouldn’t be provided.

Hosting. Many software applications have moved into the cloud. While this lessens the cost of hosting applications internally, it can increase the chance of vendor lock-in, as the entire application is outside of your direct control. With both Drupal and WordPress, there are good, effective hosting options that lower your total cost of ownership without locking you in to a specific software or service provider. (Full disclosure, we partner with both Acquia and Pantheon, who provide such services.)

Hidden costs. When we talk about lock-in, we refer to a business model that forces the customer to become dependent on the original service provider. (Lock-in, put simply, is why cable and telecom companies have such horrible customer service ratings.) A software system that doesn’t give you access to the source code — or, even worse, access to your data — is trying to lock you in long-term. That software is restricting the freedom to run your business they way you want to.

It’s that final cost that makes the open source software movement so attractive to many IT professionals. We work with software all day, and we don’t want to be restricted in how we can use it. So we resolve to work together to provide tools that are freely given to all.

In the end, consider the logic behind your decisions. Return on investment and staff commitment are metrics that matter internally. For instance, does your support of LibreOffice, an open source alternative to Microsoft Office, make it possible for your organization to save money? Quite possibly.

But are there larger issues at play? Advantages can also accrue outside your organization. We began by making the case for the free exchange of information that should apply to both medicine and software design. So when you ask the question “What could we do?”, consider expanding the scope to include “What could we do that would help us and others?” That small change in thinking could have profound effects on the way you evaluate your ultimate return on investment.

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter.
Categories: Drupal

Palantir:'s Guide to Digital Governance: Broadcast Email

2 January 2017 - 7:10am's Guide to Digital Governance: Broadcast Email's Guide to Digital Governance brandt Mon, 01/02/2017 - 09:10 Scott DiPerna Jan 2, 2017

This is the fourteenth installment of’s Guide to Digital Governance, a comprehensive guide intended to help get you started when developing a governance plan for your institution’s digital communications.

In this post we will cover...
  • What qualifies as spam
  • Questions to consider when defining your email communication policies
  • Constituent preferences you should also take into account

We want to make your project a success.

Let's Chat.

Broadcast email (i.e. email marketing campaigns, email newsletters, etc.) is loosely defined as email sent and addressed to a group of people rather than a specific person or persons, typically using an email list, contact list, or database of email addresses. It is frequently used for the purposes of email marketing, though it essentially refers to broadcasting a communication to a group of recipients via email to convey information.

When communicating with an external audience, broadcast email typically is sent through an email marketing service (such as MailChimp, Constant Contact, Campaign Monitor, etc.) or through the email platform of a larger enterprise system that may include a CRM and other marketing functions (such as Blackbaud, Salsa, Convio, etc.). Your organization may also have internal mass-email distribution systems in place for broadcast email to internal audiences. For the purposes of this article, we will be speaking mostly about email to external audiences.


An important issue to address in any broadcast email guidelines is the sending of spam email. Spam email is generally understood to be any email message that is unsolicited and sent in bulk, though whether it is sent in bulk or to an individual is significantly less important than whether the recipients have approved of receiving such emails. This applies to email sent to an address that was not given to the sender explicitly for the purpose of receiving mass email messages from the sender.

Common activities which may qualify as spam:

  • sending a mass email to a list purchased from a company
  • sending a mass email to a list borrowed from another organization
  • sending a mass email to a list compiled by scouring websites for email addresses
  • sending a mass email to a list of recipients to which you have not been given permission to email
  • sending a mass email to a list compiled from a database without permission from the database administrator(s)

It is critically important to have policies governing broadcast email communication, as it will certainly impact your efficacy in communicating with many of your most important constituencies. Here are many other questions and issues to consider while crafting your governance plan:

  • What broadcast email platforms are available?
  • Who has access?
  • May individuals use their own email accounts (i.e. their personal email account provided by your organization) for broadcast email?
  • Are there multiple lists of broadcast email recipients such as various subscriber lists, audiences, or groups?
  • Who is responsible for maintaining each of these lists?
  • Are permissions and approvals required for sending email to broadcast email lists?
  • Are there any regularly scheduled broadcast emails (such as newsletters)?
  • May an individual add information to regularly scheduled broadcast emails?
  • May broadcast email recipients unsubscribe from the list(s)?
  • Do you have an official unsubscribe policy?
  • May members of your organization create and maintain their own custom broadcast email lists?
  • What are the guidelines for custom lists?
  • Do you have a policy regarding the sending of spam email?
  • How does your organization define spam email?
Balancing Internal Needs vs Constituents Needs

The end goal of a good broadcast email governance plan is to balance the organization’s need to distribute information with the needs and preferences of your various constituencies. It is certainly a fine balance to strike.

Some good practices include learning more about your constituents preferences and providing them with options for configuring their communication preferences. For example:

  • How often do they like to receive emails from you?
  • Do they prefer occasional summary-type communications over daily alerts, or vice-versa, or both?
  • What topics do they like to hear from you about?
  • Do they want to read all of the content in the email itself, or be provided with links to full articles on the website?
  • Would they like to be able to change their preferences as their relationship with your organization evolves?

The more you know your audience, the better you can accommodate their needs and minimize the risk that your communications will be perceived as irrelevant, or worse, as spam.


This post is part of a larger series of posts, which make up a Guide to Digital Governance Planning. The sections follow a specific order intended to help you start at a high-level of thinking and then focus on greater and greater levels of detail. The sections of the guide are as follows:

  1. Starting at the 10,000ft View – Define the digital ecosystem your governance planning will encompass.
  2. Properties and Platforms – Define all the sites, applications and tools that live in your digital ecosystem.
  3. Ownership – Consider who ultimately owns and is responsible for each site, application and tool.
  4. Intended Use – Establish the fundamental purpose for the use of each site, application and tool.
  5. Roles and Permissions – Define who should be able to do what in each system.
  6. Content – Understand how ownership and permissions should apply to content.
  7. Organization – Establish how the content in your digital properties should be organized and structured.
  8. URL Naming Conventions – Define how URL patterns should be structured in your websites.
  9. Design – Determine who owns and is responsible for the many aspects design plays in digital communications and properties.
  10. Personal Websites – Consider the relationship your organization should have with personal websites of members of your organization.
  11. Private Websites, Intranets and Portals – Determine the policies that should govern site which are not available to the public.
  12. Web-Based Applications – Consider use and ownership of web-based tools and applications.
  13. E-Commerce – Determine the role of e-commerce in your website.
  14. Broadcast Email – Establish guidelines for the use of broadcast email to constituents and customers.
  15. Social Media – Set standards for the establishment and use of social media tools within the organization.
  16. Digital Communications Governance – Keep the guidelines you create updated and relevant.

Stay connected with the latest news on web strategy, design, and development.

Sign up for our newsletter.
Categories: Drupal

Drupal core announcements: Drupal 8 core release window on Wednesday, January 04, 2017

1 January 2017 - 3:09pm
Start:  2017-01-03 12:00 - 2017-01-05 12:00 UTC Organizers:  xjm catch cilefen Event type:  Online meeting (eg. IRC meeting)

The monthly core patch (bug fix) release window is this Wednesday, January 04. Drupal 8.2.5 will be released with dozens of fixes for Drupal 8. There will be no Drupal 7 bugfix release this month.

To ensure a reliable release window for the patch release, there will be a Drupal 8.2.x commit freeze from 12:00 UTC Tuesday to 12:00 UTC Thursday. Now is a good time to update your development/staging servers to the latest 8.2.x-dev code and help us catch any regressions in advance. If you do find any regressions, please report them in the issue queue. Thanks!

To see all of the latest changes that will be included in the release, see the 8.2.x commit log.

Other upcoming core release windows after this week include:

  • Wednesday, January 18 (security release window)
  • Wednesday, February 01 (patch release window)
  • Wednesday, April 5 (scheduled minor release)

Drupal 6 is end-of-life and will not receive further releases.

For more information on Drupal core release windows, see the documentation on release timing and security releases, as well as the Drupal core release cycle overview.

Categories: Drupal

agoradesign: 2016 - the dawn of Drupal

31 December 2016 - 8:12am
If I had to find a movie title for a Drupal review of the past year, then I'd choose "2016 - the dawn of Drupal" because it was the first full year of Drupal 8, and D8 is really a game changer!
Categories: Drupal

Third & Grove: Branching out with Twig

30 December 2016 - 5:50am
Branching out with Twig matt-paz Fri, 12/30/2016 - 08:50
Categories: Drupal

Unimity Solutions Drupal Blog: UniMity in 2016

30 December 2016 - 1:11am

2016 has been an exciting Year at Unimity working on varied technologies across different verticals.

Categories: Drupal

Dries Buytaert: Lamborghini using Drupal

30 December 2016 - 1:02am
Several people have commented on social media that last week's TAG Heuer post was a subtle (or not so subtle) gift request. In all honestly, it wasn't. That changes this week as I just learned that Lamborghini relaunched its website using Drupal 8. If anyone wants to gift a Lamborghini, don't hesitate to. Joking aside, it's great to see another famous brand use Drupal 8, including Drupal 8's new multi-lingual features. Check it out at!
Categories: Drupal

Jeff Geerling's Blog: Setting up Faceted Apache Solr search in Drupal 8

29 December 2016 - 8:34pm

Note: Extra special thanks to Doug Vann for providing motivation to finally post this blog post!

Early in 2016, when the Search API and Solr-related modules for Drupal 8 were in early alpha status, I wrote the blog post Set up a faceted Apache Solr search page on Drupal 8 with Search API Solr and Facets.

That post was helpful during the painful months when Solr search in Drupal 8 was still in a very rough state, but a lot has changed since then, and Solr-based search in Drupal 8 is in a much more stable (and easy-to-configure) place today, so I thought I'd finally write a new post to show how simple it is to build faceted Solr search in Drupal 8, almost a year later.

Categories: Drupal

Dries Buytaert: How to move an entire government to a new digital platform

29 December 2016 - 4:35am

In this era of Open Government, constituents expect to be offered great services online. This can require moving an entire government to a new digital platform in order to deliver ambitious digital experiences that support the needs of citizens. It takes work, but many governments from the United States to Australia have demonstrated that with the right technology and strategy in place, governments can successfully adopt a new platform. Unfortunately this is not always the case.

How not to do it:

In 2014, the Government of Canada began a project to move all of its web pages onto a single site, A $1.54 million contract for a content management system was awarded to a proprietary vendor in 2015. Fast forward to today, and the project is a year behind schedule and 10x over budget. The contract is now approaching $10 million. As only 0.05% of the migration to has been completed, many consider the current project to be disservice to its citizens.

I find the impending outcomes of this project to be disheartening as current timelines suggest that the migration will continue to be delayed, run over budget, and strain taxpayers. While I hope that will develop into a valuable resource for its citizens, I agree with Tom Cochran, Acquia's Chief Digital Strategist for Public Sector -- who ran digital platforms at the White House and U.S. Department of State -- that the prospects for are dim given the way the project was designed and is being implemented.

The root of's problem appears to be the decision to migrate 1,500 departments and 17 million pages into a single site. I'm guessing that the goal of having a single site is to offer citizens a central entry point to connect with their government. A single site strategy can be extremely effective, for example the City of Boston's single site is home to over 200,000 web page spanning 120 city departments, and offers a truly user-centric experience. With 17 million pages to migrate, is eighty-five times bigger than A project of this magnitude should have considered using a multi-site approach where different agencies and departments have their own sites, but can use a common platform, toolset and shared infrastructure.

While difficulties with may have started with the ambitious attempt to move every department to a single domain, the complexities of this strategy are likely amplified through the implementation of a single-source proprietary solution. I find it unfortunate that Canada's procurement models did not favor Open Source. The Canadian government has a tenured history of utilizing Open Source, and there is a lot of existing Drupal talent in the country. In rejecting an open platform, the Canadian Government lost the opportunity to engage a skilled community of native, Open Source developers.

How to do it: Australian Government

Transforming an entire nation's digital strategy is challenging, but other public sector leaders have proven it is possible. Take the Australian Government. In 2015, John Sheridan, Sharyn Clarkson and their team in the Department of Finance moved their department's site from a legacy environment to Drupal and the cloud. The Department of Finance's success has grown into the Drupal distribution govCMS, which is currently supporting over 52 government agencies across 6 jurisdictions in Australia. Much like, the goal of govCMS is to provide citizens with a more intuitive platform to engage with their government.

The guiding principle of govCMS is to govern but to not seek control. Each government department requires flexibility to service the needs of their particular audiences. While single-site solutions do work as umbrellas for some organizations, the City of Boston being a great example, most large (government) organizations that have a state-of-the-art approach follow a hub and spoke model where different sites share code, templates and infrastructure. While sharing is strongly encouraged it is not required. This allows each department to independently innovate and adopt the platform how they choose.

The Open Source nature of govCMS has encouraged both innovation and collaboration across many Australian departments. One of the most remarkable examples of this is that a federal agency and a state agency coordinated their development efforts to build a data visualization capability on an open data CKAN repository. The Department of Environment initiated the development of the CKAN module necessary to pull and analyze data from a variety of departments. The Victorian Department of Premier and Cabinet recognized that they too could utilize the module to propel their budget report and aided in the co-development of the govCMS CKAN. This is an incredible example of how Open Source allows agencies to extend functionality across departments, regardless of vendor involvement. By setting up a model which removed the barriers to share, govCMS has provided Australia the freedom to truly innovate.

Seeing is believing: shifting the prevailing mindset

A distributed model using multiple sites to leverage an Open Source platform where infrastructure, code and templates are shared allows for governance and innovation to co-exist. I've written about this model here in a post about Loosening control the Open Source Way. I believe that a multi-site approach based on Open Source is the only way to move an entire government to a new digital strategy and platform.

It can be incredibly hard for organizations to understand this. After all, this is not about product features, technical capabilities or commercial support, but about a completely different way of working and innovating. It's a hard sell because we have to change the lens through which organizations see the world; away from procuring proprietary software that provides perceived safety and control, to a world that allows frictionless innovation and sharing through the loosening of control without losing control. For us to successfully market and sell the innovation that comes out of Drupal, Open Source and cloud, we have to shift how people think and challenge the prevailing model.

In many ways, organizations have to see it to believe it. What is exciting about the Australian government is that it helps others see the potential of a decentralized service model predicated on Open Source software with a Drupal distribution at its heart. The Australian government has created an ecosystem of frictionless sharing that is cheaper, faster, and enables better results.

What is next for Canada?

It’s difficult for me to see a light at the end of the tunnel for Canadian citizens. While the Canadian government can stay the course -– and all indications so far are that they will -- that path has a high price tag, long delays and slow innovation. An alternative would be for Ottawa to hit the pause button and reassess their strategy. They could look externally to how governments in Washington, Canberra, and countless others approached their mission to support the digital needs of its citizens. I know that there are countless Drupal experts working both within the government and at dozens of Drupal agencies throughout Canada that are eager to show their government a better way forward.

Categories: Drupal