Drupal is inherently secure but as with most secure systems there will always be a few security loopholes that could be utilized by a user with malicious intent to bring down the whole site. As usual most of these security flaws lie mostly with the admin users of the website. We have listed down the top 7 security mistakes commonly found in a Drupal website which can be easily rectified by using a simple Drupal Security Checklist. The easiest way to ensure that your Drupal site is build safe is to have it built by experts. Contact Us to build your drupal site for you.
There are a few common performance mistake that are commonly found in most Drupal sites. Here are the list of the Top 10 Performance Mistakes in Drupal that can easily be addressed by a simple change in settings or the addition of a module. The easiest way to solve performance problems in Drupal would be to prevent them in the first place. Contact us for a free consultation on how to build your Drupal website right.
Ecommerce used to be the preferred ecommerce solution for Drupal before Ubercart came into the picture. We recently worked on upgrading a Drupal 5 site with Ecommerce to Drupal 7 with Ubercart. The challenge with this upgrade was that the source data existed only in the D5 database and the corresponding code to programmatically access the ecommerce data was in D5 as well while the destination tables existed only in the D7 database with the corresponding code existing only in the D7 database. The solution we went with was to go for a full SQL query based migration to copy over the Ecommerce data from its tables to the Ubercart tables.
Drupal Performance Tips: Prevent spam bots from posting to your Drupal site and prevent server loads due to repeated posts
One of the Drupal sites we maintain had recently started slowing down considerably in spite of the site mostly being static and in spite of boost set up on the server. On examination of the site we found that two things were happening on the site. One was that the site was being crawled indiscriminately by rogue crawlers. This we solved using the DDOS deflate script and setting DDOS deflate to run every 10 seconds. The second problem was that there were some bots which were continuously sending POST requests to /comment/cid/reply pages. For this we had to come up with a workaround.
Sometimes we get requests to update Drupal sites and get it done in less than 5 hours. If we take the Drupal update through the full fail-safe set of steps for Drupal updates we will never be able to complete updates in less than 5 hours on a site we don't maintain. For such sites when the cost of the site going down may not be too high for the site owner it might not be too big an issue if the update is run on a hit or miss approach. We normally do not recommend such an approach but this should work on most small sites without any issues.
Drupal Performance Tips: Avoid DISTINCT in Drupal Views and SQL queries to speed up query execution and improve page load times
On one of the maintenance projects we got we came across a page that used to take around 11 seconds to load. The page was a views listing for users. We were able to speed up the page load times from around 11 seconds to under 3 seconds by taking out just the distinct option used in the view. The following was the select query that was originally generated from the view with the time logged by views in the preview panel.
Developing a Drupal website is a complicated and long process. You have to check whether all the design and functionalities meet with the client specifications. And before the site going to be live you have to check certain criteria.These checklists describes the criteria that should be tested before a site going to be live.
One of the servers we maintain suddenly started developing performance hiccups. The site running on the server was a fully static website configured with static page caching via boost. The site used to receive a reasonably good volume of anonymous and search engine traffic on a daily basis. The only form on the site was a search form which existed as a separate page.
A Drupal website can be improved with lessened rate of defects and increased usability, when quality assurance is well implemented. Once you validate your Drupal site against the following checkpoints, you can assure a quick remedy for any glitches or compatibility issues that might occur: Quality Assurance
The success of a website depends on many aspects, its maintenance being the most crucial. Only a well maintained website will have a vibrant impact on the visitors. The below checklist helps you ensure that your Drupal website is well oiled time to time. Backups and Maintenance
Have you ever thought about the security of your Drupal website on the web? If not, it’s high time you did that. Either be the case, here’s a simple checklist to make sure you have the essentials ready:
And so you have a Drupal site. But have you made sure that your site’s content is as required? Here’s a simple checklist to help you with that: User Content
Here’s a simple checklist to make sure you do not miss out any of the essential configurations while taking your Drupal site live: Configuration
You have your new Drupal site all ready for take off. You just want to make sure you have everything well in place. Here is a little checklist for you to make sure you have the essentials ready. In this part of the checklist series, we look at the important performance related essentials for a Drupal website, so that your site is ready to receive the multitudes it oughta get. These will help you ensure that your site will sail smooth in times of high traffic.
To ensure the security of confidential data in your Drupal site, testing has to be done to determine whether it protects its data and at the same time maintains its functionality. Web applications are always prone to unauthorized access to or modification of sensitive information. The testing done on the applications to remove such anomalies is called security testing. The following are some of the test cases for assuring the security of a Drupal website Authentication
We are pleased to announce the launch of our new website Top Drupal Books. Here you can get to know all about the Top Drupal books that can get you started in learning Drupal. Find out more on the best selling Drupal books available in the market from topdrupalbooks.com
The Drupal Menu System handles both the navigational system (visible menus and links) as well as the Drupal callbacks in the back end. The menu links listed on the header of a Drupal site is normally the primary menu or the secondary menu. These menus are sets of static links that you create via the Drupal admin interface. However sometimes it is useful to have a login / logout link in the primary or the secondary menu depending on whether the user is logged out or logged in. Here is how you add this.
Drupal is supposed to be a very secure CMS and the Drupal security team is a highly efficient team of people scouting the Drupal camp to find and sort out security issues as soon as they crop up. But no amount of programming will fix security issues caused by incorrect configuration of a Drupal site. Here is a checklist of items that you have to confirm after you deploy a new Drupal installation.
Drupal performance tuning tips - Running Drupal on shared hosting (GoDaddy / HostGator / Dreamhost etc)
Running Drupal on a shared hosting environment could become a challenge when the site starts getting a lot of visitors. So f you run your Drupal installation on one of the shared hosting providers like GoDaddy, Hostgator, Dreamhost etc and your site is reasonably popular then it is likely that you would have run into performance issues if the site is not configured correctly. If you configure your Drupal site correctly you should be able to stick with shared hosting for a longer period of time before moving on to dedicated hosting.