Language Selection

English French German Italian Portuguese Spanish

Drupal

The current state of Drupal security

Filed under
Interviews
Drupal
Security

Greg Knaddison has worked for big consulting firms, boutique software firms, startups, professional service firms, and former Drupal Security Team leader. He is currently the director of Engineering at CARD.com and a Drupal Association advisory board member.

Michael Hess works with the University of Michigan School of Information and the UM Medical Center teaching three courses on content management platforms and overseeing the functionality of hundreds of campus websites. He serves in a consulting and development role for many other university departments and is the current Drupal Security Team leader. He also consults with BlueCross on large-scale medical research projects. Hess is a graduate of the University of Michigan School of Information with a master's degree in information.

Read more

How containers will shape the Drupal ecosystem

Filed under
Server
Drupal

I recently had the opportunity to interview David Strauss about how Pantheon uses containers to isolate many Drupal applications from development to production environments. His upcoming DrupalCon talk, PHP Containers at Scale: 5K Containers per Server, will give us an idea of the techniques for defining and configuring containers to get the most out of our infrastructure resources.

Having recently dove into the container realm myself, I wanted to learn from the experts about the challenges of managing containers in a production environment. Running millions of production containers related to Drupal, David is certainly an expert resource to ask about this subject. I look forward to learning more details at DrupalCon!

Read more

Building better pages in Drupal with Paragraphs

Filed under
Interviews
Drupal

When you’re publishing anything online, the way you lay out your content can be as important as the content itself. A good layout can help readers better interact and consume that content.

Users of content management systems like Drupal have a number of options that allow them to create very attractive, very usable layouts. That’s one factor that drew Murray Woodman to Drupal. He co-founded Morpht, a Drupal-based web development shop in Sydney, Australia. He found that Drupal 6 provided a level of freedom and productivity, and hasn’t looked back.

One Drupal module for laying out pages that Woodman is keen on is Paragraphs. I caught up with Woodman ahead of his talk at DrupalCon 2015, and he kindly shared his insights into the Paragraphs module.

Read more

Also: 4 tips for building a successful CMS

govCMS to release its own Drupal distribution

Filed under
Drupal

The government's govCMS project will make its own Drupal distribution publicly available for download, it announced today.

The distribution will be a fork of the aGov distribution, which was developed by local development shop PreviousNext and is the building block for govCMS sites.

aGov was released in 2013 after a beta period involving a number of federal and state government agencies. High profile end users include the NSW government's 'one stop shop' for services, Service NSW.

Read more

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Filed under
Drupal
Security

On October 29, 2014, the Drupal Security Team released advisory identifier DRUPAL-PSA-2014-003. This advisory informed administrators of Drupal-based Web sites that all Drupal-based Web sites utilizing vulnerable versions of Drupal should be considered compromised if they were not patched/upgraded before 2300 UTC on October 15, 2014 (seven hours following the initial announcement of the vulnerability in SA-CORE-2014-005).

In the case of the Drupageddon vulnerability, the database abstraction layer provided by Drupal included a function called expandArguments that was used in order to expand arrays that provide arguments to SQL queries utilized in supporting the Drupal installation. Due to the way this function was written, supplying an array with keys (rather than an array with no keys) as input to the function could be used in order to perform an SQL injection attack.

Read more

Git Success Stories and Tips from Drupal Core Committer Angie Byron

Filed under
Drupal

The Git revision control system is “at the center” of Drupal's hyper-collaborative community says Drupal core committer Angie Byron. The open source content management platform has 37,802 developers with Git commit access, and about 1,300 actively committing each month, she says.

“Git (was) the smartest/safest choice for our community, and a choice that definitely paid off,” said Byron, who is also the director of community development at Acquia.

Read more

Higher ed finds increasing value in open source CMS options

Filed under
OSS
Drupal

"The university has since launched somewhere between 350 and 400 websites, all built on Drupal 7," writes Schaffhauser "While the CMS is centrally managed to keep the system updated, it grants individual colleges, programs and departments the flexibility to put up their own images, update text as they want, add and move site objects (themes, content types and Drupal "modules") and "essentially have a custom look with a managed system," [director of university Web services, Mark] Albert explained to Campus Technology.

Read more

The Changing Cost of Open Source

Filed under
OSS
Drupal

At one time higher ed wanted community-built software because of the $0 price tag; now many universities are paying somebody else to keep open source projects moving forward.

Read more

4 tips for how to migrate to Drupal

Filed under
OSS
Drupal

Well, to jump from your current CMS (or lack thereof) and make the transition to Drupal, you want to know much it costs and exacting what that migration entails. First, there are several factors that have to be taken into an account before any Drupal development company can give you a quote. But, while there isn’t an exact price range for migrating to Drupal, you can do some in-house work to keep your migration costs down and prepare your team for the migration, keeping headaches down too.

Read more

Mark Morton: Why we chose an open source website

Filed under
OSS
Drupal

Platforms like Wordpress and Drupal, which are maintained by a community of users, can be a cost-effective and flexible option for charities, writes the digital media manager at Epilepsy Action

Read more

Also: Sydney developer brings open source e-commerce to WordPress

Syndicate content

More in Tux Machines

Mozilla Firefox 58

  • Latest Firefox Quantum release available with faster, always-on privacy with opt-in Tracking Protection and new features
    We accept things in the online world that we wouldn’t accept in the physical one. For instance, how would you feel if you popped your head in a store and that store now had the ability to keep sending you flyers even if you didn’t buy anything? Online, we often visit sites that track us, but it isn’t clear when this is happening or how the information is being used. Adding insult to injury, this often invisible tracking actually slows down web pages.
  • Firefox 58 Arrives With Continued Speed Optimizations
    Mozilla has set free Firefox 58.0 today as their latest "Firefox Quantum" release that continues work on being a performant web browser.
  • Firefox Quantum 58 builds on performance gains, improves screenshots tool
    Mozilla is rolling out Firefox Quantum 58.0 for desktop, along with Firefox for Android 58.0. It arrives over two months after the landmark release of Firefox Quantum 57.0. The latest build focuses on performance and security, while an update to Firefox’s user profile feature means it’s no longer backwards compatible with previous versions. Android users also gain the ability to pin favorite websites to their home screen for use like native apps.
  • Firefox 58 Released for Linux, Mac, and Windows
    The Mozilla Foundation has made Firefox 58 files available for download on its official FTP servers. An official announcement will be made later today when the organization will also release the final changelog.
  • Browse without baggage in Firefox: Set Tracking Protection to always on
    We just can’t stop making Firefox faster — and with our most recent release, we also made it easier for you to control how much you’re tracked.
  • Firefox 58: The Quantum Era Continues
    2017 was a big year for Mozilla, culminating in the release of Firefox Quantum, a massive multi-year re-tooling of the browser focused on speed, and laying the groundwork for the years to come. In 2018, we’ll build on that incredible foundation, and in that spirit our next several releases will continue to bear the Quantum moniker. Let’s take a look at some of the new goodies that Firefox 58 brings.

LibreOffice 6.0 Will Launch with Many Design Improvements, Use Elementary Icons

The major LibreOffice 6.0 release is coming next week, and The Document Foundation's Mike Saunders talked with members of the community to get their perspectives on LibreOffice's new design. While it won't bring a massive redesign, as most users may have expected, LibreOffice 6.0 will include a few noteworthy design changes, including new table styles, new gradients, updated motif/splash screen, improved Notebookbars, menu and toolbar improvements, and the Elementary icons. Read more

Linux Foundation introduces the LF Networking Fund, harmonizes​ open source, open standards

The Linux Foundation is taking the first step to bring some commonality across its myriad network efforts by creating the LF Networking Fund (LFN). By creating a combined administrative structure, Linux Foundation said LFN will provide a platform for cross-project collaboration. LFN will form the foundation for collaboration across the network stack: the data plane into the control plane, to orchestration, automation and testing. Read more

Openwashing Surveillance

  • Facebook Open Sources Detectron Object Detection
    The way big companies are open sourcing significant AI is both gratifying and slightly worrying. AI is the biggest revolution since we discovered fire and started making tools. FaceBook AI Research has added to the list of what is available by open sourcing its Detectron project.
  • Facebook open-sources object detection research
    Facebook's artificial intelligence research (FAIR) team today announced it would open-source its object detection platform Detectron, as well as the research the team has done on it.
  • Facebook open-sources object detection work: Watch out, Google CAPTCHA
    acebook has brought us one step closer to a Skynet future made a commitment to computer vision boffinry by open-sourcing its codebase for object detection, Detectron. Written in Python and powered by the Caffe2 deep learning framework, the codebase – which implements object-sniffing algos such as Mask R-CNN and RetinaNet – is available under the Apache 2.0 licence.