Blog

Drupal vs WordPress Page Builders

This past year we have spent much time working with various page builders in both Drupal and WordPress. First a little technical background. Drupal supports custom fields and content types without needing extra addons or custom code. WordPress requires using its clunky metadata (which supports only text) or the awesome ACF (Advanced Custom Fields) plugin for fields, and custom code or the Custom Post Types UI plugin for post types. We use ACF on nearly all WordPress sites we work on, but it is a bit of a shame that a third-party plugin is needed to achieve field-related functionality similar to what

Drupal 9 is Here

What’s new in Drupal 9? Drupal 8 saw a huge code modernization effort away from Drupal 7 code towards object-oriented code, based on the Symfony framework. Drupal 9 modernizes the Drupal codebase and APIs even further, removing some functionality from core and spinning it off as add-on modules instead. This allows Drupal to remain nimble and reduce bloat. These changes do mean that some Drupal 8 sites will need to install new modules in order to maintain certain functionality after moving to Drupal 9. At a Glance: Drupal 9 came out June 3rd, 2020 Drupal 7 and 8 both reach “end

Drupal 9 to be Released June 2020, Drupal 7 & 8 Support Ends November 2021

Update: Drupal 7’s EOL has been pushed back to November 28 2022 Drupal 7 will be end-of-life in November 2021, Drupal 9 will be released in 2020, and Drupal 8 will be end-of-life in November 2021. Drupal 7 will receive Drupal community support for three years after it has reached “end-of-life” in November 2021. Just as Drupal 6 has received many years of community support even after Drupal 8 has been out for a few years, Drupal 7 will be around a while longer. So if you have a Drupal 7 site, you don’t need to urgently move to Drupal

A Review of Drupal Anti-Spam Options

This post will summarize current anti-spam methods available for Drupal 8. There are two basic kinds of anti-spam methods used on sites: CAPTCHA The most widely used method is called a “CAPTCHA”. A CAPTCHA is a program or system intended to distinguish human from machine input. We typically use https://www.drupal.org/project/recaptcha to prevent spam on Drupal sites (available for Drupal 8 and 7). It requires https://www.drupal.org/project/captcha as well. The CAPTCHA module offers math and image captchas, but those are pretty easily solved by spambots, while Google’s ReCaptcha is not nearly as easily solved by spambots. Note that as of this writing the Drupal ReCaptcha module does not

Extra security for user login & admin areas

Some Drupal sites don’t allow regular users to log in at all; they may only be used by administrators. In such cases it may be desirable to lock down access to the login and admin screens. This can be done using htaccess. In this example let’s assume the site is installed at /var/www/yoursite.com/public_html. First you need to create the .htpasswd file. You should not put it in public_html – it needs to be outside your web root. In this example we can put it at /var/www/yoursite/.htpasswd which keeps it in a logical, easy to find place. To create this file

GDPR: What is it and why should you care?

What is GDPR? During the past few weeks lots of us have been bombarded with privacy policy notification emails from various companies. This is because of GDPR, a new data privacy regulation being implemented by the European Union. It builds on and expands on the prior regulation from 1995. The General Data Protection Regulation (GDPR) was agreed on after more than three years of negotiations between the EU’s institutions. It went into effect on May 25, 2018. Why GDPR May Matter to You If your site has any visitors who are European Union citizens and your site collects personally identifiable information about said visitor, you should think about

Pitfalls of WordPress Shortcodes and Visual Page Editors

WordPress is a great blogging platform that can also handle many CMS functions. It can be extended with plugins, much the same way as modules are used to extend Drupal. WordPress Plugins WordPress plugins are usually “freemium”, and most WordPress sites will need to purchase at least a couple commercial plugins. WordPress plugins aren’t subjected to quite the level of scrutiny that Drupal code is, but there are some really great plugins out there. Selecting ones that will work long-term requires some careful thought. Shortcodes and Visual Page Builders There are many plugins that insert non-HTML code or shortcodes, and

508 Compliance: a Quick Guide for Site Owners

Web site content must be served in such a way that a visitor with visual or hearing impairments can consume substantially the same content, even if in alternate form. This involves images with alternative text, video and audio with closed captioning, and adjusting the page markup to cater to screen readers and other assistive technology. Why Accessibility Matters Site owners want to get their message out effectively. Web site visitors have varying degrees of vision and hearing impairment, and ignoring such visitors is not fair to them, nor is it good policy or business. Happy web site visitors turn into

Drupal 8 Multi-site Considerations

When large organizations build or rebuilt their sites, they may face a dilemma if they have divisions requiring their own web presence. It may be tempting to use Drupal’s multisite option for this, but the pros and cons need to be carefully weighed. There is a similar calculus when it comes to WordPress and its Network option, but this blog post is aimed at Drupal. Within Drupal the choice is usually between usinfg Drupal core’s multisite approach or the Domain Access module. The following applies roughly to both: Let’s define the two kinds of sub-sites in this context: Sub-sites without their own domain

Drupal 8.4.0-rc1 is available now

Drupal 8.4.0-rc1 is available for testing now. Drupal 8.4 is expected to be released October 4. 8.4.x includes new stable modules for storing date and time ranges, displaying form errors inline and managing workflows. It also includes new stable API modules for discovering layout definitions as well as media management. The media API module is new in core, all other new stable modules were previously experimental. This release also includes several important fixes for content revision data integrity, orphan file management and configuration data ordering among other things. We have done some initial testing, and have noticed some contributed modules don’t play well

By Famartin (Own work) [CC BY-SA 4.0 (http://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons

Drupal 7 EOL (End-of-Life) is Years Away

Let’s clear up some misconceptions about when to and when NOT to migrate to Drupal 8 I’m writing this post to clear up some misconceptions that we’ve noticed some website owners have. We were recently approached by a customer who loved their new responsive Drupal 7 site, but the firm that built it was not being so responsive when it came to ongoing support. The client needed help figuring out everyday tasks like adding photos, video, etc. They also wanted to make some cosmetic improvements, and add a blog. They went shopping around for Drupal support firms, and called us. During the

The Section 508 Refresh

On January 5th the US Access Board announced that the OMB (Office of Management and Budget) had cleared the Final Rule for ICT (Information and Communication Technology) Standards and Guidelines, a.k.a. the “Section 508 Refresh”. The new standards and guidelines were published in the U.S. Federal Register on January 18th and will become effective and enforceable starting January 18th, 2018. You may be thinking: “What does this mean for our site?” 1. Not all content/code will have to be updated right away, because there is a safe-harbor provision, specifically: “legacy ICT that complies with the existing 508 Standards and has not been