First one up is a post that is concerned with an unpatched Drupal vulnerability. In this post, Lindsay O'Donnell of Threatpost reveals how the bug dubbed Drupalgeddon 2 was exploited in a cryptojacking attack that targeted a Make-A-Wish Foundation site and likely a number of other sites as well. Apparently, hackers were successfully leveraging this bug along with an unpatched instance of the Drupal publishing platform to mine the Monero cryptocurrency.
Next up is Aleksi Peebles’ blog post about Drupal's Layout Initiative and component based theming. He explores the notion of an alternative non-visual UI for Layout Builder, while also reminding that experimental core modules should be limited to experimentation and not find their way into production.
Moving on, we have an extensive post by Hook 42's Ryan Bateman which is in fact a kind of GatsbyJS tutorial for Drupalers. It is intended for people who are already familiar with Drupal, but want to see how GatsbyJS can help with decoupling their Drupal site. It even has a super-short React tutorial hiding within it! (But you’ll most likely need some prior knowledge of React to be able to follow the entire tutorial.)
The fourth blog post that was the most memorable is Samuel Mortenson’s presentation of Tome, a static site generator for Drupal 8. He delves into the challenges he faced while creating Tome’s beta version, from finding his niche to realizing he needs to cater to diverse audiences. He concludes the post with a list of issues he still has to take into account going forward.
The next post we’d like to point out is the introduction of the Drupal Governance Task Force 2018 Proposal by Adam Bergstein, also known as nerdstein, of Hook 42. Due to Drupal’s increasing success, some level of governance is necessary to ensure a sustainable future for Drupal. According to Adam and other members of the Governance Task Force, there are two crucial things to establish: a new community governance structure and a framework for community evolution.
We continue with Dries’ thoughts on the end of PHP 5. The godfather of Drupal urges everyone who has not yet upgraded from PHP 5 to do so as soon as possible, as security support for the outdated version will cease with 2019. Not beating around the bush, he concludes by thanking both the PHP and the Drupal communities for all the hard work they’ve been doing.
This next post was again written by Dries. It explains how Paychex used Drupal to double its traffic and managed to beat their launch goals. With the help of Acquia, the payroll services company replatformed on Drupal and beat its original launch goal by a long shot. As a bonus, the post also includes a Q&A video with Paychex’s digital marketing manager, Erica Bizzari.
We’re finishing November’s list with a blog post by Suzanne Dergacheva, co-founder of Evolving Web. Together with a group within the Drupal community, Suzanne has been working on researching ways to improve the user experience of Drupal content editors. In her post, she relates the results of the thorough study on content editors’ interaction with different CMS.
Well, that’s it for our selection of November’s blog posts. Not to worry, though - we’ll be collecting the top posts for December as well. :) So, stay tuned and enjoy the holidays!
Posted by Tim on 20 Dec 2018 in Drupal