LA Drupal Camp 2012- Maintaining a Drupal Site

LA Drupal Camp 2012Maintaining a Drupal Over the LongtermMeghan Sweet (@meghsweet)29 June, 2012

Site Launches!

Now What?

Empower Your Users

Drupal Web Team Training• Learning Drupal Takes Time• Train the Trainer• Backup Expert Level Support• Effective Documentation

Content Manager Training• Onsite Training Sessions• Help Videos• FAQ / Forums• Training Materials

DocumentationExtensive commentingOnscreen helpTraining VideosFAQ Capture

Support Best Practices

CommunicationTicketing ToolExpectation ManagementExpect Ongoing Education

QA Best Practices• Development, Testing & Production• Stakeholder Sign-off by Review• Regular Release Cycle• Batch work

Audits and MonitoringPrevention is better than cure

AuditingPeriodic Auditing is important!Make a check-list.

Auditing Code Base- Version Control- Development Server Setup: Dev > Test > Prod- Hacks- Hacked! module- Custom Modules- what do they do?- Contributed Modules- updates, errors?- Drupal Core- update and/or upgrade?

Auditing Configuration- Panels/Context/Display Suite, used properly?- Live Updating? Feeds?- Site Logs- Permissions and Roles- PHP filter- Spam Prevention- Performance Optimization- SEO: SEO Checklist Module

Auditing Theme- Are themes up to date?- Base Theme used? Or Hacked?- Custom PHP logic in tpl files?- Libraries and CSS structure- Responsive- What techniques?- Red flags- are tpl files out of control?

Monitoring- Most of the time in recovery is figuring out what’s broken- Monitor Trends

Monitoring- Use Syslog to write Drupal logs to text file- Monitor Servers, SEO- Cron-Total Admin Control or create admin views- Drupalmonitor.com- Are your admins educated?- Every time you have an issue- start to monitor.-Google Analytics

Security Review- Most security holes are created in the configuration andtheme.- Security Review module will help!

Security Review- File system permissions- Input format- Content (nodes, comments and ﬁelds in Drupal 7)- Error reporting- Private ﬁle- Allowed upload extension- Database error- Failed logins- Drupal admin permissions- Username as password- Password included in user emails- PHP access

Training is key.Users need Drupal awareness!

Detecting Problems- Spam- number of nodes, emails being sent,comments, users. (Good to know trends)Mollom, Captcha, Admin Views- Use Version Control to check diffs- revertto good version- Hacked! Module - switch to unhackedcontrib module- Security Review Module will look for spamin content.- Use a good hosting company

Security & Module UpdatesWhat to do with those error messages?

UpdatesKeep on top of Updates- within 30 daysfor security updates.Read the update notes for non-securityupdates.Finding a bug in a contrib module.Do Not Hack Core! No exceptions.Planning for Custom ModulesStaying in tune with Advances inCommunity Modules

Version UpgradesTimingCommunity Catch-upNew ModulesConsider a Rebuild?TestingWhat’s the plan?

Community Connection

Groups.Drupal.orgInternal Knowledge SharingLocal User Group Meet-upsDrupal Camps, Cons & Summits

Taking OverAnother’s Work

discoveryread the documentationtalk to all stakeholdersget clear line of sight to prioritiesreview the laundry list

Key PointsContinual Love & AttentionKeep Documentation FreshUse good communication andfeedback/QA toolsFoster Drupal TalentCommunity Contribution

Thank You! @meghsweet@chapter_three

LA Drupal Camp 2012- Maintaining a Drupal Site

by meghsweet on Jul 29, 2012

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 1

Statistics

LA Drupal Camp 2012- Maintaining a Drupal Site Presentation Transcript