Skip to main content
Drupal is one of the most flexible CMSs in the market right now. It can be configured with thousands of community built modules, which can greatly extend the functionality of a website. With great flexibility comes great knowledge and if you’re a developer there are 5 important things you should know.

1) How to Keep the Hackers Out

Since Drupal is an open source community-driven CMS, it is more likely to be susceptible to exploits. To keep Drupal safe and secure, you should know when a security update is available for the Drupal core or modules included on the website. There are multiple ways to see when security updates are released, like:
  • Signing up for the security newsletter on
  • Viewing the security page -
  • Register your email on the Update Manager module to get security updates specific to your website. – [Your Domain Here]/admin/reports/updates/settings

2) Know your Modules

Modules are very important in Drupal. They’re the building blocks to make a website function. It’s why having a definite set of modules that work well together is very important. Some of the modules that Primacy will use when building a Drupal website include:

3) Get Organized

If your Drupal site is customized, you may need to use Drupal’s templating system. Creating new templates can be a blessing since you can control all the HTML defined in those templates. However, having multiple templates can also be a curse if not organized properly. Organize your templates into separate folders to make them easier to find. E.g., all the node templates that allow you to customize content types will be placed in a “node” folder, field templates will be placed in a field folder, and so on.

4) Don’t touch the Core

Like any CMS implementation, when you install Drupal for the first time, you’re installing a core set of files known as the Drupal core. The Drupal core is like the foundation of a house. Changing the foundation can drastically affect the structural integrity, making it unsafe and difficult to update. The same thing happens when you modify Drupal’s core files. Follow this simple rule: never add or change code that is being used by Drupal’s core. This can lead to issues when using Drupal’s core administrator capabilities, and can also affect modules that have been installed on the Drupal website. Need another reason to avoid touching the code in the core? It may conflict with potential security patches. In some cases, to fix a vulnerability in Drupal, you need to update Drupal’s core files to the latest version. Any changes to the Drupal core may conflict, possibly breaking your website.  

5) Learn to Use Drush

Like the windows OS, Drupal also has a shell interface called Drush that allows you to perform various tasks from the server’s command line. It’s a powerful way to automate certain tasks like syncing databases between two servers, and it also allows you to get common tasks done without having to navigate through Drupal’s Admin interface. You can do cool things with Drush like:
  • Clearing Drupal’s cache - drush cc all
  • Overview of your Drupal website – drush status
  • Install the views module – drush dl views
  • Enable the views module – drush en views
  Although there are many other considerations when building out a Drupal website, to me, these as the 5 most important rules to follow. Whether you are building out your first website or maintaining an existing website, these considerations can be applied at any stage of the website’s life cycle. Have you found any others that are helpful?