This document discusses best practices for long-term support of Drupal sites. It emphasizes the importance of documentation, training, communication, and continual updates and monitoring. Key aspects include empowering users through training, maintaining documentation, recruiting and succession planning, performing regular audits and security reviews, monitoring for issues, keeping modules and core updated, and staying engaged with the Drupal community. The overall message is that supporting a Drupal site over the long run requires ongoing care, education, and preventative maintenance.
5. Drupal Web Team
• Learning Drupal Takes Time
• Early & Often Team Engagement
• Train the Trainer
• Backup Expert Level Support
• Effective Documentation
6. Content Manager Training
• Onsite Training Sessions
• Web Team Trainers
• FAQ / Forums
• Help Videos
• Training Materials
14. Auditing what to look for:
- Version Control
- Hacks- Hacked! module
- Custom Modules- what do they do?
- Contributed Modules- updates, errors?
- Custom Theme
- Core- update and/or upgrade?
- Live Feeds?
- Site Logs
- Permissions- php filter, security risks.
- Spam Prevention
- Performance Optimization Periodic Auditing
- SEO Checklist Module is important!
15. Security Review
• Input formats
• File system permissions
• Error reporting
• Private files
• Allowed upload extensions
• Database errors
• Failed logins
• Drupal admin permissions
• Username as password
• Password included in user emails
• PHP access
Training is key. Users need
Drupal awareness!
16. Monitoring
- Most of the time in recovery is
figuring out what’s broken.
- Monitor Trends
- Use Syslog to write Drupal logs
to text file
- Monitor Servers, SEO
- Cron
- Drupalmonitor.com
- Are your admins educated?
- Every time you have an issue-
start to monitor.
17. Detecting Problems
- Spam- number of nodes, emails
being sent, comments, users. (Good to
know trends) - Mollom, Captcha,
Admin Views
- Use Version Control to check diffs-
revert to good version
- Hacked! Module - switch to
unhacked contrib module
- Security Review Module will look for
spam in content.
19. Updates
Keep on top of Updates- within
30 days at least.
Finding a bug in a contrib
module.
Do Not Hack Core! No
exceptions.
Planning for Custom Modules
Staying in tune with Advances
in Community Modules
25. Key Points
Continual Love & Attention
Keep Documentation Fresh
Use good communication and
feedback/QA tools
Foster Drupal Talent
Community Contribution