Imagine your Drupal site as a... patient who has received the wrong diet (or who simply hasn't been told that he should stick to a special diet in the first place) and all the wrong medication, as well. A silly metaphor for the most common Drupal mistakes that you might have been making on your website.
... and whom (your website “patient”) you're now striving to train for the Olympics, meaning to boost its overall performance.
It's not going to work unless you “detect” those common issues deriving from improperly handling your site and from deviating from Drupal's best practices. And not before you get them fixed, obviously.
And how can you know for sure whether you are making these “popular” mistakes on your Drupal website?
Easy! You just give an honest answer to each one of the 7 questions from our little “investigation” here below.
Ready?
1. Have You Been Ignoring the Drupal Updates?
Just admit it!
And then try counting how many times you placed the Drupal Core and Contrib Drupal Security Advisory at the very end of your priority list. Or just how many times you ran the suggested upgrades selectively?
The more time has passed since you stuck to this “bad habit”, the more vulnerable your Drupal site's become.
This is, undoubtedly, one of the common Drupal mistakes and the “ultimate” source of the most security threats.
Note: For instance, if it's an unacceptably long period of time that we're talking about since you stopped maintaining your website properly (if it runs on a version older than Drupal Core 7.32), then it stands all the chances to have turned into an easy target for Drupageddon attacks.
2. Are There Any Unused Modules Left to Linger On Your Drupal Site?
bogged down site performance (with your way too large database as a “culprit”)
high impact security issues
unnecessary overhead
This is precisely what you get when you're being negligent in managing your unused modules (or themes).
Those modules that maybe you just installed and took out for a quick spin, fascinated with their much-talked-about functionality, and that you no longer use. Yet you just leave them... be. And weight down your database with an unnecessary load of source code.
Some of them might be lingering there since... your site's early days. Think of all the developer and administration modules (e.g. Devel or View UI) which shouldn't be overburdening the production version of your website.
Yet, they still do!
They're just being tolerated and gradually turning themselves into some major security issues if no one in your team deals with Security Advisories regularly.
The solution to this issue, that can easily make it to top 3 most common Drupal mistakes, is as clear as daylight: uninstall all the modules and themes that you're no longer using! Don't just bundle up unnecessary overhead.
And while the solution is ridiculously handy, the benefits are definitely worth the time and “effort”:
improved file system
instantly boosted site performance
3. Is The PHP Filter Module Enabled? One of the Most Common Drupal Mistakes
Just skip this question if it's a Drupal 8 website that you own. For this specific module has been (thank God!) removed from Drupal 8 core.
Now, getting back to the PHP Filter module, which many site owners decide to enable (like you, probably), here's why you should rush to... uninstall it:
practically it's an invitation for all ill-intended users to easily run PHP code right there, on your website
once enabled, it's quite a challenge to.. disable it before you've reviewed your site's content thoroughly
and if you skip this step (the close reviewing of your site content), you risk displaying PHP code in plain text on your website (which could turn into a true security “crate” if not detected before you disable the module)
4. Are You 100% Sure the JS/CSS Aggregation Settings Have Been Correctly Configured?
If so, then the JavaScript and CSS files that Drupal renders in HTML can be easily bundled up and compressed.
But if not properly configured, your users' browsers will be forced to process far more requests in order to render your web pages' content. Which will inevitably impact your site's page load times.
5. Have You Managed to Avoid the Common “Overusing Roles” Pitfall?
Or not? Don't be too harsh on yourself if you have, indeed, “overused” the user roles system. It's, undoubtedly, one of the most common Drupal mistakes website owners make after all.
And what else could you have done when the default user roles that Drupal provided you with just didn't fit the specific permission levels you had in mind for your users, right?
You went ahead and created your own roles...
Unfortunately, these newly custom-made roles can easily:
lead to Drupal admins being forced to edit each and every user role separately whenever he/she has to update the permissions
cause “security craters” when not properly configured
(overusing roles, along with their “collections” of permissions, can) impact your site's overall performance (particularly when you're striving to manage each and very set of permissions in their associated user roles)
6. Have You Configured The Full HTML Input Format for Your Most Trusted Users ONLY?
Or have you simply overlooked it entirely? Have you just disabled HTML filtering from the HTML Input Filter completely?
By configuring the Full Input Format for ALL your users, you're basically granting everyone permission to post HTML on your website. This way, you're just opening a gateway for any user to embed malicious code on your Drupal site.
Even a banal little thing such as an image tag can easily turn into an "injectable solution", a dangerous one, in the hands of an ill-intended user who can post HTML on your website just like that.
Now here's what you should do to avoid this scenario:
make sure that your filter is configured for some users ONLY and, even then, that you set only the specific set of tags they'll need to use
make sure your default and custom Input Filters are correctly configured so that they pose no security risks
scan your database through and through identifying any possible suspicious code that might have been injected already
7. Are You Weighting Down Your Database With Too Many (Unused) Content Types?
Do you need ALL the content types currently overcharging your database (considering the fact that three database tables get added to your database with every new content type that you bring on)? Are you actually using them all?
For, it not:
your database is unnecessarily overburdened
your content editors' workflow is unnecessarily complex due to the whole network of confusing content types that they need to tangle themselves up in
And now the solution to this issue, for certain one of the top most common Drupal mistakes:
Just run an inventory of all your content types, sort them into used and no longer used ones and... just "trim the fat"! Get rid of those that are just filling in space in your database!
This is our top 7 mistakes that you, too, are probably making on your Drupal site (even if not all of them).
Now that we've exposed them to you we can't but end our post with a conclusion/piece of advice:
The handiest way to optimize your website's performance is by preventing performance issues to occur, in the first place. Now that you have them “brought to light” it should be easier, with a little bit of effort, to avoid them, shouldn't it?
Adrian Ababei / Oct 30'2017
We think Drupal is the best CMS
Okay, we admit it. We love Drupal and have a bias towards it. We do know other CMS' (content management systems) have their benefits and purposes. But this blog post isn't about them. It's about why Drupal is the best.
Drupal isn’t for everyone. You do need a dev team to support your website to customize Drupal. And to be more specific, you need one that is well-versed in Drupal specific development
Every developer has his or her own personal favorites. After working on Drupal websites for many years, we have grown to love Drupal.
So here is our completely biased opinion on why Drupal is the best.
1. Drupal Is Customizable
Drupal allows for very high levels of customization. With Drupal, if you think it you can build it. The framework of this CMS platform itself never limits you.
With Drupal, it’s easy to customize your site to have app-like features. Websites have become more complex these days with a lot of various functionalities. Working with a flexible system has become important.
2. Some Of The Largest Sites Use It
Drupal is a powerful CMS, open-source, that sites like Al Jazeera and The Economist use.
Drupal is structured like building blocks, which makes it flexible. The modular architecture makes it ideal to handle scale and continuous integration. Developers get more control over the code from the ground up (i.e. you can build anything).
3. Drupal Is Built For Scalability
Drupal’s modular building block system allows for easy scalability. Out of the box, it’s easy to integrate with other applications. This integration is usually needed at an enterprise level.
Another feature that makes it scalable is that you only select the modules you need on a per-page basis. This eliminates a lot of excessive and messy code on pages that don’t need every module.
Drupal offers a series of articles on how Drupal can be configured for optimal performance and scalability.
4. Drupal Offers Enterprise-Level Security
Drupal offers enterprise-level security. High profile organizations like the White House and Nasa use it. The Drupal core code base is very stable and secure.
Drupal has a security team comprised of a global group of web security experts. They take security very seriously. Their job is to analyze and report any security vulnerabilities.
Because most sites that run on this CMS platform need an expert Drupal developer, the Drupal community is efficient at working together. There are over a million experts to review code and functionality. Any potential issue is quickly identified and dealt with before it becomes a threat.
5. Drupal Is Fast
One of the things that differentiate Drupal from other content management systems is that it has built-in caching. In plain English, this allows for content to be delivered quickly.
What Drupal also does is allow you to select modules to run a per-page basis. This eliminates unnecessary code that can slow a page down. Not everything needs to be a part of the site-wide template.
Keep in mind, there are other factors - not Drupal-specific - that can really slow things down. Things like the size of images, number of images on a page, number of requests to the server a page makes, and the number of modules running on a page.
There are helpful (and free) tools out there, like webpagetest.org, that provide lots of tips for helping to speed your Drupal site up.
6. Drupal Is Multilingual
Drupal modules come in 90 different languages. You can display your site in multiple languages and allows users to switch languages easily.
Here is a resource guide for configuring a multilingual site.
7. Drupal Is Good For SEO
If you know anything about search engine optimization, you’ll know that Google is soon-to-be making a big switch to a Mobile-First Index. (It’s a pretty big deal.) Drupal 8 is also supported by a mobile-first philosophy, so it’s ready for the future of SEO. Drupal is very search engine friendly.
Here’s a good explanation of what Mobile-First Indexing means.
Drupal offers excellent plugins for optimizing content. A couple of favorites are the Metatag module and the XML sitemap module.
Drupal provides a limitless platform for you to deliver amazing content. A solid framework – that can functionally do anything - is key to building your presence on search engines.
If you are looking for Drupal Web Developers for your next project, please get in touch. We are always happy to start a conversation.
Adrian Ababei / Sep 08'2017
To upgrade or to migrate? To keep supercharging your current Drupal 7 site with new cool features or to get it straight to the next league? A so much more than just another Drupal 7 vs Drupal 8 debate: it's a decision impacting your budget and future-proofing (or not) the enhancements that you're about to implement.
In this respect, our web development team in Toronto has done its best to “pile up” the crucial pros and cons for each one of the two paths that you're now challenged to choose from.
Think them through, give honest answers to all the strategically chosen questions included in our little “questionnaire” here and you'll find your (own) way of leveling up your website:
To Upgrade or to Migrate? And a Few Other Key Questions to Ask Yourself
So, here you are: facing the challenge of taking your Drupal 7 website to the next stage of its evolution! But which one is it: the upgrade phase or the migration one?
Now here are some preliminary questions to ask yourself right now. It's the answers to these particular questions that will weigh heavily, later on, on your decision-making process:
1. To what extent will this “maneuver” influence my website's stability, lifetime and level of flexibility?
An extra boost of flexibility, reflected in the “edit content on-the-go” functionality, or the perspective of ongoing support for many years to come will undoubtedly influence your decision!
2. Will my site's code get easier to maintain?
And this is a crucial question to be asking yourself at this phase of the whole decision-making process: how convenient will it be for your Drupal developers to maintain/update your site's code on a long term?
3. How many resources of time do I need to invest?
For time sure is money! How long will it take to implement those new enhancements on your website? Does it involve a lengthy training process for your team, as well?
4. How easy will it be for my administrators to manage content on my website?
A simplified content editing/publishing process is what will guarantee you an independent editorial team. Empower your editors and your site admins and you'll streamline all non-coding processes on your website!
With each question that you'll answer you'll be sketching your company's “specific context”. The one favoring either the upgrade or the migration way for ramping up your Drupal site!
Drupal 7 vs Drupal 8: Key Comparison Notes
Does its “age” automatically give Drupal 7 an advantage over Drupal 8?
No doubt about it! Drupal 7 is now capable to “tempt” you with a heavier load of modules, stable modules and with a longer period of time that the Drupal community has spent constantly improving it.
And yet! Drupal 8, although “younger”, is taking advantage of Drupal 7's weaknesses and shortcomings. Basically, it's equipped with all the functionality that its predecessor lacked.
Speaking of which, here's what Drupal 8 brings new to the table:
top popular modules have been moved to core
an advanced, easy to handle configuration management system
mobile-friendly backend: jump on the “edit content on-the-go” trend
a new era for the “content as a service” movement, thanks to its API approach to content delivery
object-oriented code: by using Symfony and Twig Drupal 8 “surprises” you with a more logically structured code (do take into account, though, that your developers will have to be already familiar with object-oriented coding)
easier-to-edit content: the very essence of content management
one-click code deployment: deploy your code faster and (therefore) as frequently as you have to
pre-built multilingual support: you no longer need to leverage a whole “fleet” of modules for supercharging your website with multilingual capabilities
ramped up performance and scalability: 2 enhancements you just can't underestimate especially if it's a large-scale, content-packed website that you own (one carrying a heavy ecosystem of third-party technologies “pomping” data into it)
easier third-party integration
Your Final Decision Depends Greatly On...
the number of custom-built elements on your current Drupal site: the more of them, the more complex (lengthy and pricey) moving it over to Drupal 8 will get
the goals that you're aiming to achieve via your new enhancements: is it just a new basic feature (just a few hours' work) that you're planning to add or a major enhancement, which would justify the migration process?
the “weight” of your Drupal 7 site's load of data: and its complexity, as well
whether you have a standalone website or a multi-site: needless to add that you should have all your sites (if it's a “cluster” of sites that you own) running on the same version of Drupal
your company's resources of time and money: an upgrade of your current Drupal 7 website won't, indeed, impact your budget to the same extent as a migration process would
Upgrade Your Current Drupal 7 Site If...
it's mostly custom-built: it features custom modules, custom-made workflows which would take longer to recreate and to adjust to Drupal 8's particularities
you need to have your new enhancement(s) up and running on your website in no time
it's basic features only that you're planning to upgrade it with
you're constrained by a tight budget: a factor which will weigh heavily in the Drupal 7 vs Drupal 8 balance
Make the Leap to Drupal 8 If...
the specific workflow on your website depends greatly on a streamlined content editing process
you need to make code deployments on a regular basis
it's complex enhancements that you want to implement
your current Drupal 7 website is a low-complexity one
the overall success of your upgrade strategy depends on high levels of performance and scalability
you value the ongoing support which, well, the Drupal 7's support team will stop offering you at some point
So: Drupal 7 vs Drupal 8? Will you stick to the former or level up to the later? Which direction do our “questionnaire's” results point you in?
Adrian Ababei / Aug 30'2017
Consider these 3 real-life scenarios:
you need to “populate” a newly developed Drupal website with content
you need to migrate content from one Drupal website to its freshly redesigned version
you need to quickly “animate” a website wireframe with some demo content for one of your Toronto digital agency's clients
The YAML Content module is:
a handy tool ensuring a streamlined import/update process
a flexible way for you to manage the content that you need to migrate / update
… in each one of the 3 above-mentioned use cases!
Basically:
it helps you outline (mind you don't connect it to the module Outline) it the content to import by leveraging a YAML format
it streamlines the whole process helping you define a set of content which can be found in multiple content files on your site
it turns content updating/re-importing into a highly flexible, highly dynamic process thanks to the hierarchical way in which you get to visualize it and scan it through (notice the resemblance with the module Outline, which enables you to organize your entities in a hierarchical structure)
In other words: the YAML Content module turns the entire defining, structuring and dynamic updating of the content to be imported into an ideally streamlined process!
Now let's see why such a module was needed in the first place. What sets it apart from other Drupal tools alike:
The Interrelation of Content: Now a Problem Solved
With an entire “ecosystem” of Drupal modules ready to take on the role of importing and migrating content, a valid question might be: “Why the YAML Content module?”
What obstacle does it help you overcome? What added value does it provide?
Now if you've already dealt with content import scenarios, you must have surely “bumped” into the interrelation of content issue, right?
It's precisely this “sore point” that this content utility module comes to “heal”!
Practically you're enabled to define processing callbacks across the content to be imported and thus to easily insert new data/modify the existing one during the import process itself!
And here are some examples of tasks that you get to carry out precisely at the time of import:
import/reference managed data files
import image files
query existing entities
There's more!
Besides “dynamic processing”, you're granted with almost unlimited flexibility in terms of the type of entities that you get to define during this process. It's thanks to your content's YAML format, which closely parallels the entity and field API architecture, enabling you to apply it to almost any entity type and to support multiple field types:
menu links
nodes
media entities
file entities
taxonomy terms
block content
But There's no UI: How Can I Use the YAML Content Module?
It's true: the module doesn't provide a user interface! It's been built with back-end utility in mind.
In other words: you're triggering and managing the entire content importing process exclusively via some simple Drush commands!
Just run this command in Drush:
drush –filter=yaml_content
… and you'll get the whole list of commands available to you for interacting with the YAML Content module.
It will present you both with the commands that you need to use for importing your content files and the ones that you'll need for a “developer usage” of the module (meaning: if you need to delve deeper into the import services).
Leverage This Particular Directory Structure to Find The Content to Import
And this assumed file structure looks likes this (whether we're talking about a module, a profile or a sub-directory):
/content: all.content.yml files that contain the content data to be imported
/images: all images referenced
/data_files: all file assets using a file callback for loading and which are referenced
Wrapping Up
Things will never be the same again whenever you need to import content in a Drupal site!
enhanced user-friendliness for tracking down the content you wish to import
more “order” (thanks to the YAML format) in structuring your target content to be imported, which implicitly leads to a more streamlined import process
much more flexibility in managing your content
… the YAML Content module provides it with all and thus manages to stand out from the crowd of modules tackling the same content import “issue”. Feel free to take it for a spin next time you need to import/migrate content to a Drupal site!
Adrian Ababei / Aug 21'2017
Does anyone of the following scenarios sound familiar to you?
you need to translate a few language strings on your Drupal site due to a certain dialect that the great majority of your site visitors use
you simply prefer to see certain messages or labels on your website written slightly differently (let's assume that you prefer the “Add new content” textline to the “Add Content now” default one)
you need to go multilingual (on your Drupal site at least) and you have a whole heavy load of language strings to be translated into those target languages
What do you do? Which are your options? Which one guarantees you a streamlined translation process? And most importantly: which one makes the perfect fit for your own site-specific scenario?
Let us try and answer all your questions by presenting you 3 approaches to language string translation in Drupal:
1. Use the String Override Module
Now before we go on with our short step-by-step guide on how to install and to turn this module into your handy translation tool, we feel like pointing out its “limitation”. It makes a more than handy tool mostly for all those small changes that you need to apply to just a few strings on your Drupal site.
Therefore, using it for a full-site translation “marathon” is probably not the most inspired choice.
This being said, let's break down further with our step-by-step installation and configuration guide:
Step 1: Download and Install Your Module
You'll find it here: https://goo.gl/aCJGyy you've successfully downloaded it, go to “Modules” > “Add New” > use your “Browse” and search for the file you need to upload > “Install”
Next just briefly “scan” the enabled boxes corresponding to your two String Overrides fields there and, if everything looks OK to you, hit the “Save configuration” button!
Step 2: Trigger Your Module from the Configuration Menu
Now navigate to “Configuration” (you'll find it “neighboring” the “People” and the “Modules” tabs on top of the page) and, unfolding its menu, go to “Translate Interface”. It's the last option listed there (after the “Regional and Language” one).
Next just give it a click!
Step 3: Now Go Ahead and Replace Your Language String
Just enter the exact string that you want to replace/translate on the left side of your screen (in the “Original” section) and its replacement string/its translated version on the right side (in the “Replacement” section).
Easy peasy! And where do you add that the module even enables you to streamline things even more: you even get to replace multiple language strings simultaneously just by adding some extra rows.
Wrap Up: as already mentioned, the String Overrides module makes a great choice for “small-scale” string translations only. It enables you to track down the strings you need to change and to replace them with the new ones in no time. Yet, when it comes to translating an entire Drupal site, manually overriding every single language string using this module is hardly an effective solution. Such a “challenge” to respond to calls for a more powerful module such as the Locale module.
2. Use the String Translation Module for Handling User-Defined Strings
Also known as the i18n_string module (falling under the Internationalization project's “umbrella).
Now if the just mentioned Locale module (along with the .po files) enables you to translate hard-coded language strings, the String Translation module empowers you to translate the user-defined ones, too.
And here we're referring to taxonomy terms, menu items, field names, which are a bit “trickier” when it comes to translating them, since you can't just rely on Drupal 7 core for that.
Also, another important specification that we need to make is that this is an API module! Therefore, it doesn't work as a standalone solution, but rather “supports” other modules from the Internationalization group.
And when it comes to the UI that you get to use to translate language strings in Drupal using this particular module, you should know that it's incorporated in the localization system: go to Administer > Site building > Translate interface for translating your user-defined language strings.
"And how does it work exactly?" you might legitimately ask yourself.
Here's how:
it uses the Locale's module standard translation page (the above mentioned UI) for enabling you to translate the user-defined strings that it will have collected
but not before you haven't defined your site's default language (and it's not always English)
and it does this by grouping strings into “text groups” (you can find these groups of user-defined strings named “Profile”, "Menus” or “Taxonomy”, at admin/build/translate/search, under the "Limit search to:")
Notes:
do keep in mind that whenever you're translating your user-defined strings, the source strings that will get stored will be displayed in your default language
in case the default language on your website is not English, you still get to import/export English translations relying on your localization UI
a sort of “warning”: whenever you change the default language on your website you'll need to remember to redefine all your source language strings, too (the user-defined ones, of course)
in short: get yourself informed of all the implications deriving from changing your default language, since this goes hand it hand with a never-ending string editing “ordeal”, too
all the other translations on your website will be kept “unharmed”
yet, as a rule of thumb, you should be changing (if it's necessary) the default language on your site at the very beginning of its development process; later on, once you have your site up and running, changing it back and forth and in several different languages will only lead to... “language string chaos”
3. Use the Strings Overrides in Settings.php to Translate Language Strings in Drupal
You'll get to carry out the entire process in the settings.php file and where do you add that you don't even need to download, install and configure any extra module: it all happens in Drupal core.
Yet, you should be fully aware that it's not a method for the inexperienced either. We're not going to hide it from you: it does require a certain level of coding “expertise”.
Moreover, the same specification that we've made for the String Override module applies to this method, too: it's a tool to be used for small-scale string translations.
Not the best choice when you're faced with much larger-scale translations!
And now, shall we proceed with our explanations on “how it's done”?
1. Edit your settings.php file and go right up to line 430 (or somewhere 'around” it)
2. Next, uncomment this code (so that you can later on enter your translated strings)
434 # $conf['locale_custom_strings_en'][''] = array(
435 # 'forum' => 'Discussion board',
436 # '@count min' => '@count minutes',
437 # );
Note: in case the default language on your Drupal site is not English, remember to make the due modifications in the array key locale locale_custom_string_en so that it should reflect the actual language on your website!
Now let's assume that you're being “dared” to translate a whole lot of language strings on your website.Then you sure need to streamline things a bit, right?
For this you can rely on the i18n_string module, the API String Translation Module that we've just put into the spotlight.
Just edit your settings.php file by entering this new line of code:
$conf['i18n_string_translate_langcode_en'] = TRUE;
Or, if you're not that much into “tweaking” code in settings.php you can always rely on the variable_admin module (part of the Variable module). Here's how you get to leverage its functionality to translate language strings in Drupal:
first you navigate to admin/config/system/variable
next you click on the "Multilingual settings" tab
then on the "Enable translation for language" tab
set your default language
hit the “Save” button
And voila! Now you get to translate your language strings!
How about you? Have you, by any chance, discovered other more effective ways to translate language strings in Drupal?
Adrian Ababei / Jul 07'2017
When you say “SPAM” you say “facts of life”! The life of any Drupal site/app/blog owner or administrator out there! And aiming for a 100% spam-proofed website is as realistic as toiling hard to eradicate... social inequity for good. And yet, you can still cut it down to the very minimum thanks to this heavy weighting “offer” of anti-spam Drupal modules available to you!
Depending on the spam prevention Drupal approach that you'll supercharge your website with you'll be fighting spam via:
challenge-response interaction
real-time filtering
a “deadly” combo of the two approaches
more or less user intrusive methods (meaning featuring CAPTCHA or not)
And if the Mollom module for Drupal still is you site's old and familiar “shield” against spambots, you should know that the popular, non user-intrusive spam filtering service will cease to exist as of 2 April 2018.
Since no one knows how it's going to get configured after this date, whether it will continue to safeguard all sites or none, you'd better be open to alternatives.
Now to spare you of a time-consuming research, here are 7 anti-spam Drupal modules that our Toronto web development team has already hand picked for you! Scan them through, compare them and go for the one that best suits your site's anti-spam needs:
1. Honeypot
Honeypot is, by far, THE anti-spam module!
Basically, when they say or think of “spam prevention”, 99% of “Drupalists” out there say/think of the Honeypot module, of the Honeypot method (for yes, there's even an anti-spam “method” named after it).
So, you get the idea: in Drupal world spam-filtering means “honey-potting” in 9 out of ten cases!
“How does it work?”, you say? It fights back spambots on two fronts:
It uses a simple, yet surprisingly effective little “trick”: it adds a hidden field precisely to those forms on your Drupal site that it spam-proofs. An easily configurable “bait field” named something like “website” or “URL”. Once that hidden field gets filled in, it's a sign that a spambot has taken the bait. Sneakily-clever and effective!
It uses a timestamp (which, again, you get to configure to your liking, the default time being of 5 seconds). If a web form on your Drupal site gets filled in quicker than that specific timeframe that you've set, Honeypot will instantly block its submission. It will identify the “submitter” behind it as being a... spambot.
So simple, so effective and where do you add that Honeypot falls into that category of anti-spam Drupal modules that are 100% non intrusive. The ones that don't keep “bugging” your site's visitors with captcha tests to be solved in order to prove their humanity!
There's no user interaction involved, since Honeypot runs its “spambot-detecting” tests on the web forms directly!
Note: a con of this module is that those particular web forms on your Drupal site placed under Honeypot's anti-spam protection can't get cached! The module disables caching for these particular web forms.
2. http:BL
Now here's another spam blocking Drupal module worth your full attention!
Compared to Honeypot's own methods, the HTTP:BL's one is completely different: it blocks any requests coming from Ips included on a DNS blacklist! A blacklist put together by all the Drupal sites using this module for spam protection.
A sort of collective fight against spam, one that your own site will be involved in and “reap” the benefits of!
Note: the http:BL module can be installed on Drupal 7 websites only for the time being.
3. Captcha, One of The Reference Anti-Spam Drupal Modules
How could we have left out, from our list, precisely the module leveraging the “reference anti-spam method” itself: the CAPTCHA method?
It does precisely what its name says: it integrates CAPTCHA into your web forms! A challenge-response system meant to block any attempt of automated spam posting, based on “inconveniencing” the user to pass a given test (answering a question, solving a math problem etc.)
The module comes with its own default challenge-response tests, so it can be used as a standalone spam-blocking solution, and it can also be used as a base API for other anti-spam Drupal modules.
Notes:
our Toronto digital agency's team strongly recommends you to go for the second scenario, to make it just part of an entire “ecosystem” of anti-spam solutions on your Drupal site. There have been quite a few cases when spambots did manage to solve these challenge-response tests.
do keep in mind that captchas are always a deterrent for your users and can easily turn into a factor responsible for the low conversion rate on your Drupal site
4. reCaptcha
Take the CAPTCHA and the Re-Captcha modules as a “check and double check” spam-preventing method!
The ReCaptcha module goes even tougher on bots as it leverages the “squiggly words” method for blocking spam. Basically, words difficult to read by spambots get taken from old books and turned into captchas.
Note: a potential disadvantage of using this anti-spam Drupal module is that some users, too, might find it hard to recognize these “hard nut to crack”, less common words!
5. Antibot, One of the Anti-Spam Drupal Modules to Supercharge Your Site With
Here's another representative of the group of anti-spam Drupal modules that are totally unintrusive!
It uses its spam-preventing “superpower” like this: it practically assumes that bots are discouraged to spam pages using Javascript, therefore users enabling JavaScript in their browsers are, implicitly, spam-proofed by default.
For those cases where spambots do attempt to render precisely these “safe” JavascripT-based pages, the module will inspect your visitors' mouse movements and keyboard key presses in order to identify them as “humans” and to allow them to submit their filled in forms.
A pretty clever check-up if you come to think of it!
Note: one of the Antibot module's notable features is that, unlike other anti-spam Drupal modules, it doesn't disable cache on the web forms that it protects. A performance-enhancer you just can't overlook!
6. Botcha
Take the Botcha module as an all-in-one spam-blocking solution for websites running on Drupal! And where do you add that it doesn't involve any user interaction (and therefore “user bugging”) either!
There are 3 methods that this module uses for detecting and blocking spammy form submissions:
the honeypot method: it adds that hidden, “spambots luring” field to the protected web forms on your website
the source calculation-based method
the time-based method
And there's more! Once enabled, this module will also prevent any attempts of resubmitting the same form by using its own “NoResubmit” formula.
Note: the only downside is that there's no Drupal 8 version of the module. Not just yet!
7. Simple Anti-Spam
This module's main “role”, in its mission to prevent spam posting processes, is to block automatic spam coming from anonymous users.
And its name says it all; it's a simple “two-ingredient recipe” that it relies on for blocking spam:
there's an “I'm not a spammer” checkbox
and there's an “I'm a spammer” hidden checkbox
Once the later gets checked or the former is left unchecked, it will just “warn” the module of a “suspicions activity” on your Drupal site. It's then that Simple Anti-Spam displays a warning message or simply blocks that specific form from being submitted to your Drupal site.
Moreover, from:
blocking web forms by maximum text length
blocking them by stop words
to blocking form by number of links
and the list can go on
...the Simple Anti-Spam module is one of those anti-spam Drupal modules that can report a form as being “suspicious” (automatically blocking it, too) based on a whole array of criteria.
Note: there's yet no Drupal 8 version!
Your turn now! What other approaches have you adopted on your Drupal site for... pulling the plug on any type of spam activity?
Adrian Ababei / Jul 04'2017
It's speed that excites them all, with no exception! While some of the users prefer a minimalist web design, others might go for a maximalist design instead. Some have a weakness for content infused with storytelling, while others prefer just simple, “raw” data... And still: online users ALL have a thing for high page loading speed. And the Drupal CDN module makes such a powerful tool for you to supercharge your site within the name of top speed!
“Why should I even integrate a CDN when I can as well continue to use web hosting? What difference would it make?”
2 more than legitimate questions that we'll try to answer as we'll do our best to point out to you how precisely a CDN can boost your Drupal site's performance and why you should add it to your whole “arsenal” of speed-boosting tactics (moving CSS and JavaScript in the footer, perfecting the caching on your site, compressing your heavy load of images, etc.).
So, let's dig in, shall we?
How Precisely Can a CDN Guarantee You a Lightning Fast Website?
A short version of the answer to your valid dilemma would be: “compared to a shared web hosting, a CDN is built with speed in mind; it's equipped with the capacity to withstand huge fluxes of visitors”.
In other words: while shared hosting is simply geared towards delivering you a stable environment for your website, a CDN's infrastructure setup is developed precisely to ensure high page loading speed, irrespective of the influxes of traffic on your site.
And this is no news that we're sharing with you here: just consider with how many other websites your own Drupal site is sharing its hosting sever with and... you do the math!
Try to imagine how many times its performance would get boosted if it had a server all by itself. Dedicated exclusively to its own needs for speed and to answering its particular traffic challenges.
1. It Will Lighten That Heavy Load of Plugins On Your Site
Plugins! Who can resist them?
Once installed on your Drupal site, they just unleash their “encapsulated” functionalities. And each one of them comes with its own too-cool-to-resist-to functionality!
Piling them up, adding more and more, eager to impress your visitors, does have the “taste” of a “guilty pleasure” doesn't it?
“Guilty” because with each new plugin, with each new load of JavaScript and CSS files that you add on, your Drupal site gets even more bogged down.
And how can a CDN, via a dedicated tool such as the Drupal CDN module, help you out here? For it certainly cannot point out to you which plugins to keep and which ones to disable!
Well, what it CAN do, instead, is compress and minify their scrips! Therefore your site's heavy load of content will get considerably lighter and its performance dramatically improved!
2. It Will Speed Up Content Delivery Anywhere on The Globe
Basically a CDN infrastructure's built to serve content worldwide, irrespective of the website's own location on the globe.
In short: users located far away from your site's location, shouldn't be disadvantaged, in any way, in terms of content delivery speed.
And how does a CDN manage to deliver content, at high speed, to an international audience?
It relies on its entire “ecosystem” of proxy servers, located in various locations worldwide. It's them that catch and then replicates content (images, CSS, JavaScript files) precisely from those locations which are geographically closest to your users.
Wrapping up: if your Drupal site's located in Asia and a visitor from Europe makes a content request, that particular user will get its content delivered as quickly as a visitor from Asia would. Thanks to that network of servers, placed all over the globe, that your CDN will leverage.
The Drupal CDN Module: A Handy Tool for Integrating CDN on Your Website
Now, where do you add that you even have a dedicated module for it?
Once you've convinced yourself of the CDN's key advantages and once it's more than clear to you how its integration can benefit your own website, just go ahead and... enable it!
Practically what this module will do is change your files' URLs so that they should no longer load from your current shared web server, but from your CDN instead!
A Step-by-Step Guide to Installing and Configuring Your Drupal CDN Module
Now let's point out to you all the steps you need to take, along with some useful tips and tricks, so that you can use your CDN at its full potential on your website:
You install and enable your Drupal CDN module on your website
You navigate to its configuration page
See the “General Settings” tab? It's there that you can set the module's status (enabled, disabled or on testing mode)
Next, click on the “Details” tab and wisely scan through the whole set of options that you have there: pick “Origin Pull”, select the “CDN mapping” setting, and so on. It's the latter that enables you to specify which files on your website should get loaded via your CDN from now on
Select the “Far Future Expiration” setting and this way you will ensure that files delivered via CDN will “expire” in the future to come (enhanced cacheability on your client's side). Also, since these two settings go hand in hand: keep in mind to enable your “Aggregate and Compress CSS files” option in your Performance settings
Select “CDN supports HTTPS” (you'll find this setting in your “Other” tab) if it's the case, meaning if your Drupal website does use HTTPS
And that's it! Your site's all set for reaching... high page loading speed now!
Adrian Ababei / Jun 29'2017
Lazy loading (images, in this case) leads to energy preserving, which leads to a significantly improved site performance! Pretty ironic, isn't it? Well, this is precisely the logic on which the Image Lazyloader module in Drupal has been developed!
Saving your website's energy goes hand in hand with increasing its page loading times.
It goes hand in hand with “sparing” HTTP round-trips and taking some heavy load off the browser's “shoulders”, which otherwise would be “pressured” to relentlessly load thousands of images, even before they would be visible in his/her window browser.
Basically what this module does is both unexpectedly simple and impressively smart : it loads images on your Drupal site only when they're in visitors' viewports.
In other words: when there's no one opening them up in his/her browser, why bother loading an entire “cargo” of images? Why put an unnecessary pressure onto your site and the browser?
And now let us detail to you this “energy-saving” tool that Drupal puts at your disposal and which we encourage you to leverage in the name of a... faster loading website:
The Image Lazyloader Module: How Does It Work Exactly? What Makes it a Speed Booster?
The whole “mechanism” behind this Drupal module is surprisingly simple, if we come to think of it: it loads images (lots and lots of them) only when they're displayed in a site visitor's browser window. Not before!
And this is a “dream come true” especially for web designers, who're constantly dealing with the challenge of optimizing heavy loads of images.
As you can surely guess it yourself, the module's an incredibly useful tool precisely for those Drupal website carrying heavy “cargos” of images. For no matter how many they might, how heavy the load is, the Image Lazyloader module's capable to... lazy load them all and therefore to keep your site's performance at optimum parameters.
How Do You Use It? How Do You “Exploit” Its Full Potential on Your Drupal Site?
Now allow us to give you a few tips and tricks or, better said, a step-by-step guide on how to fully leverage this module on your Drupal site:
Step 1: you download (and install, obviously) the module itself along with the Libraries module in the sites/all/modules/contrib; the latter is, in fact, a dependency for 2.x branch
Step 2: next you download your echo library and place it in sites/all/libraries
Step 3: it's time to enable your Image Lazyloader module now
Step 4: don't forget to clear your cache
Essentially all these preliminary setups will actually grant you the much-needed freedom to quickly enable and to disable your Lazyloading module any time you want to.
Which turns it into such a powerful convenience when you just need to run some tests on your website, for instance.
And speaking of “empowerment”, there's an entire array of options to choose from and setups to enable, depending on your site's needs and on your purposes:
you have the loader icon letting you know if the images are not (yet) fully loaded
you get to set the distance from the viewable screen part and to go for a placeholder image of your choice
you're even enabled to select those particular web pages on your Drupal site where there's no need for an image lazy loading process to be performed
And voila! These are the answers to your “why” and “how" to use the Image Lazyloader module! Questions deriving, of course, from the main one: “how can I boost my Drupal site's performance?”
Feel free to test its image optimization power and to determine how much faster your web pages will then load.
Adrian Ababei / Jun 27'2017
You know what they say: “there's always a module in Drupal for... pretty much any type of functionality you might need!”. And pop-up messages are no exception! You have a whole “arsenal” of modules for building popups in Drupal, each one of them “specialized” in providing you with a certain type of “refinement” or set of particularities that you might need to leverage on your site.
You might want to trigger a pop-up taking the form of:
an announcement displayed in an overlay
a redirect pop up message
or maybe you simply need a pop-up opening up a form
There's a dedicated module to suit any type of site-specific expectation you might have.
And now, without further ado, let us “unfold” before you eyes the list of 5 useful modules for building popups in Drupal:
Popup
It's not without premeditation that we've put this particular module on top of our list. In terms of pop-up building “tools” in Drupal the Popup module can easily get perceived as an entire “toolkit” at your disposal!
Therefore, it's much more than just a stand-alone module, but rather a “cluster” of sub-modules, each one of them adding its own functionality to the whole suite.
As a whole, it helps you (your team of Drupal site builders) trigger menus, nodes, blocks, forms, php-generated content and views as pop-ups.
Taken individually, these sub-modules are:
Popup descriptions: turns item descriptions into popups
Popup filter: puts an input filter at your disposal, one turning popup tags into popups in filterable content
Popup: delivers a couple of basic popup styles and the basic popup framework, as well
Popup block: the one “responsible” for the block configuration options (the ones that make every turning of a block into a popup possible)
Popup menu: which, as you surely can already guess, provides the needed blocks of popup menus corresponding to each menu within your system
Popup UI: “dealing with” all the display formats, integrating node-reference fields and handling cck, as well
Take the Popup module as some sort of “Swiss army knife” standing out from the group of modules for building popups in Drupal. Just name a pop up-related functionality that you need to leverage on your site and this suite of sub-modules is ready to provide you with!
Popup Message
It's the answer to your “How can I display a pop-up messages, one per each browser session, to my Drupal site visitors?”.
And here's how you configure it so you can “harness” its functionality:
you navigate to admin/settings/popup_message where you define your message's body and title
next you navigate to admin/user/permissions in order to set your permissions
Note: if it's a Drupal 8-powered site that you own/administer, then you should know that the team of developers behind this module is working hard on its migration to Drupal 8 as we speak.
In short: is patience one of your virtues?
Pop-Up Question Redirect
Here's another module that shouldn't miss from your “toolbox” when you need to display a pop-up window to your Drupal site's visitors!
You get to leverage its functionality for:
informing them about a certain promotion running on your website
getting them to complete a survey
putting a certain (new) page or section on your site into the spotlight!
The moment the user clicks on the “Yes” button included in your pop-up window, he/she will get automatically redirected to that specific page that you're trying to draw his/her attention to!
And speaking of them, your visitors, here are the 3 user-oriented functionalities that this module provides:
The “Yes” function, which guides your visitors to the page that your pop-up is targeting
The “No, remind me later” function, which will trigger the pop-up window, once again, after a certain amount of time
The “No, don't show this again” function, which blocks the pop-up
As for all the needed configuration “backstage hocus pocus” that you need to make in order to fully “exploit” this module's functionality, it's actually just a 3-step procedure:
Just define your popup title and message
A textfield where you need to enter a redirect link
Set the time for the “remind me later” functionality
Note: you even get “spoiled” with a more-than-useful “extra” functionality, that of being able to exclude certain user ip's; this way you decide which ones of your visitors shouldn't be “bugged” with your pop-up message.
Popup Forms, One of the Key Modules for Building Popups in Drupal
First things first: you should know that this module doesn't “trigger” any pop-ups itself, instead what it DOES do is provide API for themes or/and modules!
So, it displays any given type of Drupal form as a popup, via an jQuery UI dialog. Compared to other “kindred“ modules, the Popup Forms module does not display any type of popping-up content except FORMS.
This being said, let's see which are the key features that you'll want to use:
It can easily integrate multi-step forms
It enables you to set up various parameters to your form callback
It can pop up https forms from non-secure pages, too
As aforementioned: it uses a jQurery UI dialog for displaying your pop-up forms
Once your forms are successfully submitted, you gain unlimited access to the $form_state from Javascript
Note: you'll need the jquery.postmessage plugin for “harnessing” this module's power on your Drupal site!
Pop-Up Announcement
It's the handy tool to rely on whenever you have an announcement to make; whenever you need to establish this type of interaction with your website visitors.
Basically it enables you to communicate with them via pop-up announcements displayed in overlays.
And it's you who'll determine on which ones of their visits on your site these pop-ups should appear (on their first visits, their third, their fifth; it's you who'll define this parameter).
Moreover, you even get to determine which is that specific page on your site that your announcement should pop-up on, as well!
In short: when you say Pop-Up Announcement you say “utter flexibility”! Basically you get to customize your pop-up interaction with your users the way you like it!
And now, just a quick overview of its most “tempting” functionalities:
The pop-up announcement shows up in an overlay
You'll get your own admin page, your own “control tower” where you get to manage all your announcements
Your announcement pop-ups can be written in html, too
As already mentioned here: you get to define on which ones of your users' visits your announcements should get triggered; and it's on your dedicated configure page that you get to make all these key set ups.
And speaking of functionalities and parameters that you're empowered to define yourself: you even get to set up a specific visibility for each one of your announcement messages; for instance you can have different degrees of visibility on different sections of your site
Note: OK, so you're granted tones of flexibility and power of customization, but there still are some limits, as well. 2 actually: you can't set more than one announcement pop up per page or more than one pop-up per user visit!
As for the configuration part, just navigate to admin/config/popup_announcement/list and make all the right selections and set ups for tailoring your announcement pop-ups to your site's needs!
It looks like our list of useful modules for building popups in Drupal ends here! Do you happen to have other “favorites” that haven't made it to our list?
Which one of the 5 modules mentioned here do you find most effective, most feature-rich and helpful for your own team's pop-up building “tasks”?
Adrian Ababei / Jun 23'2017