Feb 11 2020
Feb 11

Our client Senec is working in a competitive environment and has to react on changing requirements regarding privacy quickly. At the same time the user experience cannot be harmed by regulations. In the beginning of the year Senec requested us to build a two-step process for YouTube/Vimeo video playback.

Senec's website is built with Drupal and won the International Splash Awards 2019.

When loading a page that contains a video, a preview is displayed website with a custom image and a play button according to their design system. 

Screenshot video on Senec website before privacy overlay

But when the visitor decides to click on the video playback button, an information message is displayed as shown in the image below.

Screenshot video on Senec website with privacy overlay warning about video content

It is only after the user clicks on 'Play video' that the request is made to to the video provider to fetch the content and display it.

Displaying the video like this allows for both an engaging visual experience, and at the same time protects the user's privacy until consent has been explicitly granted.

Feb 09 2020
Feb 09

Headless and decoupled architectures continued to gain popularity in 2019, driven by the number of channels that need to be supported and the increase in JavaScript frameworks being used to build more engaging digital experiences.

Lately, as an evolution of microservices architecture, we are also seeing a trend in micro frontends, which brings the microservices concept to the frontend. With micro frontends, instead of building a Single Page Application (SPA), you structure your application vertically, with functionalities being grouped together from the backend (microservices) all the way to the frontend.

Here at 1xINTERNET we have adopted React as the JavaScript framework to build more dynamic experiences. React is a modern JavaScript framework used to build fast, high-performing user interfaces. It was originally created by Facebook and it has been released under an open-source license. While React allows us to create experiences that customers love using component-based and flexible JavaScript that our frontend developers love to write, Drupal’s API-first approach gives marketers the editorial experience they need.

Most of the websites we have built in 2019 use React in the frontend in some way or other. Where needed we expose functionality as microservices with Drupal and consume and display them with micro frontends built with React. For us this has become a best practice and we will continue to build web-based solutions like this. We have recently published a seperate article about this topic: Headless applications with Drupal and React in 2020.

Jan 31 2020
Jan 31

The reason is that in most cases the optimal choice of technologies was

  • to use React, where the UI experience could not be achieved equally good with Drupal only,
  • and to use standard Drupal, where there was little benefit of using a decoupled solution.

For us the main advantage of using React is that we can build far more engaging user interfaces. The most obvious reason is that you do not have full page reloads, which gives you a much better perceived performance. We like to call this UI snappyness or app feeling.

If you compare standard server side rendering using a CMS system with a headless application you can observer the following things:

  • Building a website with a CMS is relatively easy, because the technology is so mature (Drupal was first launched in the year 2000!), and most of the functionality you could ever want is already included.
  • Building a completely headless website is more complex, because you have to implement many things yourself, or assemble them from an extremly fast growing and changing eco system (checkout the NPM packages for React and the number of weekly installs!).

Therefore we perceive the sweetspot of decoupling somewhere between going fully headless and using standard CMS technology. The following image illustrates this sweetspot.

Sweet spot of headless applications with Drupal in 2020

Building a website with CMS technology has limited complexity, but does not provide the best possible user interface (UI). Building a fully headless website (also referred to a single page application - SPA) provides the best UI experience but comes at high cost.

For us the sweetspot is using client side apps for some parts of the website, and to leave the rest to the server based application.

This approach provides almost the same UI experience, but at a much lower cost.

Please note, that we destinguish between user experience (UX) and user interface (UI) experience. The experience for a user can also be great with a server side application and become clunky with a client side application. But nonetheless you can build better user interfaces with client side applications.

Let's look at a couple of solutions we built last year:

We built a fully headless commerce solution with React that uses SAP Commerce Cloud (formerly known as SAP Hybris) as backend and integrates with Drupal for content management. In this project we chose to built the application fully headless, because the application driver is Commerce Cloud. Commerce cloud does not come with a frontent that was meeting the requirements of the client. The content in this application is provided by Drupal. As soon as the project is out of private beta we will publish a case study about it.

eldum rett appAnother exiting application from last year is the solution for Eldum Rétt built with Drupal Commerce. This project is a nice example of using both standard serverside rendering in combination with client side apps for parts of the website. Examples of such parts are the user interfaces for the shopping cart or for complex order customisations. As part of the project we also built a React Native app to bring recurring and interactive functionality to the users' Android and IOs devices. You can read the case study here. With this website we won the international Splash awards for the best commerce solution with Drupal in 2019.

A project that we are very proud is Senec, that won the international Splash awards 2019 in the category corporate websites. The project was chosen, because of the optimal selection of technologies for the purpose of the website. Parts of the websites were built as React apps to create the best possible user experience. The most noticable is a complex application process, that could not have been easily built with Drupal only. Here you can read the the case study about this project.

In other projects we have built decoupled searches with Reactivesearch, integrated third party applications with React, and replaced user facing Drupal views with client side React applications. A good example for this is Bodensee Schiffsbetriebe. On this page you find a a number of React apps: The ticket search, the full page search, and the tour search. The tour search could have also been built with Drupal views, but since we had the other searches in place it was a small step to also replace views with React apps.

Building websites like this has work out really good for us at 1xINTERNET, and we will continue using this approach in 2020.

Nov 17 2019
Nov 17

It actually all started several weeks before DrupalCon. I was chatting on Slack with Aleksi Peeples, who, if you don't already know, is the author of the Data Transform Plugin, and a huge contributor to the Drupal theming ecosystem. I had assumed that people like him, always attended, but he explained that as a freelancer it was out of his budget. It’s my belief that for contributors like Aleksi it's extremely important to attend DrupalCons, since many important discussions and decisions are often made at the events themselves. Additionally, being physically present at the contribution sprints makes it’s possible for contributors like Aleksi to sit down with, let’s say, Tim Plunkett, to discuss Layout Builder (which they did). But that wouldn’t have happened if I hadn’t spoken up! I explained all this to Baddy who in turn talked to Ryan Szrama from Centarro. Several emails later, Aleksi had a ticket! Thank you, Ryan!! 

You can learn more about Aleksi and his contributions to Drupal on his blog: https://www.aleksip.net/

Nov 05 2019
Nov 05

Dries also spoke about the importance of diversity, how it’s necessary to streamline processes, and how tooling needs to be good. He stated the fact that Drupal needs more contributors and last, but not least, more sponsored contributors. You can read about this in his blog post “Balancing Makers and Takers to scale and sustain Open Source” published this summer.  The blog is a great read on how we can grow and scale Open Source with “Makers” and “Takers”. It highlights how we should try to turn the Takers into Makers and then promote the Makers, so that in the end both Makers and Drupal can benefit.

In the DriesNote Dries interviewed Baddy, our CEO, about her vision on contribution and took 1xINTERNET as an example of a company that has become one of Drupal’s top contributors. During the interview, Baddý informed us that it took her 7 years to realise that she could contribute as a non-coder to Drupal, and that there was a community behind the software she was using. Seven years is a long time in a competitive environment. How can we make sure our users find it worthwhile to become a Maker? And how can we make sure the users find a way to take part, and realize that it's appreciated by our community. A Maker will get a project; and, possibly at the same time, buy a sponsoring package at DrupalCon; help towards development of Drupal by sending in bug fixes and new features; and perhaps organise a local event. This is a very valuable Drupal user. In the meanwhile a Taker might get a project and possibly sponsor some part of DrupalCon, which is great, but certainly not as impactful as when a Maker gets the same project.

Oct 29 2019
Oct 29

The International Splash Awards 2019 took place on the 28th of October in Amsterdam. The event was well organised and team 1xINTERNET had a great evening. It was nice to meet our colleagues from all over Europe and see the great selection of work being created with Drupal. Over 75 projects from 13 countries were submitted so the jury had a big task choosing the finalists. 

Oct 25 2019
Oct 25

In the Corporate category we are nominated for our work for SENEC. SENEC is a fast growing startup and a daughter company of ENBW one of the largest German energy providers, operating in Germany, Italy, and Australia.  In order to support the company growth, the website was needed to be relaunched.   When working on the project we had three main goals:

  • Provide information about the products in an engaging way.

  • Offer contact possibilities to get information about the products and services.

  • Allow customers to close energy contracts directly on the website.

Our aim was to  turn the well working original SENEC website into a ‘lead machine’ that will serve landing pages and converting user journeys for all marketing activities. The client requested Drupal because of its excellent reputation as an enterprise grade web CMS. The IT department of SENEC operates all systems in-house, and Drupal could easily be integrated in the existing IT landscape, because of its open standards and in-built API functionalities.

Nils Buntrock, Director Marketing at SENEC:  

“We are amazed by the flexibility and simplicity of the Drupal's backend. Our editors can produce better content and work much faster than before. This allows us to focus more on growing our online business and reach our audience better."

The most important part of the IT landscape of SENEC, that Drupal connects with, is a feature rich services API, where product information, usage data, and contract booking can be accessed from third party applications. Other integrations were to a proprietary CRM system, as well as the marketing automation system Hubspot.

Oct 10 2019
Oct 10

Baddy, our CEO wrote about this in detail in this blogpost, where she did the math for us.

At the end of the calculation it turned out we spent 7.5% of our budget in 2018 on contribution and this makes us both proud and determined to continue doing more and better every year.

This year at DrupalCon Amsterdam we are sponsoring the Contribution Day on Thursday. This comes very natural to us. Most of our teammates have contributed to Drupal in one way or another, and especially because we built our business on an open source software, we feel that it’s important to give back to where it all comes from.

When preparing for DrupalCon Amsterdam we had big discussions about what to give the attendees. Last year we wanted to giveaway something useful, so we gave everyone a bamboo toothbrush that have hopefully biodegraded by now. But this year we got inspired by our friends at Dropsolid who are contributing 15 minutes to Drupal for every sign up to their survey at their booth during the Con.

We thought this was an awesome approach and sparked an idea for us to do something similar.

It’s often shyness and the fear of lack of enough knowledge that keep people away from starting to contribute, and almost everyone who has ever attended such an event had that feeling in the beginning.

Therefore we wanted  to make this first step a bit easier. How could we help people to start?

So 1xINTERNET is offering five types of free trainings that everyone can sign up for during the Con on our website:

  • How to become a code contributor to Drupal
  • How to become a non-code contributor to Drupal
  • Migration training
  • React basics training
  • Patternlab + component based integration

The training will take place online after the DrupalCon, but everyone who registers will be notified in advance.

But we are not going to stop here, because for every registration 1x will contribute 15 minutes to Drupal, and by signing up for a free training you are also encouraging us to do more contribution.

So we invite you to join us on this journey of contribution on Thursday 31st of October in Amsterdam - every bit matters.

See you in a couple of weeks!

contribute today

Oct 09 2019
Oct 09

Adam Juran joins the 1x team as Senior Frontend Developer. He has over twenty years experience in web development, his experience spanning design to frontend and backend development. At his most recent position with Forum One, he became a Pattern Lab/Drupal integration specialist, giving sessions and trainings on the subject at DrupalCons and other events. Adam currently lives in Brussels, Belgium, with his wife and three children. He is also an opera singer and has a black belt in Kung Fu.

Zsófi Major comes from Hungary and is joining our project management team. She gained extensive experience in project- and account management at Cheppers and after a short break from Drupal and project management she is back to the scene and we are very grateful to have her on board. 
Zsófi has been in the Drupal community for years, being core organizer of and volunteer at various Drupal events, including Drupal Dev Days Szeged 2014, the Drupalaton series and Drupal Iron Camp in 2016. She was also a track chair for the Being Human track at DC Vienna 2017 and DC Nashville 2018.
She loves good tv and enjoys both theater and concerts. She also collects teaspoons! 

Sep 03 2019
Sep 03

Often corporate design is focused on logos, fonts, colors and content, but predefined interaction components such as buttons, cards, accordions, sliders, shopping carts, etc., are missing.

In many cases such organizations are missing methodologies and tooling to create a complete corporate design, to make it available to the whole organization, and to maintain it. With maintaining I refer to extending, updating, or changing the design, as well as rolling these changes out.

Design systems to the rescue

A design system is a methodology to build corporate design and break it down into components. Each of these components are named and have a clear definition of how they are to be used.

Typically a design system is comprised of two elements: a design language and an online system to make the components available, including their styles and template source codes.

When creating a design system all stakeholders must work together and agree on the outcome. Stakeholders usually include designers, marketeers, frontend developers, managers, and all other people who create or work with the corporate design.

All stakeholders agree on the naming of the components. This is referred to as creating a design language. They also agree how the components are supposed to be used across all properties. This includes digital properties such as websites, social media profiles, etc., as well as offline properties such as brochures, advertorials, merchandising articles, etc.

Let’s have an example: On a website you typically have overview pages that provide links to landing pages with the actual content. Think of a listing of products or services where the user clicks on the most suitable item. For these items you would typically use an ‘Image Text Card’. Such a card could be assembled by using a ‘Squared Image’, ‘Regular Text’, and a ‘Standard Button’.

Example: ‘Image Text Card’

Example: ‘Image Text Card’

As can be seen above, the design language that all stakeholders have agreed on contains:

  • ‘Image Text Card’,     
  • ‘Squared Image’,     
  • ‘Regular Text’, and     
  • ‘Standard Button’.

This methodology would be used for all aspects of the corporate design.

It is good practice to start with the smallest possible components such as colors, texts, headings, and images. Each must be named and have a clear definition of how it is used. Colors could be named as ‘Primary Color’, ‘Secondary Color’, ‘Danger Color’, etc. Fonts could be named as ‘Regular Text’, ‘Summary Text’, ‘Cited text’, ‘Eyebrow Text’, ‘Link Text’ etc. Headings would typically be organized as ‘1st Level Heading’, ‘2nd Level Heading’, ‘3rd Level Heading’, etc. Images would be organized as ‘Squared Image’, ‘Hero Image’, ‘Banner Image‘, Portrait Image’, etc. Starting with the smallest possible components is also referred to as Atomic Design, any my colleague Jule wrote about this here.

Headlines, colors, image formats

Headlines, colors, image formats

Components, as in the examples above, are then used, when the layout for a new page type is created, let’s say for a news article. Such an article typically consists of a ‘1st Level Heading’, a ‘Hero image’, an ‘Eyebrow text’, a ‘Summary Texts’, and ‘Regular Text’ combined with ‘Cited text’ and ‘Link Text’.

Example: ‘News Article’

Example: ‘News Article’

When working with a design system methodology an important aspect is having a concise design language. If all your components have sensible names it is easy for the stakeholders of the design system to communicate.

You could for example ask the designer to change the ‘Regular Button’ on the ‘Text Image Card’ to an ‘Icon Button’.

Example: ‘Regular Button’ and ‘Icon Button’ on ‘Image Text Card’

Example: ‘Regular Button’ and ‘Icon Button’ on ‘Image Text Card’

Making design systems available

A design system is typically made available with a web based application, that allows easy navigation of all components simulating different use cases.

Also such software makes templates available, that can be used by other software to use the components of the design system.

Popular examples of design systems are

At 1xINTERNET we use Pattern Lab for creating an online design systems. We primarily develop with Drupal and React and have built our own set of tooling for creating decoupled frontends. As a starting point we have used the well established Particle theme.

The design patterns are made available as templates that can be integrated in other software. Hereby, the design system would typically supply the templates in the programming language needed by the different systems.

Working like this allows us to completely separate frontend development from the development of the actual websites. Once the frontend is ready and all components are made available with as templates, they are used by all websites.

With this approach the highest possible re-usability of frontend is achieved, and after initial creation cost, the development time of new websites can be significantly reduced.

A nice demo is provided by Patternlab.

How do you handle different designs?

Often large organizations have different designs. Sometimes they have different brands, or the same brand is used differently for varying audiences. Such audiences could be students, adults, or pensioners, who are best reached with different communication.

Different designs could be different logos, fonts, colors, etc. But they could also include completely different interaction components like fancy sliders, or traditional accordions.

Depending on the use case such designs could be integrated into the standard design system. The number of available sliders could be increased, and it could be agreed that usage of certain sliders is only allowed for certain use cases.

Alternatively, a variant of the design system could be created. Here fonts and colors could be changed, the majority of components could be integrated from the main design system could be used, some components could be excluded, and other components could be added.

Example: Alternative design for headlines, colors, and image formats

Example: Alternative design for headlines, colors, and image formats

Example: Application of alternative design to different ‘Image Text Cards’

Example: Application of alternative design to different ‘Image Text Cards’

The application of different designs in web projects works the same and with one design system.

Testing component based designs

An important aspect of component based designs, is that they can easily be tested.

All components of a system are developed for different screen resolutions, work for touch- and non-touch screens, are optimized for accessibility, and are optimized for the best possible user experience.

In such a system all components can be tested individually with a variety of testing tools. We always use Visual Regression testing during quality assurance, to analyze what components are affected by the changes.

Screenshot: Visual regression testing of different patterns

Example: Application of alternative design to different ‘Image Text Cards’

How to share design systems across implementation teams

Given that you have created a design system and made it available for users to work with it, the question arises, how this is actually done.

Imagine a scenario in which you have a standardized CMS technology such as Drupal in your organization. Frontend in Drupal is created with so-called Twig templates. Twig is a flexible templating engine for PHP.

These templates can simply be included in your CMS. Technically speaking, the CMS would include the Twig templates from the design system and parametrize these with the content generated by the CMS.

Code snippet: Include another Twig template in Twig

Code snippet: Include another Twig template in Twig

Staying within the example above for generating a news article, the CMS would call the template for ‘1st Level Headline’ to display the headline, the template for ‘Hero Image’ to display the image, etc.

A good way to integrate your design system into a website project is to make it available as a regular source code dependency. That way when all dependencies of the website are updated, the design system is also updated, and the newer version is automatically included in the next version of your website. This is especially useful to automatically roll out extensions, updates, or changes of your design system to all websites.

Let’s have an example. Say, you discover that the component ‘Cited Text’ does not comply with WCAG 2.1. standards for web accessibility, the design team is asked to provide an updated visual design. Then the frontend developers update the component with new styles and supply a new template. Once the new design system is tested a new version is created. As soon as the websites using ‘Cited Text’ are updated, the new version of cited text is rolled out.

When to use Patternlab

We primarily use Drupal and React for building websites. The technology we use for creating design systems is Patternlab (see above).

For both we provide templates. For Drupal we provide Twig templates, for React we provide JSX templates for the different React components.

Patternlab can be extended to also ship other types of templates (Angular, Vue, etc.). The question of whether Patternlab should be used to build up a design system depends on the technology being used in the website projects.

For building standalone JS based applications Storybook is a great tool for developing UI components. 

Aug 26 2019
Aug 26

In order to achieve a consistent user experience and interface design, Atomic Design is a great approach.

Atomic Design is not only a budget saver, but also your best friend for future requirements and allows you to fulfill customers wishes quickly and easily. 

The first step is to define the elements that are most in use. This would be, for example, colors, fonts, buttons and images. Starting with these simple elements, different components can be assembled, such as cards or sliders.

Example: Image + Text + Link = Card

Example: Image + Text + Link = Card

The analogy for atomic design is that it is organized along chemical notation, ranging from atoms to molecules to organisms to templates to pages. On each level the components are assembled from smaller components of the lower levels.

Chemical notation in 'Atomic Design'

Chemical notation in `Atomic Design`

When we design user experiences (UX) at 1xINTERNET we try to build the best possible user interfaces with the fewest amount of components.

The focus is to create efficiency in the project and to potentially save budget. When fewer components are designed in UX, fewer components need to be programmed and tested. 

This approach not only reduces initial efforts considerably but also reduces the cost of the project and its maintenance.

Imagine the following example: You have three different interaction pages and you create a great but different UX for each of those. Then, the users have three different systems to learn. If you instead create an equally good UX by reusing as many components as possible, the user has to learn much less and can interact much faster with your application.


A strict design process and the right integration with the website technology certainly offers efficiency benefits. We plan to write more blog posts on the topic in the next few weeks and are looking forward to your feedback.

Aug 20 2019
Aug 20

Open Source is increasingly popular and many companies actively contribute to Open Source projects. A lot of research is ongoing on the topic, “why contributing is valuable for companies” and Dries also wrote a blogpost about "The investment case for employing a Drupal core contributor".

In this blogpost I want to describe, why 1xINTERNET contributes and what is our rationale behind it. 

Then I will put this in perspective of contributions to the Drupal project. 

Finally I’m interested in hearing from others how they are contributing and how they calculate the value of contribution. 

What’s your math?

Community work

In 2018 we spent a lot of time organising Drupal Europe together with other community members. We also actively participated in Drupal camps as well as in various boards such as the Drupal Association board, the board of the German Drupal Business Association, and the board of the Icelandic Drupal Association. We help promote Drupal in Germany and Austria by organising the Splash Awards and we encourage our employees to actively participate in Drupal events.
In 2018 we had on average 20 employees. When we calculate the time spent on community activities, it adds up to ~5% of our workforce which is equivalent to ~1 full-time-equivalent (FTE).

Sponsorships and memberships

In 2018 we invested in the following events and memberships:

  • Sub sponsor at Frontend United in Utrecht, Netherlands
  • Gold sponsor at Drupal Dev Days in Lisbon, Portugal
  • Bronze sponsor at DrupalCamp Essen, Germany
  • Co-organisation of Drupal Europe in Darmstadt, Germany
  • Organisation member of the German Drupal Association
  • Founding member of the German Drupal Business Association
  • Premium Supporting Partner of the Drupal Association
  • Donation to the Promote Drupal fund

In total we spent ~1% of our total budget in sponsorships and memberships related to the Drupal project.

Source code contribution

We also actively contribute source code to the Drupal Project. Some projects we strongly support. For others we contribute patches.
We support over 13 projects and have over 406 credits counts. We are currently ranked nr. 42 of the organisations that contribute most back to Drupal. We are really proud of this considering the size of our company is currently “only” 28 employees.

How much did we contribute in 2018?

If we add up our efforts in community work, sponsorships and memberships, and source code distribution, 1xINTERNET contributes an equivalent to ~7,5% of our annual budget to Drupal.

Why do we contribute?

Visibility and partnerships

1xINTERNET has a lot of visibility in the Drupal ecosystem. We can easily transport our marketing messages and position ourselves as experts delivering ambitious Drupal and React projects. Because we are recognised as experts, we cooperate with some of the largest organisations using Drupal and get to work on challenging projects.


Team event in Conil, SpainFor us it is easy to recruit Drupal talent because other members of the community notice our contribution and want to participate in shaping some of the important parts of the Drupal project. Our employees see benefits for personal growth as well as increasing their skill sets by working on the Drupal project. 

Also our team is diverse with 30% female staff, over 15 nationalities, and 5 different religious views. Our company language is ("broken") English and we have offices in Germany (Frankfurt and Berlin), South of Spain, and Iceland.

Because we can recruit top talent, we can grow our team the way we want to have it. We have a very strong collaborative spirit within our company and friendships between team members. This all helps us to build the best team and would not be possible without the visibility through our contribution.

Project delivery and development expertise

Contributing to Drupal has direct impact on the quality of our workforce.

Through source code contribution, our developers constantly increase their development skills, as their code is being reviewed by other developers. From this our clients benefit directly, because we can deliver higher quality software solutions.

The same is true for community work, because giving public talks, mentoring others, or organising events helps our employees increase their personal, organisational, and management skills.


Lastly we directly benefit with sales. We actively get invited to participate in tenders. We also get direct client requests for Drupal development, digital consulting, Drupal trainings, and Drupal audits. 

Do we contribute enough? What is our math?

Given the fact we spend 7,5% of our budget which leads to having strong advantages in visibility, recruitment, sales and collaboration, we feel that this is a sensible spending.

However, we don’t know how our advantages would change, if we contributed differently.

Questions we ask ourselves are:

  • Does it make sense to spend 7,5% of the total budget into Drupal?
  • Would we get the same kinds of benefits if we spend less on contribution and spend more on marketing activities? 
  • Would we benefit more, if we contributed more code and did less sponsoring?
  • Or should we maybe spend even of our total budget to further increase our competitive advantages?
  • What about our competitors? We often ask ourselves, why they should benefit from our contribution while contributing much less to the Drupal project?

When trying to answer these questions we have also looked at research. There is a lot of research going on at Harvard and other universities. Most of the findings confirm our observations, how we as a company benefit from contribution. 

In “Learning by Contributing: Gaining Competitive Advantage Through Contribution to Crowdsourced Public Goods” the author Frank Nagle from Havard writes:

Quote from Frank Nagle

Is this model scalable? If we spend 15% of our budget in 2019, will we see even more increase in 2020? If this works so well for us, why are other companies not doing the same?

We can start by looking at other companies in the current Drupal contribution ecosystem to see if we can find a pattern or a solution to make this scalable to both grow the ecosystem as well as the contribution to the project.

What's your math?

Call to action - what's your math?

In this blogpost we have laid down how much our company contributed to Drupal in 2018 and how we calculate the value of our contribution. We have analysed source code contributions to Drupal, community work and sponsorships.

We see a lot of great companies contributing to Drupal, so many people are thinking about how much to contribute.

We don’t know if we should contribute more? Or if we should contribute differently?

In order to make better decisions, we need your input. We want to learn how you value contribution. Please share, what your math is.

I think this is a valuable discussion to have in our community. It is important for all members to understand the value of contributing, so we can grow as companies and together let Drupal prosper into the future.

Please respond with a blog post and let me know either via twitter at @baddysonja,  send me an email to [email protected] or write a comment here below. I will share your posts and link them in this post.

Feb 06 2019
Feb 06

It is not only your Smartphone or its apps that constantly want to do security updates. Every professional software has continual updates and improvements going on (Windows, MacOS, all Social Media services and much more). Drupal is also continuously being updated. And most importantly, many updates come with security updates as well.

For example, a patch for a critical security update for Drupal will be released tonight (2019-02-20): https://www.drupal.org/psa-2019-02-19 

Due to time and cost reasons it is very common that these updates are postponed or not done at all, which is the perfect situation for hackers to gain access to your website and all your data. Without the correct security updates your website is at risk for data and identity theft.

1. Updates protect against security gaps

Security gaps and software vulnerabilities are loved by hackers.

A software vulnerability is a security flaw or a security weakness of a software program or an operating system.

Hackers can use these vulnerabilities to infect your software with code they have written specifically for these vulnerabilities.

If your software is infected, the hacker can steal your data and/or take control of your software. The hacker could for example spread unwanted content throughout your website.

Security updates close these known security holes and keep the hackers out.

2. Security updates protect your data

Data security is an important topic and has been brought to the public eye again with the new GDPR from 2018.

Each website has some personal information, for example a contact form filled out by your visitors. And if you have a online store or an application portal you will have a lot more data and much more sensitive data.

This data is then stored on your website and can have a high value for hackers.

Sensitive data may then be used by the hacker to commit crimes on your behalf (or on behalf of your website visitor) or just to sell the data for someone else to use.

3. Functional failures and high costs due to missing security updates

Both the Drupal software and the modules used on your website constantly continue to evolve to provide enhanced functionality and more stability.

With an outdated security update such enhancements can result in downtime on your website and high repair costs if something breaks.

Security updates with Drupal

Drupal distinguishes between security updates for the core and for its modules. Both are always published on drupal.org.

In addition, every security update is classified in a vulnerability level.

The core is the basic software. The modules (e.g., slider) are used in addition on every website and the modules also constantly get new security updates.

Our recommendation

Security updates should always be carried out promptly.

If you do not have a partner who can update your Drupal web page quickly and cost effectively, feel free to contact us and we will gladly assist you with that.

About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web