Drupal

last person joined: 10 days ago 

If you work in an organization using Drupal, or you work with nonprofits using Drupal, this is the group for you. If you work in a nonprofit using Drupal, or you work with nonprofits using Drupal, this is the group for you! Stuck on something? Have a question? Drupal experts are on hand to answer questions! You don't need to be a member of NTEN to participate in the monthly calls — feel free to invite colleagues and spread the word.

Seeking Drupal feedback

  • 1.  Seeking Drupal feedback

    Posted 12 days ago
    Hello all

    We have a Drupal 7 website that is no longer staffed. Our organization is still interested in keeping it online for the foreseeable future for various reasons.

    I completely understand that best practice is to just shut it down. But right now, that is not an option.

    Seeking feedback on:

    1) How can we find out how much it would cost to keep the site's CMS, plugins and modules updated so it is less vulnerable to hacking?

    2) What other factors do we need to be cognizant about as far as web security in keeping an inactive website alive? What aspects should be deactivated, for example, to make the site less prone to malicious intrusion?

    Thanks for any feedback! I'd love to have some Drupal agencies reach out if this sounds like something you might be interested in talking with me as a potential project.

    Thanks

    ------------------------------
    Redante Asuncion-Reed
    Washington DC
    ------------------------------
    Tech Accelerate


  • 2.  RE: Seeking Drupal feedback

    Posted 12 days ago
    Would making it a static site work for you?  No one could log in and change content, any Drupal advanced search wouldn't work (but a simple search could be added), comments could not be added, and any contact forms would have to be directed elsewhere or use a service, but you would have almost no security concerns and extremely cheap upkeep!

    ------------------------------
    Benjamin MelanÃ@on
    Natick, MA
    ------------------------------

    Tech Accelerate


  • 3.  RE: Seeking Drupal feedback

    Posted 12 days ago
    Hi Benjamin

    That is an intriguing idea! Tell me more! How can a Drupal site be converted to a static site?

    Thanks

    ------------------------------
    Redante Asuncion-Reed
    Washington DC
    ------------------------------

    Tech Accelerate


  • 4.  RE: Seeking Drupal feedback

    Posted 12 days ago
    There are companies that will maintain a Drupal site even past it's end of life date. MyDropWizard is one I've heard of, but there are probably others.

    To Ben's idea, once a website hits the browser, it's just made up of HTML and images (sometimes also Javascript and CSS). So you might be able to save all of that and just publish it that way.

    = Ruby







    Tech Accelerate


  • 5.  RE: Seeking Drupal feedback

    Posted 12 days ago
    Edited by Benjamin Melançon 12 days ago
    Yes, to be clear, as Ruby says Drupal 7 will have long term support provided by MyDropWizard and others for a decade or so.  But if you just want the content to stay up there, HTtrack can get that from any site even if you can't log in to administer that site anymore (as long as every page has a public link to it somewhere linked from the homepage), or you can use a Drupal module like Static to try to be a bit more polished and clever about the result.  This page provides a good overview.

    ------------------------------
    Benjamin Melançon
    People Who Give a Damn
    ------------------------------

    Tech Accelerate


  • 6.  RE: Seeking Drupal feedback

    Posted 11 days ago

    (Cross-posted from NTEN Discuss)

     

    Hi Redante,

    Backups are definitely key, and retaining some over a longer period (don't keep just the latest 1 copy). Keeping one in a safe place is also advisable, i.e. just grab one you have now and download it to your org's local file server.

     

    I would say if the website is still providing value then I don't think best practice is necessarily to shut it down. Just support it as best you can and you can always shut it down later if you need to.

     

    Keep in mind website ongoing maintenance should be a fairly small cost of your overall organization. If the website is still valuable then I would say generally those costs are probably worth it. Mainly that should involve the hosting/domain service, and a technical resource for software updates. This could be an existing technical staff, an external person, or some sort of service.

     

    Hosting/domain should run you something like $10-20 /month. The maintenance part depends, for example I often recommend applying security updates every 3 months, and depending who is providing this service for you it might be around roughly $100-200 each time.

     

    Another option you can consider is having someone do a quick audit of your site to make sure there aren't any existing gaps. If nothing else you may be able to do some of this yourself for starters: check the drupal status report on the site and the available updates report, check the user list to make sure that's up to date (disable old users), and you can also consider subscribing to drupal's security mailings if you really want to go down that rabbit hole. :)

    https://www.drupal.org/security

    https://twitter.com/drupalsecurity

     

    Hope this helps!

     

    Martin

     

     


    Martin Hansen
    Senior Consultant / R&D Lead
    519.725.7875 x2120 | 888.817.3048


    PeaceWorks™ Technology Solutions
    101 - 554 Parkside Drive,
    Waterloo ON  N2L 5Z4
    www.peaceworks.ca

     

    Mission driven technology solutions

    This communication is intended for only the party to whom it is addressed and may contain information that is privileged or confidential. Any other distribution, copying or disclosure is strictly prohibited and is not a waiver of privilege or confidentiality. If you have received this telecommunication in error, please notify the sender immediately by return email and delete this message from your computer.

    Please note: If you do not wish to receive promotional emails from us, please reply to this message indicating your preference and we will refrain from sending further promotional emails.

     




    Tech Accelerate


  • 7.  RE: Seeking Drupal feedback

    Posted 11 days ago
    Depending on your requirements, I tend to agree with Ben that converting to a static site might be the best way to go. That would give you top notch security and performance at a fraction of the maintenance cost. You could potentially still add comments via something like https://disqus.com/ or search with https://www.algolia.com/ if you want to take the effort to set those up.

    HTTrack is one way to convert, although sometimes the output it produces can be kind of messy and hard to work with. I made a short YouTube video back in 2016 showing how to convert a Drupal site to a static site using HTTrack that maybe is helpful to you: https://youtu.be/SDEUW4UVS8c

    If you want to go the extra step of making your site more maintainable, you might consider putting it in the format of a Static Site Generator (SSG) instead of simple flat HTML files. The advantage to doing this is that you can integrate build tools that allow you to do dynamic things (like using a lightweight CMS for less technical folks, for example https://www.netlifycms.org/). There are also tools that can help you convert into popular SSG's:
    - For Hugo: https://github.com/danapsimer/drupal2hugo
    - For Gatsby: https://www.gatsbyjs.org/blog/2018-10-26-export-a-drupal-site-to-gatsby/

    Keep in mind Drupal 7 is reaching end of life for official support in November 2021. That's still a ways out, but at that point you'll need to consider upgrading to version 8, which is a fair amount of effort, or moving to something BackdropCMS, which is a fork of Drupal 7 and should provide an easier upgrade path.

    ------------------------------
    Jim Fisk
    Developer
    Framingham, MA
    ------------------------------

    Tech Accelerate


  • 8.  RE: Seeking Drupal feedback

    Posted 11 days ago
    Thanks everyone for the excellent feedback! I wouldn't have been able to come up with these ideas if not for the NTEN community!

    For those familiar, which companies can do a Drupal audit and how much does an audit typically cost?

    Thanks

    ------------------------------
    Redante Asuncion-Reed
    Washington DC
    ------------------------------

    Tech Accelerate


  • 9.  RE: Seeking Drupal feedback

    Posted 11 days ago
    Ben's cooperative https://agaric.coop/, or my company http://jantcu.com/ (shameless plug) could probably help you if you're interested.

    If you want to contact a few different folks for pricing, there's a fairly comprehensive list of Drupal vendors here: https://www.drupal.org/drupal-services

    Cost would largely depend on how comprehensive you want your audit to be. Sounds like you only need someone to take a few hours to look through your current setup and make a recommendation for long-term support. If you need them to dive deep and gain a thorough understand of custom modules and integrations, that would cost more. I don't want to speak for others, but I see most agency rates between $75 - $185 per hour, although some might fall outside that range.

    ------------------------------
    Jim Fisk
    Developer
    Framingham, MA
    ------------------------------

    Tech Accelerate