supporting a drupal site over the longterm
TRANSCRIPT
Supporting Drupal Over the Longterm
Anne Stefanyk (@eskimoYogi) & Meghan Sweet (@meghsweet)10 June, 2012
Sacramento Drupal Camp 2012
Site Launches!
Now What?
Empower Your Users
Drupal Web Team
• Learning Drupal Takes Time
• Early & Often Team Engagement
• Train the Trainer
• Backup Expert Level Support
• Effective Documentation
Content Manager Training• Onsite Training Sessions
• Web Team Trainers
• FAQ / Forums
• Help Videos
• Training Materials
DocumentationDetailed logs in source codeExtensive commenting Onscreen helpTraining Videos FAQ Capture
RecruitingSuccession Plans
Internships
Drupal Give
Stop Gap Solutions
Support Best Practices
Ideal Solid Foundation• UX Strategy
• Documentation
• Early Client Engagement
• QA by Web Stakeholders
• Scalable Architecture
Communication Ticketing Tool
Expectation Management
Expect Ongoing Education
QA Best Practices • Development, Testing & Production
• Stakeholder Sign-off by Review
• Regular Release Cycle
• Batch work
Prevention is better than cure
Audits and Monitoring
Auditing what to look for:
- Version Control- Hacks- Hacked! module- Custom Modules- what do they do?- Contributed Modules- updates, errors?- Custom Theme- Core- update and/or upgrade?- Live Feeds?- Site Logs- Permissions- php filter, security risks.- Spam Prevention- Performance Optimization- SEO Checklist Module
Periodic Auditingis important!
Security Review• Input formats• File system permissions• Error reporting• Private files• Allowed upload extensions• Database errors• Failed logins• Drupal admin permissions• Username as password• Password included in user emails• PHP access
Training is key. Users need Drupal awareness!
Monitoring- Most of the time in recovery is figuring out what’s broken. - Monitor Trends- Use Syslog to write Drupal logs to text file- Monitor Servers, SEO- Cron- Drupalmonitor.com- Are your admins educated?- Every time you have an issue- start to monitor.
Detecting Problems- Spam- number of nodes, emails being sent, comments, users. (Good to know trends) - Mollom, Captcha, Admin Views
- Use Version Control to check diffs- revert to good version
- Hacked! Module - switch to unhacked contrib module
- Security Review Module will look for spam in content.
What to do with those error messages?
Security & Module Updates
UpdatesKeep on top of Updates- within 30 days at least.
Finding a bug in a contrib module.
Do Not Hack Core! No exceptions.
Planning for Custom Modules
Staying in tune with Advances in Community Modules
Version Upgrades
TimingCommunity Catch-up New ModulesConsider a Rebuild?TestingWhat’s the plan?
Community Connection
Groups.Drupal.orgInternal Knowledge SharingLocal User Group Meet-upsDrupal Camps, Cons & Summits
Taking Over Another’s Work
discoveryread the documentationtalk to all stakeholdersget clear line of sight to prioritiesreview the laundry list
Key PointsContinual Love & Attention
Keep Documentation Fresh
Use good communication and feedback/QA tools
Foster Drupal Talent
Community Contribution
Thank You!@chapter_three