When version 3.0 of the Payment Card Industry Data Security Standard (PCI-DSS) became mandatory in 2015, many eCommerce merchants were ill prepared to meet the more stringent security requirements with the existing modules available for Ubercart and Drupal Commerce. Thankfully, several of the more popular payment processors on the market rose to the challenge and… Continue reading PCI Compliance & Drupal Commerce: Which Payment Gateway Should I Choose?
Author: Rick Manelius
How to Prevent SQL Injections in Drupal
Drupal is an incredibly powerful open source CMS that allows you to create, manage, and serve content. Unfortunately, so can others if you don’t properly sanitize all user input in order to prevent a malicious attack! Here are some tips on how to stop one of the most common vulnerabilities: SQL injections. Motivation: Why CMS… Continue reading How to Prevent SQL Injections in Drupal
Do You Have Unanswered Drupal PCI Compliance Questions?
Securing credit card transactions is an important yet daunting task for most eCommerce merchants. And while the community sponsored Drupal PCI Compliance White paper has helped bring awareness and clarity to the topic, important questions still remain. Do you have any unanswered questions or constructive feedback? It’s been almost two years since my colleagues and… Continue reading Do You Have Unanswered Drupal PCI Compliance Questions?
Drush Make: Evaluating the Benefits and Pain Points of Each Approach
Drush make is a popular solution for Drupal developers wishing to represent an entire application codebase in a single make file (or collection of make files), but does it always make sense to use? And is it a one size fits all solution? This article reviews several advantages and disadvantages of the more common approaches… Continue reading Drush Make: Evaluating the Benefits and Pain Points of Each Approach
Avoiding the “API Integration Blues” on a Drupal Project
As Drupal continues to mature as a platform and gain adoption in the enterprise space, integration with one or more 3rd party systems is becoming common for medium to large scale projects. Unfortunately, it can be easy to underestimate the time and effort required to make these integrations work seamlessly. Here are lessons we’ve learned…… Continue reading Avoiding the “API Integration Blues” on a Drupal Project
Coming Soon to a Hacked Drupal Site Near You: Stolen Credit Card Data
Six weeks ago, the Drupal Security Team disclosed one of the most critical vulnerabilities in the history of the project. Today we’re still seeing usage statistics that indicate tens of (if not hundreds of) thousands of Drupal sites are still at risk. Given that approximately 10% of all reported Drupal installations have an eCommerce component… Continue reading Coming Soon to a Hacked Drupal Site Near You: Stolen Credit Card Data
Drupal PCI Compliance White Paper: Version 1.1 Released!
Version 3.0 of the PCI compliance standard becomes mandatory on January 1st, 2015 and will be a complete game changer for most Drupal eCommerce sites.Are you ready to meet the challenge? For those wanting to dive right in, simply click this link to download the white paper. Matt Kleve was spot on in his DrupalCon… Continue reading Drupal PCI Compliance White Paper: Version 1.1 Released!
DrupalCamp Colorado: My “Crossing the Rubicon” Moment
Contributing to and interacting with the Drupal community isn’t as scary or as daunting as you might think. My advice—take the plunge by attending a local meetup or camp and be open to the many opportunities that will start presenting themselves. It worked for me! Here’s my story… Looking back at my Drupal career, I… Continue reading DrupalCamp Colorado: My “Crossing the Rubicon” Moment
Deploying a Drupal Site from a Chef Role
With a properly setup Chef repository and server, managing Drupal application deployments becomes a simple exercise of managing the subset of metadata within the combinations Chef role files that are specific to each deployment. Prerequisites This article will focus solely on the mechanics of how to deploy a Drupal site by creating and updating a… Continue reading Deploying a Drupal Site from a Chef Role
Using Knife and Knife.rb for Managing Databags
Securely deploying sensitive data with Chef can be achieved through the use of encrypted databags, which can be managed easily with a properly configured knife.rb file. If you’re using Chef as your configuration management solution, you are probably familiar with it’s powerful command line utility, knife, which allows one to interact with the chef server… Continue reading Using Knife and Knife.rb for Managing Databags