When version 3.0 of the Payment Card Industry Data Security Standard (PCI-DSS) became mandatory in 2015, many eCommerce merchants were ill prepared to meet the more stringent security requirements with the existing modules available for Ubercart and Drupal Commerce. Thankfully, several of the more popular payment processors on the market rose to the challenge and … Continued
Drupal is an incredibly powerful open source CMS that allows you to create, manage, and serve content. Unfortunately, so can others if you don’t properly sanitize all user input in order to prevent a malicious attack! Here are some tips on how to stop one of the most common vulnerabilities: SQL injections. Motivation: Why CMS … Continued
Securing credit card transactions is an important yet daunting task for most eCommerce merchants. And while the community sponsored Drupal PCI Compliance White paper has helped bring awareness and clarity to the topic, important questions still remain. Do you have any unanswered questions or constructive feedback? It’s been almost two years since my colleagues and … Continued
Drush make is a popular solution for Drupal developers wishing to represent an entire application codebase in a single make file (or collection of make files), but does it always make sense to use? And is it a one size fits all solution? This article reviews several advantages and disadvantages of the more common approaches … Continued
As Drupal continues to mature as a platform and gain adoption in the enterprise space, integration with one or more 3rd party systems is becoming common for medium to large scale projects. Unfortunately, it can be easy to underestimate the time and effort required to make these integrations work seamlessly. Here are lessons we’ve learned… … Continued
Six weeks ago, the Drupal Security Team disclosed one of the most critical vulnerabilities in the history of the project. Today we’re still seeing usage statistics that indicate tens of (if not hundreds of) thousands of Drupal sites are still at risk. Given that approximately 10% of all reported Drupal installations have an eCommerce component … Continued
Version 3.0 of the PCI compliance standard becomes mandatory on January 1st, 2015 and will be a complete game changer for most Drupal eCommerce sites.Are you ready to meet the challenge? For those wanting to dive right in, simply click this link to download the white paper. Matt Kleve was spot on in his DrupalCon … Continued
Contributing to and interacting with the Drupal community isn’t as scary or as daunting as you might think. My advice—take the plunge by attending a local meetup or camp and be open to the many opportunities that will start presenting themselves. It worked for me! Here’s my story… Looking back at my Drupal career, I … Continued
With a properly setup Chef repository and server, managing Drupal application deployments becomes a simple exercise of managing the subset of metadata within the combinations Chef role files that are specific to each deployment. Prerequisites This article will focus solely on the mechanics of how to deploy a Drupal site by creating and updating a … Continued
Securely deploying sensitive data with Chef can be achieved through the use of encrypted databags, which can be managed easily with a properly configured knife.rb file. If you’re using Chef as your configuration management solution, you are probably familiar with it’s powerful command line utility, knife, which allows one to interact with the chef server … Continued
