image of money in a person's hand

PCI Compliance & Drupal Commerce: Which Payment Gateway Should I Choose?

When version 3.0 of the Payment Card Industry Data Security Standard (PCI-DSS) became mandatory in 2015, many eCommerce merchants were ill prepared to meet the more stringent security requirements with the existing modules available for Ubercart and Drupal Commerce. Thankfully, several of the more popular payment processors on the market rose to the challenge and … Continued

MySQL coding img

How to Prevent SQL Injections in Drupal

Drupal is an incredibly powerful open source CMS that allows you to create, manage, and serve content. Unfortunately, so can others if you don’t properly sanitize all user input in order to prevent a malicious attack! Here are some tips on how to stop one of the most common vulnerabilities: SQL injections. Motivation: Why CMS … Continued

image of credit card

Do You Have Unanswered Drupal PCI Compliance Questions?

Securing credit card transactions is an important yet daunting task for most eCommerce merchants. And while the community sponsored Drupal PCI Compliance White paper has helped bring awareness and clarity to the topic, important questions still remain. Do you have any unanswered questions or constructive feedback? It’s been almost two years since my colleagues and … Continued

Drush Make: Evaluating the Benefits and Pain Points of Each Approach

Drush Make: Evaluating the Benefits and Pain Points of Each Approach

Drush make is a popular solution for Drupal developers wishing to represent an entire application codebase in a single make file (or collection of make files), but does it always make sense to use? And is it a one size fits all solution? This article reviews several advantages and disadvantages of the more common approaches … Continued

image of hands holding gears

Avoiding the “API Integration Blues” on a Drupal Project

As Drupal continues to mature as a platform and gain adoption in the enterprise space, integration with one or more 3rd party systems is becoming common for medium to large scale projects. Unfortunately, it can be easy to underestimate the time and effort required to make these integrations work seamlessly. Here are lessons we’ve learned… … Continued

image of padlock icon on keyboard

Coming Soon to a Hacked Drupal Site Near You: Stolen Credit Card Data

Six weeks ago, the Drupal Security Team disclosed one of the most critical vulnerabilities in the history of the project. Today we’re still seeing usage statistics that indicate tens of (if not hundreds of) thousands of Drupal sites are still at risk. Given that approximately 10% of all reported Drupal installations have an eCommerce component … Continued

image of customer shopping online

Drupal PCI Compliance White Paper: Version 1.1 Released!

Version 3.0 of the PCI compliance standard becomes mandatory on January 1st, 2015 and will be a complete game changer for most Drupal eCommerce sites.Are you ready to meet the challenge? For those wanting to dive right in, simply click this link to download the white paper. Matt Kleve was spot on in his DrupalCon … Continued

DrupalCamp Colorado: My "Crossing the Rubicon" Moment

DrupalCamp Colorado: My “Crossing the Rubicon” Moment

Contributing to and interacting with the Drupal community isn’t as scary or as daunting as you might think. My advice—take the plunge by attending a local meetup or camp and be open to the many opportunities that will start presenting themselves. It worked for me! Here’s my story… Looking back at my Drupal career, I … Continued

Deploying a Drupal Site from a Chef Role

Deploying a Drupal Site from a Chef Role

With a properly setup Chef repository and server, managing Drupal application deployments becomes a simple exercise of managing the subset of metadata within the combinations Chef role files that are specific to each deployment. Prerequisites This article will focus solely on the mechanics of how to deploy a Drupal site by creating and updating a … Continued

Image of knife

Using Knife and Knife.rb for Managing Databags

Securely deploying sensitive data with Chef can be achieved through the use of encrypted databags, which can be managed easily with a properly configured knife.rb file. If you’re using Chef as your configuration management solution, you are probably familiar with it’s powerful command line utility, knife, which allows one to interact with the chef server … Continued