Who is responsible for your company’s Drupal website? In larger companies, it’s often the marketing department that is responsible for website content. In smaller companies, it’s likely the business owner. But for the purposes of this article, “responsibility for the website” refers to maintaining the integrity of your Drupal Content Management System (CMS) software. While a marketing manager might assume IT takes care of the website software, and a small business owner might assume a hosting company takes care of the website software, it is wise to assume your Drupal website software is out of date, less user friendly, and vulnerable to attack unless you can prove otherwise.
Drupal Website Maintenance Tips
- Is Your Version of Drupal Actively Supported? – Drupal has a large, international, vibrant community of developers that support current versions, and work on future versions of the software. This is one of the strengths of an open source CMS like Drupal. Enhancements and fixes are released on a regular basis. However, if your website is running an old, unsupported version of Drupal, you’re much more likely to experience browser compatibility issues, server software conflicts, and security issues. We recommend you determine your version and visit Drupal’s main project page to view current releases.
- Is Your Site Securely Configured? – Software as powerful and configurable as Drupal demands setup expertise. If your business site was built by someone new to Drupal, it is a very good idea to have an experienced Drupal developer review key configuration issues that could otherwise leave your website vulnerable.
- Maintenance is Cheaper than Repair – Drupal is a well-architechted CMS that will continue to perform for a long time, even when neglected. However it’s much better to budget the time and/or money necessary to keep your site patched and healthy. It will perform better if kept up to date. Many browser revisions require minor patches to Drupal and contributed modules. Keeping things up to date ensures a good experience for your visitors. Things get much more costly if your site is hacked. You can lose data, comprimise customer information, and have to rebuild your website. It’s certainly a more expensive, and stressful, proposition than keeping on top of your Drupal updates.
- Regularly Check for Drupal Core and Module Updates – Assuming you have access to your Drupal admin section, check your Status Report (administer > reports > status) on a monthly basis. Pay special attention to anything that is highlighted in red on the report. In particular, look at Drupal Core Update Status and Module and Theme Update Status. Drupal core is the main CMS program and Modules refer to Contributed Modules – very useful tools that have been contributed by the open source community. If these entries are missing from your Status Report, you might need to enable the Update Status module. If this is all greek to you, a qualified Drupal consultant can help you do this safely and affordably.
- Have a Plan – What happens if your site gets hacked? Unfortunately, this really does happen from time to time, and not just to high profile companies. You don’t even have to be the target of an attack. There are “passive” attacks that happen every day in the form of programs, or “scripts” that comb the Internet much like a search engine, looking for the website equivalent to unlocked doors and open windows. The best thing you can do is feel confident that you have a patched, up to date CMS, backups of your entire site (both files and database) and a written procedure (with key contact information) to follow if things go wrong.
Whether you’re a sole proprietor, or part of a larger team, if you’ve read this far you probably feel a level of responsibility for your Drupal website. We encourage you to just have a friendly conversation with your webmaster, IT team, hosting company, or Drupal developer to make sure Drupal website maintenance is part of your company’s plan.