Language Selection

English French German Italian Portuguese Spanish

Drupal

From student message board to open-source CMS: a Q&A with the creator of Drupal

Filed under
Software
Interviews
Drupal
Web

Drupal has completely changed the way large organisations think about and build their digital estate.

The open source content management system (CMS), which was founded in the year 2000, is now used by some of the world’s biggest brands like Warner Music, Virgin Sport, Princess Cruises and Wilson because of its ability to handle huge spikes of web traffic and because of how it enables marketers to manage their brand digitally on a global level.

TechRadar Pro recently had the opportunity to interview the creator of Drupal, Dries Buytaert who told us how he came to create the CMS and gave us insight into what's in store for future versions...

Read more

Also: Acquia Lightning Revamped, Enonic 7.0 Released, More Open Source News [Ed: Drupal founder now selling better performance]

CMS: Acquia, Drupal and Drew Nackers

Filed under
Drupal
  • How open source distribution accelerates Drupal development time by 30%

    Acquia released the latest version of Acquia Lightning, a flexible Drupal 8 distribution thousands of organisations are using to launch new Drupal sites and projects quickly.

    Acquia Lightning offers new capabilities for developers, site builders, site managers, and marketers to build sites faster and deliver richer digital experiences.

    As companies continue to elevate the role of content delivery across every channel, teams face pressure to build sites that are increasingly demanding.

  • Acquia delivers open source framework for contextual commerce
  • Acquia Delivers Open Source Framework for Contextual Commerce

    Acquia has unveiled the Acquia Commerce Framework, a set of open source Drupal modules that brands can use to deliver seamless, contextual commerce experiences. These open source modules provide flexibility to embed commerce components directly into content-driven experiences, helping remove friction from the commerce process. As a result rich, omnichannel shopping experiences can emerge from content building efforts quickly and easily, without having to assemble troves of data or build complicated navigation paths.

    Using the framework, brands can turn themselves into e-commerce powerhouses. Within Drupal, site builders can create as many virtual catalogues as they need using custom connectors, linking product data to content. Brands can tap the benefits of open source technology to create a smoother shopping experience – connecting customers with lively, useful content and clear, actionable checkout options. Authors can easily embed this product data directly into the content they are creating, which is the basis for contextual commerce.

  • GeekHive Open-Source Technical Lead Becomes a Pantheon Hero

    GeekHive proudly announces the acceptance of Technical Lead Drew Nackers into the Pantheon Heroes Advocacy Program for his valuable contributions to the Drupal and WordPress open-source development communities. The Pantheon Heroes Program honors programming professionals who voluntarily dedicate their time, expertise, and talents toward the continual advancement of the Open Web ecosystem.

Acquia Acquires Mautic

Filed under
OSS
Drupal
  • Acquia Looks To Create Open Digital Experience Platform With Mautic Acquisition

    Acquia, a digital experience cloud platform, acquired Mautic, an open source marketing automation software provider, for an undisclosed amount.

  • Acquia Acquires Mautic

    Acquia, the open source digital experience company, announced today that it has acquired Mautic, creator of the world’s only open marketing automation and campaign management platform. Together, Acquia and Mautic form the only open alternative to expensive, closed, stagnant marketing clouds, expanding Acquia’s vision to offer the industry's first Open Digital Experience Platform. Customers can now automate, personalize, and measure the entire customer lifecycle – across every channel, at every stage, and at every interaction.

  • Simulating the sound of stars, Acquia buying Mautic, open source at the VA, and more news

    What happens when two open source companies come together? In the case of Drupal service provider Acquia buying marketing automation firm Mautic, it's the creation of the first open marketing cloud.

    The deal brings together "open source content management with open source marketing automation," said Acquia CTO Dries Buytaert. DB Hurley, Mautic's founder, added that "open source is poised to transform marketing in the same way it has every other function in the enterprise." According to Buytaert, with the acquisition of Mautic, Acquia "can help marketers reach customers on their preferred channel, in ways that are personal and relevant to them."

Open source bug poses threat to sites running multiple CMSes

Filed under
OSS
Drupal
Security

Websites running the Drupal, Joomla, or Typo3 content-management systems are vulnerable to attacks that could possibly execute malicious code until administrators install just-released patches, developers and security researchers warned.

The vulnerability resides in the PharStreamWrapper, a PHP component developed and open-sourced by CMS maker Typo3. Indexed as CVE-2019-11831, the flaw stems from a path-traversal bug that allows hackers to swap a site's legitimate phar archive with a malicious one. A phar archive is used to distribute a complete PHP application or library in a single file, in much the way a Java archive file bundles many Java files into a single file.

Read more

A Splintering Martech Market Is Driving Open Source Adoption, Says Acquia

Filed under
Server
OSS
Drupal

Acquia has expanded from its traditional enterprise level web content management product and services built on the open source software Drupal to a new experience platform, whic includes several marketing solutions. The new platform is also based on Drupal open source software.

The shift was in response to the complex and underwhelming proprietary martech solutions, according to Acquia executives speaking at the company’s APAC conference in Melbourne last week.

The flexibility and scalability of open source is a popular trend, not only restricted to martech, but, Acquia argues the model is particularly effective for marketing solutions.

Read more

Content Management System (CMS) News: Subrion and Drupal

Filed under
OSS
Drupal

Acquia CTO defines ‘decoupled’ Drupal

Filed under
Drupal

Many open source enthusiasts (practitioners, paragons, partisans, preachers and protagonists) will have heard of Drupal.

For those that haven’t, Drupal is an open source content management framework, as well as an extended community of developers, maintainers and business supporters.

Read more

Whitehouse.gov Moves From Drupal to WordPress in CMS Shift

Filed under
Drupal

Eight years ago, the Obama administration chose an open-source content management system to power the whitehouse.gov website. In 2017, the Trump administration also chose an open-source CMS, albeit a different one from what has been in use since 2009.

In October 2009, the open-source Drupal CMS was chosen to power the whitehouse.gov website, a move that was heralded at the time as a big win for both Drupal and open source. With relatively little fanfare, the whitehouse.gov website was relaunched on Dec. 15 using a WordPress CMS, instead of Drupal.

Read more

Drupal Association and Project Lead Statement Regarding Larry Garfield

Filed under
Drupal

We recognize that events and conversations earlier this year surfaced many concerns and needs within the community. One in particular is related to Larry Garfield’s role within Drupal. After several conversations with Larry, and careful consideration, we can now provide an update to this situation, our decisions, and Larry’s role moving forward.

We thank you for your patience while we spent many hours meeting with Larry and outside experts to resolve this matter. We recognize that actions were taken quickly before, which resulted in poor communication, and we wanted to avoid this happening again. We made sure to provide the proper time and attention these conversations needed before releasing this follow-up post.

We know our poor communication in the past led to frustration with us and pain for others. For that, we are sorry. We want to learn from this and improve. We listened to the community’s request to provide more streamlined, clear, and easy-to-follow communication. So, this post includes a statement from Dries Buytaert, as Project Lead, followed by a statement from Megan Sanicki, Executive Director of the Drupal Association.

[...]

Larry's subsequent blog posts harmed the community and had a material impact on the Drupal Association, including membership cancellations from those who believed we doxed, bullied, and discriminated against Larry as well as significant staff disruption. Due to the harm caused, the Drupal Association is removing Larry Garfield from leadership roles that we are responsible for, effective today.

[...]

As long as Larry does not harm or disrupt the project, he will continue to be a member of the community as an individual contributor. However, we reserve the right to remove Larry's individual contributor roles if that is not the case. Also, we recognize that situations can change over time, so the Drupal Association will revisit these decisions in two years.

I recognize that my communication to Larry and with the community did not provide transparency into this situation and I apologize for the pain and confusion that caused. Our advisors told us not to share these details in order to protect all parties pending evaluation from authorities. Also, when Larry shared these details during the appeal process, he asked us to keep them confidential. It is my hope that this statement provides the clarity that many have been requesting.

Read more

German firms unveil DeGov eGovernment platform

Filed under
OSS
Drupal

German ICT service providers are pooling their work on public administration portals, leveraging open source software. The companies unveiled DeGov, a portal solution built on Drupal 8, at the ‘Drupal in der öffentlichen Verwaltung’ (Drupal in public administration) conference in Düsseldorf on 17 November.

Read more

Syndicate content

More in Tux Machines

Android Leftovers

One Mix Yoga 3 mini laptop demostrated running Ubuntu

If you are in interested in seeing how the Ubuntu Linux operating system runs on the new One Mix Yoga 3 mini laptop. You are sure to be interested in the new video created by Brad Linder over at Liliputing. “ I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.” The creators of the One Mix Yoga 3 have made it fairly easy to boot an alternative operating system simply by plugging in a bootable flash drive or USB storage device. As the mini laptop is powering up simply hit the delete key and you will be presented by the BIOS/UEFI menu. Simply change the boot priority order so that the computer will boot from a USB device and you are in business. Read more

Security: Curl, Fedora, Windows and More

  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443. If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader. GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions. The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions. The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them. What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer. What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.” What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload. There are concerns the flaw may affect non-Dell PCs, as well. The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool. The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here). You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process. DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity. Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window. Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT. Read more Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate