Planet Drupal

Syndicate content
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 39 min 35 sec ago

OSTraining: How to Update Drupal 8 Sites

Tue, 01/03/2017 - 21:24
pThroughout the life of your Drupal site, you'll have to perform updates. New features, bug fixes and security patches will be released for Drupal itself, plus modules and themes. This process is essential to maintain a healthy Drupal site./p pWe're going to take you through the process of updating your Drupal sites. Watch the following 5 videos below, and you'll see to update Drupal 8./p

Drupal Console: Drupal Console RC-13 is out

Tue, 01/03/2017 - 19:10
Latest DrupalConsole RC-13 is out including several changes and fixes. This is a summary of the most notable updates.

Lullabot: HTTPS Everywhere: Quick Start With Cloudflare

Tue, 01/03/2017 - 19:00
div class=rich-textdiv class=rich-text__contentpThis is a continuation of a series of articles about HTTPS, continuing from a href=https://www.lullabot.com/articles/https-everywhere-security-is-not-just-for-banksHTTPS Everywhere: Security is Not Just for Banks/a. If you own a website and understand the importance of serving sites over HTTPS, the next task is to figure out how to migrate a HTTP website to HTTPS. In this article, I#x2019;ll walk through an easy and inexpensive option for migrating your site to HTTPS, especially if you have little or no control over your website server or donapos;t know much about managing HTTPS./p h2A Github Pages Site/h2 pI started with the simplest possible example. I have a website hosted by a free, shared hosting service, Github Pages, that a href=https://help.github.com/articles/securing-your-github-pages-site-with-https/doesn#x2019;t directly provide SSL for custom domains/a, I have no shell access to the server, and I just wanted to get my site switched to HTTPS as easily and inexpensively as possible. I used an example from the Cloudflare blog about a href=https://blog.cloudflare.com/secure-and-fast-github-pages-with-cloudflare/how to use Cloudflare SSL for a Github Pages site/a./p pServices like a href=https://www.cloudflare.com/Cloudflare/a can provide HTTPS for any site, no matter where it is hosted. Cloudflare is a strongContent Delivery Network (CDN)/strong that stands in front of your web site to catch traffic before it gets to your origin website server. A CDN provides caching and efficient delivery of resources, but Cloudflare also provides SSL certificates, and they have a free account option to add any domain to a existing SSL certificate for no charge. With this alternative there is no need to purchase an individual certificate, nor figure out how to get it uploaded and signed. Everything is managed by Cloudflare. The downside of this option is that the certificate will be shared with numerous other unrelated domains. Cloudflare has higher tier accounts that have more options for the SSL certificates, if that#x2019;s important. But the free option is an easy and inexpensive way to get basic HTTPS on any site./p pIt#x2019;s important to note that adding another server to your architecture means that content makes another hop between servers. Now, instead of content going directly from your origin website server to the user, it goes from the the origin website server to Cloudflare to the user. The default Cloudflare SSL configuration will encrypt traffic between end users and the Cloudflare server (front-end traffic), but not between Cloudflare and your origin website server (back-end traffic). They point out in their documentation that back-end traffic is much harder to intercept, so that might be an acceptable risk for some sites. But for true security you want back-end traffic encrypted as well. If your origin website server has any kind of SSL certificate on it, even a self-signed certificate, and is configured to manage HTTPS traffic, Cloudflare can encrypt the back-end traffic as well with a #x201C;Full SSL#x201D; option. If the web server has an SSL certificate that is valid for your specific domain, Cloudflare can provide even better security with the #x201C;Full SSL (strict)#x201D; option. Cloudflare also can provide you with a SSL certificate that you can manually add to your origin server to support Full SSL, if you need that./p pThe following screenshot illustrates the Cloudflare security options./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content h3Step 1. Add a new site to Cloudflare/h3 pI went to Cloudflare, clicked the button to add a site, typed in the domain name, and waited for Cloudflare to scan for the DNS information (that took a few minutes). Eventually a green button appeared that said #x2018;Continue Setup#x2019;./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content h3Step 2. Review DNS records/h3 pNext, Cloudflare displayed all the existing DNS records for my domain./p pNetwork Solutions is my registrar (the place where I bought and manage my domain). Network Solutions was also my DNS provider (nameserver) where I set up the DNS records that indicate which IP addresses and aliases to use for my domain. Network Solutions will continue to be my registrar, but this switch will make Cloudflare my DNS provider, and I#x2019;ll manage my DNS records on Cloudflare after this change./p pI opened up the domain management screen on Network Solutions and confirmed that the DNS information Cloudflare had discovered was a match for the information in my original DNS management screen. I will be able to add and delete DNS records in Cloudflare from this point forward, but for purposes of making the switch to Cloudflare I initially left everything alone./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content h3Step 3. Move the DNS to Cloudflare/h3 pNext, Cloudflare prompted me to choose a plan for this site. I chose the free plan option. I can change that later if I need to. Then I got a screen telling me to switch nameservers in my original DNS provider./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content pOn my registrar, Network Solutions, I had to go through a couple of screens, opting to strongChange where domain points/strong, then strongDomain Name Server, point domain to another hosting provider/strong. That finally got me to a screen where I could input the new nameservers for my domain name./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content pBack on Cloudflare, I saw a screen like the following, telling me that the change was in progress. There was nothing to do for a while, I just needed to allow the change to propagate across the internet. The Cloudflare documentation assured me that the change should be seamless to end users, and that seemed logical since nothing had really changed so far except the switch in nameservers./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content pSeveral hours later, once the status changed from Pending to Active, I was able to continue the setup. I was ready to configure the SSL security level. There were three possible levels. The Flexible level was the default. That encrypts traffic between my users and Cloudflare, but not between Cloudflare and my site#x2019;s server. Further security is only possible if there is an SSL certificate on the origin web site server as well as on Cloudflare. Github pages has a SSL certificate on the server, since they provide HTTPS for non-custom domains. I selected the Crypto tab in Cloudflare to choose the SSL security level I wanted and changed the security level to Full./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content h3Step 4. Confirm that HTTPS is Working Correctly/h3 pWhat I had accomplished at this point was to make it possible to access my site using HTTPS with the original HTTP addresses still working as before./p pNext, it was time to check that HTTPS was working correctly. I visited the production site, and manually changed the address in my browser from HTTP://www.example.com to HTTPS://www.example.com. I checked the following things:/p ulliI confirmed there was a green lock displayed by the browser./li liI clicked the green lock to view the security certificate details (see my a href=https://www.lullabot.com/articles/https-everywhere-security-is-not-just-for-banksprevious article/a for a screenshot of what the certificate looks like), and confirmed it was displaying a security certificate from Cloudflare, and that it included my site#x2019;s name in its list of domains./li liI checked the JavaScript console to be sure no a href=https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_contentmixed content errors/a were showing up. Mixed content occurs when you are still linking to HTTP resources on an HTTPS page, since that invalidates your security. I#x2019;ll discuss in more detail how to review a site for mixed content and other validation errors in the next article in this series./li /ul h3Step 5. Set up Automatic Redirection to HTTPS/h3 pOnce I was sure the HTTPS version of my site was working correctly, I could set up Cloudflare to handle automatic redirection to HTTPS, so my end users would automatically go to HTTPS instead of HTTP./p pCloudflare controls this with something it calls #x201C;Page Rules,#x201D; which are basically the kinds of logic you might ordinarily add to an .htaccess file. I selected the #x201C;Page Rules#x201D; tab and created a page rule that any HTTP address for this domain should always be switched to HTTPS./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content pSince I also want to standardize on www.example.com instead of example.com, I added another page rule to redirect traffic from HTTPS://example.com to HTTPS://www.example.com using a 301 redirect./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content pFinally, I tested the site again to be sure that any attempt to access HTTP redirected to HTTPS, and that attempts to access the bare domain redirected to the www sub-domain./p h2A Drupal Site Hosted on Pantheon/h2 pI also have several Drupal sites that are hosted on Pantheon and wanted to switch them to HTTPS, as well. Pantheon has a href=https://pantheon.io/docs/enable-https/instructions for installing individual SSL certificates/a for Professional accounts and above, but they also suggest an option of a href=https://pantheon.io/docs/guides/cloudflare-enable-https/using the free Cloudflare account for any Pantheon account/a, including Personal accounts. Since most of my Pantheon accounts are small Personal accounts, I decided to set them up on Cloudflare as well./p pThe setup on Cloudflare for my Pantheon sites was basically the same as the setup for my Github Pages site. The only real difference was that the Pantheon documentation noted that I could make changes to settings.php that would do the same things that were addressed by Cloudflare#x2019;s page rules. Changes made in the Drupal settings.php file would work not just for traffic that hits Cloudflare, but also for traffic that happens to hit the origin server directly. Pantheon#x2019;s documentation notes that you don#x2019;t need to provide both Cloudflare page rules and Drupal settings.php configuration for redirects. You probably want to settle on one or the other to reduce future confusion. However, either, or both, will work./p pThese settings.php changes might also be adapted for Drupal sites not hosted on Pantheon, so I am copying them below./p div class=codepre code// From https://pantheon.io/docs/guides/cloudflare-enable-https/#drupal // Set the $base_url parameter to HTTPS: if (defined(apos;PANTHEON_ENVIRONMENTapos;)) { if (PANTHEON_ENVIRONMENT == apos;liveapos;) { $domain = apos;www.example.comapos;; } else { // Fallback value for development environments. $domain = $_SERVER[apos;HTTP_HOSTapos;]; } # This global variable determines the base for all URLs in Drupal. $base_url = apos;https://apos;. $domain; } // From https://pantheon.io/docs/redirects/#require-https-and-standardize-domain //Redirect all traffic to HTTPS and WWW on live site: if (isset($_SERVER[apos;PANTHEON_ENVIRONMENTapos;]) amp;amp; ($_SERVER[apos;PANTHEON_ENVIRONMENTapos;] === apos;liveapos;) amp;amp; (php_sapi_name() != quot;cliquot;)) { if ($_SERVER[apos;HTTP_HOSTapos;] != apos;www.example.comapos; || !isset($_SERVER[apos;HTTP_X_SSLapos;]) || $_SERVER[apos;HTTP_X_SSLapos;] != apos;ONapos; ) { header(apos;HTTP/1.0 301 Moved Permanentlyapos;); header(apos;Location: https://www.example.comapos;. $_SERVER[apos;REQUEST_URIapos;]); exit(); } } /code/pre/div pThere was one final change I needed to make to my Pantheon sites that may or may not be necessary for other situations. My existing sites were configured with A records for the bare domain. That configuration uses Pantheon#x2019;s internal system for redirecting traffic from the bare domain to the www domain. But that redirection won#x2019;t work under SSL. Ordinarily you can#x2019;t use a CNAME record for the bare domain, but Cloudflare uses a href=https://support.cloudflare.com/hc/en-us/articles/200169056-CNAME-Flattening-RFC-compliant-support-for-CNAME-at-the-rootCNAME flattening/a to support a CNAME record for the bare domain. So once I switched DNS management to Cloudflare#x2019;s DNS service, I went to the DNS tab, deleted the original A record for the bare domain and replaced it with a CNAME record, then confirmed that the HTTPS bare domain properly redirected to the HTTPS www sub-domain./p /divdiv class=rich-text__embedundefined/divdiv class=rich-text__content h2Next, A Deep Dive/h2 pNow that I have basic SSL working on a few sites, it#x2019;s time to dig in and try to get a better understanding about HTTPS/SSL terminology and options and see what else I can do to secure my web sites. I#x2019;ll address that in my next article, HTTPS Everywhere: Deep Dive Into Making the Switch./p /div/div

Third Grove: Mint.com Drupal Case Study

Tue, 01/03/2017 - 18:15
span property=schema:name class=field-name--titleMint.com Drupal Case Study/span span class=field-name--uid rel=schema:authorspan lang= about=https://www.thirdandgrove.com/user/3 typeof=schema:Person property=schema:name datatype= xml:lang=antonella/span/span span property=schema:dateCreated content=2017-01-03T16:15:35+00:00 class=field-name--createdTue, 01/03/2017 - 11:15/span

Valuebound: 6 things to read if you are a Drupal Developer

Tue, 01/03/2017 - 09:27
p dir=ltrHappy new year!/p p dir=ltrspan2016 has been quite an year with all the hustle bustle around, lots of changes on its way to the next year. We recently a href=https://www.linkedin.com/hp/update/urn%3Ali%3Aactivity%3A6218060579572154368?pathWildcard=urn%3Ali%3Aactivity%3A6218060579572154368amp;actorCompanyId=317878amp;trk=cp-notifications-click-on-likecelebrated Christmas/a with Joy and welcome 2017 whole heartedly. /span/p p dir=ltrspanWe did a lot of articles, hands on trainings session and hope to bring more things to learn. We wrote about /spana href=http://valuebound.com/resources/blog/how-publishing-industry-dealing-cloud-technologyspanCloud/span/aspan, /span…/p

CU Boulder - Webcentral: Top 10 Contributing Higher Ed Organizations - January 2017

Tue, 01/03/2017 - 02:15
div class=field field-name-body field-type-text-with-summary field-label-hiddendiv class=field-itemsdiv class=field-item evenpWhen the a href=https://www.drupal.org/drupalorg/blog/top-10-contributing-customersDrupal Association launched their new list of organizations on Drupal.org in March of 2016/a, The University of Waterloo was in the #6 spot. Being so high on the list was an impressive feat since they were ranked above a number of large Drupal-centric consulting companies with far more developers. Since March, more organizations have made it a priority to create an organization node, add organization references to users, and structure their commit messages to get the commit credits the organization deserve./p pIt would be difficult for a higher education organization to break into the top 10 again, but we can still have some friendly competition relative to each other while contributing back to the Drupal community. The University of Waterloo has dropped to #74 overall, but they are still the top higher education organization contributing to Drupal.org based on how the Drupal Association is ranking organization contributions./p pstrongThe Current Top 10 Contributing Higher Ed Organizations/strong/p ollia href=http://drupal.org/node/2336933University of Waterloo/a/li lia href=http://drupal.org/node/2458049University of Colorado Boulder/a/li lia href=http://drupal.org/node/2808667The University of British Columbia/a/li lia href=http://drupal.org/node/2687429Indian Institute of Technology (IIT) Bombay/a/li lia href=http://drupal.org/node/2513684University of Adelaide/a/li lia href=http://drupal.org/node/2568527The University of Arizona/a/li lia href=http://drupal.org/node/2783709Iowa State University/a/li lia href=http://drupal.org/node/2799083La Trobe University/a/li lia href=http://drupal.org/node/2321741Pennsylvania State University/a/li lia href=http://drupal.org/node/2311383Babson College/a/li /olpSince higher ed organizations love to be at the top of lists, I’m going to parse a href=https://www.drupal.org/organizationshttps://www.drupal.org/organizations/a on the first of every month and post the resulting ranking in 2017.  I'm doing this for a few reasons.  One is to justify the time we spend at the University of Colorado contributing back on Drupal.org.  I believe that contributing back should increases an organization's profile within the Drupal community.  This should make it easier to get issue resolved and to a href=//www.colorado.edu/webcentral/jobsfind qualified applicants when we have an opening/a, but this is hard to quantify.  /p pAnother reason is to encourage more contributions from higher education.  I'm hoping that developers seeing this list every month motivates them to be more active on Drupal.org in 2017, but I'm also hoping that managers see this list, ask their teams why they aren't on the list and make contributing back a priority./p pI know higher ed organizations also love to criticize ranked lists that don't include them. Before you jump on Twitter to complain or cry foul, let me try to preempt some likely complaints and explanations about why an organization isn't on this list or why we shouldn't care about this list./p pstrongThis Methodology is Flawed/strong/p pIf you believe your organization should be on the list because of contributions you've made to documentation, training, camp organization or in some other way that the current algorithm doesn’t capture, everyone involved in maintaining the list on Drupal.org already acknowledges this issue. Now that the a href=https://www.drupal.org/project/user_guidenew Drupal User Guide project/a is managed with commits, some documentation contributions will be calculated into an organization's rank. Still, this list is largely influenced by only one type of contribution; commits of code by developers. There have been no shortage of issues, blogs, and tweets criticizing the approach used to sort the list since the Drupal Association started it, but there have been very few concrete suggestions for how to calculate anything other than commits. /p pAll we are doing to generate the higher ed specific version of the contributing organizations list is scraping a href=https://www.drupal.org/organizationshttps://www.drupal.org/organizations/a, noting the placement of organizations we believe qualify as higher ed using a list of node ids we’ve compiled over time and ordering those results. /p pstrongWe Use GitHub/BitBucket/Something Other than Drupal.org/strong/p pSo does the University of Colorado Boulder... and we're #2.  While most of our Drupal related commits are done in GitHub without the commit message structure that would give us any credit for this work, we do have a handful of modules we've developed over the years that were general purpose enough to share on Drupal.org. Maintaining these on Drupal.org does add some overhead, but in several cases, we've received patches from the community for improvements we would have never had the time to make ourselves. Most recently, College of Western Idaho contributed to a href=https://www.drupal.org/project/rave_alertsRAVE Alerts/a and a href=https://www.drupal.org/addweb-solution-pvt-ltdAddWeb Solution/a has contributed to a href=https://www.drupal.org/project/user_external_inviteUser External Invite/a. /p pWe've also made opening issues on Drupal.org and posting patches part of our process at the University of Colorado Boulder. If we find a bug in a contrib project, we don't fork the local copy of the contrib project into our GitHub repo. That is obviously faster and easier in the short term, but we force ourselves to do it the right way with a href=https://bitbucket.org/davereid/drush-patchfileDrush Patch File/a. We open an issue on Drupal.org first, post the fix as a patch, then integrate the patches into our codebase using with Drush Patch File. The goal is to get the patch rolled into the next stable release of the contrib project and removed from our empatches.make /emin the next release. We don't always achieve this goal for a variety of reasons, but this forces us to fix issues with contrib projects on Drupal.org and increases the credit we get for doing the same amount of development we would have done otherwise./p pstrongWe Are Now Ranked Higher Than X on Drupal.org/strong/p pI'm not sure how often the list of Drupal.org is updated, but we are only checking the list on the 1st of each month.  The rankings will change during the month, but I'm confident organizations prioritizing contributing back on Drupal.org with properly configured organization nodes and commit credits will always be at the top of this list./p pstrongThis Will Just Encourage Gaming the List/strong/p pMaybe. But even if a higher education organization was gaming commits to make the top 10, they’d need an organization node, users, and projects on Drupal.org to be making commits with properly formatted messages. For many higher ed organizations, that would be more than they’ve ever done on Drupal.org to date. So let the games begin!  /p pstrongMy Organization Doesn’t Allow Me to Contribute to GPL Projects/strong/p pIMLTHO that has never really been a valid argument, but it is really troubling that any organization would be using Drupal while enforcing a policy like this in 2016. I’ve heard this excuse a few times over the years. On the occasions I’ve had time to attempt to track down what would motivate an organization to maintain a no-GPL policy while using GPL, it has always turned out that it wasn’t an actual policy but rather just an excuse. If you do work at a higher ed organization with a policy like this, please contact me. If there is actually a need, I'm willing to put time into a package of resources university staff can use to justify contributing back to Drupal./p pstrongMy Organization Has a Drupal.org Node, But It Isn't Showing Up/strong/p pSorry. It's possible we've missed you. While Drupal.org offers categories for the markets a service provider serves, it does not currently support categorizing organizations themselves. a href=http://edudu.org/organizationsCurrent list of higher ed node ids is maintained on the new EDUDU site/a. This list was compiled by searching the a href=https://www.drupal.org/organizationslist of organizations maintained on Drupal.org/a for nodes with the terms university or college in the title.  We've also added organizations we knew were using Drupal based on code they've shared or their participation in camps or cons.  Several high profile organizations are missing including Harvard, UC Berkeley, Brown, Dartmouth, etc.  If you know of a organization node related to higher ed we are currently not tracking, please use the a href=http://edudu.org/contact/organization_feedbackform on EDUDU/a to let us know and we'll be happy to add your organization node to the list we are tracking./p pstrongMy Organization Does Not Have a Drupal.org Node/strong/p pWhile still focussed on the Marketplace, this a href=https://www.drupal.org/drupalorg/blog/a-guide-to-issue-credits-and-the-drupal.org-marketplacedocumentation about organization nodes and giving an organization credit in commits is very helpful/a. Any confirmed user can create an organization page on Drupal.org.  Please don't get caught up in who should create the organization node.  Node ownership can be transfered, but until the organization exists, users can't relate themselves to it, project maintainers can't relate the project to organization and developers can't start crediting the organization in their commit messages.  It takes some time and effort to get credit for all activity on Drupal.org from members of an organization, but breaking into the top is actually pretty easy.  Babson College only has 3 people on Drupal.org with a total of 2 commit credits in the last 90 days.  /p pWhile the staff at the University of Colorado Boulder has made it our goal to contribute more than Waterloo in January and take the #1 spot by February, we welcome the compition from schools who are active on Drupal.org that aren't currently being tracked.  /p pIf every higher ed organization using Drupal makes contributing back to Drupal on Drupal.org a priority, 2017 will be an even better year for Drupal!/p p /p /div/div/div Developer Blog

OSTraining: When is Drupal 7 End-of-Life?

Mon, 01/02/2017 - 23:50
pimg src=https://www.ostraining.com/images/drupal/Drupal-release-cycle.jpg alt=Drupal release cycle width=200 height=200 style=float: right; //p pSo Drupal 8 is here and that has a significant impact on Drupal 7 users. Drupal 7 is no longer the latest and greatest version./p pOne question we often get now is this:/p blockquoteWhen will Drupal 7 reach end-of-life and no longer be supported?/blockquote pThe simple answer is, We don't know./p pThe longer answer is, We can have a good guess. That's what this blog post is about. We hope to give you more details so you can plan for the future of your Drupal 7 site./p

Palantir: Saving Money With Open Source

Mon, 01/02/2017 - 20:44
spanSaving Money With Open Source/span spanspan lang= about=https://www.palantir.net/people/alex-brandt typeof=schema:Person property=schema:name datatype= xml:lang=brandt/span/span spanMon, 01/02/2017 - 12:44/span Ken Rickard time datetime=2017-01-02T12:00:00ZJan 2, 2017/timeimg src=https://www.palantir.net/files/styles/hero/public/hero/2017-01/OpenSource-01.png?itok=AC5O48E3 width=1300 height=731 alt= / typeof=foaf:Image /div class=lede pOpen source software like Drupal helps remove common business constraints./p /div In this post we will cover... ulliwhat the fundamental tenets of open source software are/li lihow open source software can have a direct impact on total cost of your project/li lisome items to consider when planning your budget/li /ulsection class=ctah3 class=cta__title /h3pWe want to make your project a success./p span class=cta__link a href=https://www.palantir.net/contactLet's Chat./a /span /sectionpSoftware decisions are a critical part of business strategy. Software powers everything from marketing websites (content management systems — CMS) to student and customer records. It stores employee records, provides communications infrastructure, and creates and distributes marketing campaigns (marketing automation, customer relationship management — CRM)./p pWhen we discuss software purchasing and usage with our partners, we need to take into account the different contexts and uses of that software. The question of context is central to how we think about software decisions. What are your constraints? Are you constrained by budgets? Security policies? License agreements?/p pOne of the main reasons that we work with open source software like Drupal is that it helps remove business constraints. The fundamental tenets of open source software are:/p ulliIncluded source code and the ability to modify that code /li liThe right to freely redistribute the software and any modifications/li liBans on discriminating who may use the software, and for what purpose/li liNon-restrictive licensing, so the software is neither tied to a specific product nor restricts the development or functioning of other software./li /ulpThese freedoms have a direct effect on the cost of acquisition and maintenance for your software project. Need to connect disparate systems together? An open source license makes that easier, since it removes any restrictions on how you might integrate those systems. For marketing applications, the use of open source software platforms such as Drupal and WordPress ensures your content management system can be extended and adapted to meet your needs./p pOpen source software frequently runs on community contributions such as money, time, or expertise. You need to factor this aspect of open source into your software decisions. Do you have the resources to devote to supporting the software? If not, is your goal to encourage adding the needed resources within your organization? For example, a 1,000-person organization may need to dedicate three full-time employees to supporting an open source application./p pThe pros and cons of a commitment to maintaining open source systems must be measured as a question of total return. In the example just given, having three developers devoted to the project may be less expensive than purchasing an application that could be licensed to all users. It may also be cheaper than building and maintaining the software in-house. The skills and training that the three people develop, and putting them in an active, committed role of improving the software, may produce a better return on investment than having them install and maintain proprietary software./p pWhen planning your budgets, look for these items, and consider where you get the best value for investing your time and money:/p pstrongLicensing./strong Proprietary software solutions charge license fees. I’ve worked on projects where we replaced proprietary software that had a 7-figure license fee. These used to be one-time fees but now tend to be annual subscription costs (such as you might pay on a smaller scale for Adobe Creative Suite). In extreme cases, the license fee can be emper user/em (also called emper seat licensing/em). In such cases, moving from a team of 3 to a team of 5 can have exponential cost increases./p pstrongSupport./strong Before I joined Palantir, I worked at a company that made and sold software. We included a fee of 20% of the purchase price per year as a support fee, which is still fairly standard for enterprise software. The fee was collected regardless of the level of support actually provided. Without it, security and other critical updates wouldn’t be provided./p pstrongHosting. /strongMany software applications have moved into the cloud. While this lessens the cost of hosting applications internally, it can increase the chance of vendor lock-in, as the entire application is outside of your direct control. With both Drupal and WordPress, there are good, effective hosting options that lower your total cost of ownership without locking you in to a specific software or service provider. (Full disclosure, we partner with both Acquia and Pantheon, who provide such services.)/p pstrongHidden costs./strong When we talk about lock-in, we refer to a business model that forces the customer to become dependent on the original service provider. (Lock-in, put simply, is why cable and telecom companies have such horrible customer service ratings.) A software system that doesn’t give you access to the source code — or, even worse, access to your data — is trying to lock you in long-term. That software is restricting the freedom to run your business they way you want to./p pIt’s that final cost that makes the open source software movement so attractive to many IT professionals. We work with software all day, and we don’t want to be restricted in how we can use it. So we resolve to work together to provide tools that are freely given to all./p pIn the end, consider the logic behind your decisions. Return on investment and staff commitment are metrics that matter internally. For instance, does your support of LibreOffice, an open source alternative to Microsoft Office, make it possible for your organization to save money? Quite possibly./p pBut are there larger issues at play? Advantages can also accrue outside your organization. We began by making the case for the free exchange of information that should apply to both medicine and software design. So when you ask the question “What could we do?”, consider expanding the scope to include “What could we do that would help us and others?” That small change in thinking could have profound effects on the way you evaluate your ultimate return on investment./p aside class=ctah3 class=cta__title /h3pStay connected with the latest news on web strategy, design, and development./p span class=cta__link a href=http://palantir.net/newsletterSign up for our newsletter./a /span /asideul class=list--simpleli class=taga href=https://www.palantir.net/topics/community hreflang=enCommunity/a/li li class=taga href=https://www.palantir.net/topics/drupal hreflang=enDrupal/a/li li class=taga href=https://www.palantir.net/topics/open-source hreflang=enOpen Source/a/li /ul

Palantir: Palantir.net's Guide to Digital Governance: Broadcast Email

Mon, 01/02/2017 - 17:10
spanPalantir.net's Guide to Digital Governance: Broadcast Email/span a href=https://www.palantir.net/blog-series/palantirnets-guide-digital-governance hreflang=enPalantir.net's Guide to Digital Governance/a spanspan lang= about=https://www.palantir.net/people/alex-brandt typeof=schema:Person property=schema:name datatype= xml:lang=brandt/span/span spanMon, 01/02/2017 - 09:10/span Scott DiPerna time datetime=2017-01-02T12:00:00ZJan 2, 2017/timeimg src=https://www.palantir.net/files/styles/hero/public/hero/2017-01/governance-4.jpg?itok=Rk79p20o width=1300 height=731 alt=Illustrated collage of website icons typeof=foaf:Image /div class=lede pThis is the fourteenth installment of Palantir.net’s Guide to Digital Governance, a comprehensive guide intended to help get you started when developing a governance plan for your institution’s digital communications./p /div In this post we will cover... ulliWhat qualifies as spam/li liQuestions to consider when defining your email communication policies/li liConstituent preferences you should also take into account/li /ulsection class=ctah3 class=cta__title /h3pWe want to make your project a success./p span class=cta__link a href=https://www.palantir.net/contactLet's Chat./a /span /sectionpBroadcast email (i.e. email marketing campaigns, email newsletters, etc.) is loosely defined as email sent and addressed to a group of people rather than a specific person or persons, typically using an email list, contact list, or database of email addresses. It is frequently used for the purposes of email marketing, though it essentially refers to broadcasting a communication to a group of recipients via email to convey information./p pWhen communicating with an external audience, broadcast email typically is sent through an email marketing service (such as MailChimp, Constant Contact, Campaign Monitor, etc.) or through the email platform of a larger enterprise system that may include a CRM and other marketing functions (such as Blackbaud, Salsa, Convio, etc.). Your organization may also have internal mass-email distribution systems in place for broadcast email to internal audiences. For the purposes of this article, we will be speaking mostly about email to external audiences./p h3Spam/h3 pAn important issue to address in any broadcast email guidelines is the sending of spam email. Spam email is generally understood to be any email message that is unsolicited and sent in bulk, though whether it is sent in bulk or to an individual is significantly less important than whether the recipients have approved of receiving such emails. This applies to email sent to an address that was not given to the sender explicitly for the purpose of receiving mass email messages from the sender./p pCommon activities which may qualify as spam:/p ullisending a mass email to a list purchased from a company/li lisending a mass email to a list borrowed from another organization/li lisending a mass email to a list compiled by scouring websites for email addresses/li lisending a mass email to a list of recipients to which you have not been given permission to email/li lisending a mass email to a list compiled from a database without permission from the database administrator(s)/li /ulh3Policies/h3 pIt is critically important to have policies governing broadcast email communication, as it will certainly impact your efficacy in communicating with many of your most important constituencies. Here are many other questions and issues to consider while crafting your governance plan:/p ulliWhat broadcast email platforms are available?/li liWho has access?/li liMay individuals use their own email accounts (i.e. their personal email account provided by your organization) for broadcast email?/li liAre there multiple lists of broadcast email recipients such as various subscriber lists, audiences, or groups?/li liWho is responsible for maintaining each of these lists?/li liAre permissions and approvals required for sending email to broadcast email lists?/li liAre there any regularly scheduled broadcast emails (such as newsletters)?/li liMay an individual add information to regularly scheduled broadcast emails?/li liMay broadcast email recipients unsubscribe from the list(s)?/li liDo you have an official unsubscribe policy?/li liMay members of your organization create and maintain their own custom broadcast email lists?/li liWhat are the guidelines for custom lists?/li liDo you have a policy regarding the sending of spam email?/li liHow does your organization define spam email?/li /ulh3Balancing Internal Needs vs Constituents Needs/h3 pThe end goal of a good broadcast email governance plan is to balance the organization’s need to distribute information with the needs and preferences of your various constituencies. It is certainly a fine balance to strike./p pSome good practices include learning more about your constituents preferences and providing them with options for configuring their communication preferences. For example:/p ulliHow often do they like to receive emails from you?/li liDo they prefer occasional summary-type communications over daily alerts, or vice-versa, or both?/li liWhat topics do they like to hear from you about?/li liDo they want to read all of the content in the email itself, or be provided with links to full articles on the website?/li liWould they like to be able to change their preferences as their relationship with your organization evolves?/li /ulpThe more you know your audience, the better you can accommodate their needs and minimize the risk that your communications will be perceived as irrelevant, or worse, as spam./p p /p blockquote pThis post is part of a larger series of posts, which make up a Guide to Digital Governance Planning. The sections follow a specific order intended to help you start at a high-level of thinking and then focus on greater and greater levels of detail. The sections of the guide are as follows:/p /blockquote ollia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-introduction-and-starting-10000ft-viewStarting at the 10,000ft View/a – Define the digital ecosystem your governance planning will encompass./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-properties-and-platformsProperties and Platforms/a – Define all the sites, applications and tools that live in your digital ecosystem./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-ownershipOwnership/a – Consider who ultimately owns and is responsible for each site, application and tool./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-intended-useIntended Use/a – Establish the fundamental purpose for the use of each site, application and tool./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-roles-and-permissionsRoles and Permissions/a – Define who should be able to do what in each system./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-contentContent/a – Understand how ownership and permissions should apply to content./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-organizationOrganization/a – Establish how the content in your digital properties should be organized and structured./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-url-naming-conventionsURL Naming Conventions/a – Define how URL patterns should be structured in your websites./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-designDesign/a – Determine who owns and is responsible for the many aspects design plays in digital communications and properties./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-personal-websitesPersonal Websites/a – Consider the relationship your organization should have with personal websites of members of your organization./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-private-websites-intranets-and-portalsPrivate Websites, Intranets and Portals/a – Determine the policies that should govern site which are not available to the public./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-web-based-applicationsWeb-Based Applications/a – Consider use and ownership of web-based tools and applications./li lia href=https://www.palantir.net/blog/palantirnets-guide-digital-governance-ecommerceE-Commerce/a – Determine the role of e-commerce in your website./li liBroadcast Email – Establish guidelines for the use of broadcast email to constituents and customers./li liSocial Media – Set standards for the establishment and use of social media tools within the organization./li liDigital Communications Governance – Keep the guidelines you create updated and relevant./li /olaside class=ctah3 class=cta__title /h3pStay connected with the latest news on web strategy, design, and development./p span class=cta__link a href=http://palantir.net/newsletterSign up for our newsletter./a /span /asideul class=list--simpleli class=taga href=https://www.palantir.net/topics/strategy hreflang=enStrategy/a/li /ul

Drupal core announcements: Drupal 8 core release window on Wednesday, January 04, 2017

Mon, 01/02/2017 - 01:09
div class=field field-type-datestamp field-field-start7 div class=field-items div class=field-item odd div class=field-label-inline-first Start:nbsp;/div span class=date-display-start2017-01-03 12:00/spanspan class=date-display-separator - /spanspan class=date-display-end2017-01-05 12:00 UTC/span /div /div /div div class=field field-type-userreference field-field-organizers div class=field-labelOrganizers:nbsp;/div div class=field-items div class=field-item odd a href=/user/24722 title=View user profile.xjm/a /div div class=field-item even a href=/user/4521 title=View user profile.catch/a /div div class=field-item odd a href=/user/1639494 title=View user profile.cilefen/a /div /div /div div class=field field-type-text field-field-event-type div class=field-labelEvent type:nbsp;/div div class=field-items div class=field-item odd Online meeting (eg. IRC meeting) /div /div /div pThe monthly core patch (bug fix) release window is this Wednesday, January 04. Drupal 8.2.5 will be released with dozens of fixes for Drupal 8. There will be no Drupal 7 bugfix release this month./p pTo ensure a reliable release window for the patch release, there will be a Drupal 8.2.x commit freeze from 12:00 UTC Tuesday to 12:00 UTC Thursday. Now is a good time to update your development/staging servers to the latest 8.2.x-dev code and help us catch any regressions in advance. If you do find any regressions, please report them in the a href=http://drupal.org/project/issues/drupal?version=8.xissue queue/a. Thanks!/p pTo see all of the latest changes that will be included in the release, see the a href=http://cgit.drupalcode.org/drupal/log/8.2.x commit log/a./p pOther upcoming core release windows after this week include:/p ulliWednesday, January 18 (security release window)/li liWednesday, February 01 (patch release window)/li liWednesday, April 5 (scheduled minor release)/li /ulpa href=https://www.drupal.org/drupal-6-eolDrupal 6 is end-of-life/a and will not receive further releases./p pFor more information on Drupal core release windows, see the documentation on a href=http://drupal.org/documentation/version-info#whenrelease timing/a and a href=http://drupal.org/node/1173280security releases/a, as well as the a href=https://www.drupal.org/core/release-cycle-overviewDrupal core release cycle overview/a./p