Planet Drupal

The Best Drupal and Joomla Comparison of 2013

Sitting on my desktop the past few weeks has been an eBook from the Aluent Group, Drupal and Joomla!: A Comparison of Project Processes and Costs. I probably would have not read this eBook if it wasn't for an acquaintance of mine, Justin Kerr, letting me know that he was a co-author of the book. I'm lucky to have read the book because I think Justin Kerr as well as co-authors Robert Nowak and Jet Pixel have hit a home run in their review and comparison of Drupal and Joomla.

The Soft Sell of Open Source over Proprietary

I do not know when it exactly happened, but a number of years ago I decided to become a pacifist. I am a pacifist that is in the war of open source versus proprietary. In my opinion, the debate over licensing and software development processes is only mildly interesting as it is the quality of the end product that matters to me most. I walk the fine line of being an advocate for open source and a defender of proprietary software. Admittedly I've confused a lot of people that have chosen to take sides in this war.

Upcoming Drupal in the Clouds panel at CMS Expo

Although, I like to consider myself unbiased when I blog about content management systems, it is no secret that Drupal holds a special place in my heart. Drupal was one of the first CMSs I used that didn't "dead-end" me on a project I was required to support. Over the years, the Drupal community has treated me well, even during those times when I was very wrong in my judgment of Drupal. If Drupal was not a part of my world, I'm not sure I would even be blogging about content management systems. Drupal is the open source standard for which I judge other CMSs.

Book Club: Pro Drupal 7 Development

As I mentioned in a previous post, I'm currently playing catch-up in discussing all the good books sent my way this past year. Many of the books have been sent by the authors and publishers themselves for review and some of the books I've bought on my own dime. There should be no further evidence that I'm a procrastinator in posting book reviews than this particular review of Todd Tomlinson and John K. Vandyke's Pro Drupal 7 Development.

Review of Drupal's Building Blocks

A couple weeks ago my family spent some vacation time at Disney World in Orlando, Florida. If you have ever been to a Disney theme park then you know full well that it takes a lot of work in those parks just to have fun. Some of the most popular rides in these parks have waiting periods of up to two hours due to the long lines of people wanting to get on board. Luckily, my wife brought a Disney tourist guidebook that gave our family the helpful hints, recommendations, and information we needed to beat those long lines.  In the end, we ended up with a very enjoyable trip (so enjoyable that we got to ride Space Mountain twice!). That travel guide was a valuable asset to my family's vacation. 

Mastering Drupal is very similar to visiting a theme park as it takes some effort on your part to ensure you get rewarded for your effort. If Drupal is the amusement park then consider Drupal's modules as the park's attractions you're wanting to ride. With this line of thinking, I easily recommend that you let Earl and Lynette Miles' book, Drupal's Building Blocks, be your valuable tourist guide into the wonderful world of Drupal. I only review a few books each year and this is a book I gladly invested my time reading.

Drupal's Building Blocks is a tutorial, reference, and cookbook for some of Drupal's most valuable modules including CCK (Content Construction Kit), Views, and Panels. The primary purpose of this book is to give you the quickest route to mastering the modules as quickly as you can in order to help you create more powerful, flexible, usable, and manageable Web sites. The audience for this book isn't only for Web developers or designers, but also site administrators, content architects, and consultants. There is some code in this book, but what is there isn't the scary code you often find in a developer's library.

Although I've worked with Drupal for more than half a decade, I am still among the newbies who struggle with how best to use Drupal's contributed modules. I've built several sites using CCK and Views but I've always ran into hurdles that keep me from fully discovering what these modules can do for me and my sites. This book will provide you the information you need to realize the full potential of these modules. Anybody who has seen Drupal, CCK, Views, and Panels mature over the years can't help but read this book and enjoy not only the author's technical expertise but also the author's cultural and historical understanding for how the module came to be in Drupal. 

In the first chapter of the book, "Introducing CCK and Nodes", there is a section titled "Quest for the Grail: How CCK Was Born". This section alone reads like an adventure story that starts by talking about the challenges site administrators originally had with Drupal needing to acquire development skills just to control the form content would take in Drupal. The story continues with Drupal 4.4 and how a contributed module named Flexinode gave non-developers the ability to create new content types yet limitations remained. I was reminded that with Drupal 4.7 CCK became Flexinode's replacement and with each successive release of Drupal the module continues to improve. For someone like me who started with Drupal 4.6 and watched Drupal 5, 6, and now 7 evolve this book spoke to my inner geek. I simply found this book to be good bridge to the more technical aspects of CCK, Views and Panels.

Denial of Service on an Apache server

Last week was a very frustrating time for me. For whatever reason, an unusually number of botnets decided to zero in on my Drupal site and created what I call an unintentional  Denial of Service attack (DOS). The attack was actually from spambots looking looking for script vulnerabilities found mainly in older versions of e107 and WordPress. Since the target of these spambots were non-Drupal pages, my Drupal site responded by delivering an unusually large number of "page not found" and "access denied" error pages. Eventually, these requests from a multitude of IPs were too many for my server to handle and for all intents and purposes the botnet attack caused a distributed denial of service that prevented me and my users from accessing the site.

These type of attacks on Drupal sites and numerous other content management systems are nothing new. However, my search at Drupal.org as well as Google didn't really find a solution that completely addressed my problem. Trying to prevent a DDoS attack isn't easy to begin with and at first the answers alluded me.

I originally looked at Drupal for the solution to my problems. While I've used Mollom for months, Mollom is designed to fight off comment spam while the bots attacking my sight were looking for script vulnerabilities that didn't exist. So with Mollom being the wrong tool to fight off this kind of attack, I decided to take a look at the Drupal contributed model Bad Behavior. Bad Behavior is a set of PHP scripts which prevents spambots from accessing your site by analyzing their actual HTTP requests and comparing them to profiles from known spambots then blocks such access and logs their attempts. I actually installed an "unofficial" version of the Bad Behavior module which packages the Bad Behavior 2.1 scripts and utilizes services from Project Honey Pot.

As I had already suspected, looking for Drupal to solve this botnet attack wasn't the answer. Pretty much all Bad Behavior did for me was to take the time Drupal was spending delivering "page not found" error pages and use it to deliver "access denied" error pages. My Drupal site is likely safer with the Bad Behavior module installed, but it was the wrong tool to help me reduce the botnets from overtaxing Drupal running on my server. Ideally, you would like to prevent the attacks ever reaching your server by taking a look at such things as the firewall, router, and switches. However, since I didn't have access to the hardware, I decided it was time to look at my Apache configuration.

Alledia updates their Drupal and Joomla comparison

In the world of open source CMS there is no comparison more attention getting than an article comparing Drupal and Joomla!. Probably, the granddaddy Drupal vs Joomla! comparisons of them all was posted over three years ago by the Joomla SEO company, Alledia. I extended the discussion Alledia started with my own comparison between Drupal and Joomla. My article evidently struck a chord in late 2006 and currently is approaching near 200,000 reads.

Good comparisons between Drupal and Joomla! are popular because quality comparisons between the two applications are rare. It's very difficult to have passion for one CMS, be well informed on both CMS, and in the end be non-bias in your comparison. In the three years since I wrote my article, I've only come across three additional comparisons between Drupal and Joomla! that I thought worthy to bookmark.

I haven't updated my own article comparing Drupal and Joomla because I have developed a bias opinion over the years that I can't overcome. Both are good applications in their own right, but in the end I almost always recommend Drupal over Joomla!. That's why I'm glad to see Alledia update their own comparison between these popular CMS with "Joomla and Drupal - Which One is Right for You? Version 2".

Mollom: A solution for comment spam

Passwords, user accounts, email verification. I have never liked requiring my website's visitors to register before they can leave a comment. There is a large segment of people that like to submit quality comments online, but they don't want to be required to leave their personal information there. So from the beginning, I have always allowed anonymous commenting by unregistered visitors and for the most part, they quality of the comments haven't suffered. However, allowing for anonymous comments also invited my site into a war against comment spam.