DEV Community

Cover image for Drupal is a pretty big deal šŸŽ™

Drupal is a pretty big deal šŸŽ™

Jerod Santo on November 01, 2018

Did you know Drupal has racked up over 40,000 contributors since it was first created in 2001?! Neither did we, until the super awesome Angie Byron...
 
lkopacz profile image
Lindsey Kopacz

It's probably helpful context to know that I've worked with Drupal the past 6 years. I've seen the good, the bad and the ugly. I think PHP, in general, gets a lot of bad reps because of how awful it was at once point. I'm also a front-end dev, so I hardly do PHP since now that Drupal is mostly object-oriented, I don't need to write it for basic things like templating.

But like you said "over the past decade".... the troublesome part is technology that lasts as long as PHP has will have some reallllly dark times haha. I'm really happy to see how Drupal has evolved, and the security team works SUPER hard to find bugs and release patches. The edge WordPress has is they automatically update for people (I think, I don't do WP). Drupal doesn't do that yet, and so if you don't patch something immediately because of lack of budget, your org could be screwed.

BTW I am not saying you're wrong here, and I wanted to clarify that because the internet can misconstrue things easily. Just discussing.

I really like the Drupal Community. If I were to ever leave, that is where I would miss it the most. I also work with really intelligent people, many of whom are on the security team, and they do great work.

Collapse
 
lkopacz profile image
Lindsey Kopacz

As for any technology, security is highly dependent on how it's implemented.

Collapse
 
comunica2sc profile image
Comunica2 s. coop.

I have a number of Drupal sites upgrade automatically with a cron script (using composer & drush). In discussion with some Drupal administrators they seem
to prioritize stability over security. They to forget that a compromised system is very unstable.

 
lkopacz profile image
Lindsey Kopacz

Drupal is way more secure than it used to be. The problem with Drupal IMO is the learning curve, people not updating their sites when security releases come out, etc.

Collapse
 
whoisryosuke profile image
Ryosuke

I came to make the similar comment, but then I remembered how Wordpress' security history is swiss cheese. Maybe not as colossal in comparison to Drupal, but definitely not bulletproof šŸ¤”

In the last year or so we had a SaaS company in the cannabis industry get hacked have a huge data leak šŸ”„ and downtime šŸ“‰ because they were using an immensely outdated version of Drupal.

It could have been an old version of Wordpress too, but I feel like WP encourages upgrading more (even pushing more stable PHP versions with newer releases).

Collapse
 
moopet profile image
Ben Sinclair

I've used Drupal 7 for the last five or six years and would never recommend anyone use it for anything whatsoever.

I've used Drupal 8 in passing and it's basically a relatively modern PHP framework that is encumbered by some of the ideas from the earlier versions of Drupal. I'm not an expert but I wouldn't recommend anyone use it when there are better solutions out there that cover the same ground.

The community is quite nice though, and there are some especially helpful people on freenode/#drupal_support.

 
lkopacz profile image
Lindsey Kopacz

lol, don't get me started on Gutenberg....I have so many accessibility rants regarding that.