Code Trials

If you want to automate the maintenance of your Drupal sites the best tool is drush. It allows you to maintain modules, run sql queries, clear caches, show logs, run cron, and perform unit tests. Nothing more to say, but I only recently found this tool and if you love the command-line like I do this works like a charm.

Drupal has over 4,000 add-on modules available and it is easy to get lost in choosing which to download.

One of the first things you look for when you build a new website like Code Trials is a cool looking image or gallery module. The best and most flexible I have found is the Brilliant Gallery. You can see an example here. Not only does this module look sharp, it is very flexible and the creator of the module: Tomáš J. Fülöpp is continuing to develop the module with wonderful new features.

I tried a number of different modules before finding this one and now this is the only one I use. Thanks Tomáš for the module!

I used to use zip for backups on our servers. I liked zip because it was fast and easy to use and worked easily on PCs too. Everything was great for a few years until our backups started hitting 2GB then zip did not perform so well. I tried various versions available on Linux and in the end decided it was nightmare trying to read the files. Since then I have changed all my scripts to use compressed tar archives: tar.gz. There appear to be no limitations on the file size with tar.gz, except for the file system itself.

If you have a web server then every day you are under attack from various automated attacks on your ssh, ftp, and web ports. These are a few of the things I do to try and curb their enthusiasm:

• Turn off unsecured ftp and telnet - these have no business in the modern world.
• Change your ssh port from the standard 22.
• Use long (16 character) and different passwords. It is easy to think you have a great password and use it everywhere, but if it does get discovered you will regret using the same one everywhere. It is a pain maintaining a list of different passwords but it is a practice I follow these days.
• Make sure you are using the standard Linux firewall iptables and augment it with apf.
• Optionally, use a brute force detection system like bfd. I say optionally, because I find once you remove ftp and change your ssh port bfd is less useful.

If you follow these basic steps you'll cut out 90+% of the attacks. However, I have found that once you move your ssh port most of the action is on your http port 80 and this is where you need to focus. I have a simple script that looks for known patterns that show up in the web access logs. What are known patterns? Well it depends on your system and applications but things like phpMyAdmin are a great place to start. In fact phpMyAdmin, is a useful program but I restrict its use to just my IP address, it is too powerful to let other people even see it.

If you see a client trying to run a program they should not, such as phpMyAdmin, just block their IP address via apf or iptables. When it comes to server security I find it is best to act first and ask questions later. If there really is a reason why someone in China needs to access phpMyAdmin, then you can add an exception to your script. Another common pattern is /etc/passwd. If you just study your web logs for a few minutes each day you quickly see things that don't fit with your applications. My script runs every five minutes and removes 5-20 IP addresses per day.

Wow what a truly brilliant system Drupal is. Dries Buytaert, creator of Drupal, is a rock star for sure. I was able to knock this site out in a few hours thanks to Drupal. I have spent the last fifteen years building custom web development solutions and over the last twelve months I have seriously questioned why am I bothering when systems like Drupal are available.

Luckily there are reasons why Drupal does not work for us, primarily to do with mass customization and new application creation. However, if you are looking for a solution that covers all the basics and more, you'd be hard pressed to find a better system than Drupal. I question what I'm doing everytime I use a Drupal site.

Thanks Dries your masterful code is appreciated here in Austin, Texas!