Security

Faster, more secure, more maintainable. Three nice benefits we get from our new standard Drupal server architecture.

We hear it all the time:

Why do you recommend a 6 hour budget for a simple integration? Here's an embed widget right here -- if this were WordPress I could do it myself!

Well, in Drupal you can do it yourself, exactly the same way you might in WordPress. Add a block, use an input format that doesn't strip out Javascript, paste in your code, put the block where you want it on your page, and away you go.

We recently had a new client contact us and ask if we could move their sites over to Pantheon so they could do some in-house development work. Of course we can do that for you!

The short answer: Not Vulnerable.

We've been asked by several customers about whether they or we are affected by the recently discovered Bash ShellShock vulnerability. And to the best of our knowledge, we are completely unaffected.

Everybody is writing about Heartbleed this week. The reason? It probably affects more people than any other vulnerability we've ever seen. If you ever log into any web site, anywhere, your password might be revealed -- and that is just the start. The biggest problem?

It goes something like this:

(Client): I want to add a shopping cart to my site. I heard that xyz cart is free, can you add that for me?

(Developer): Sure! That looks easy.

If there's one thing that's constant in the web world, it's change.

Yesterday Drupal.org got hacked, and potentially all the password hashes on the site fell into malicious hands.

Why do websites get hacked? Websites get hacked for a bunch of different reasons:

At Freelock, we're huge fans of Drupal. But we keep running into customers (or potential customers) who are terrified of it. So here's our take on why.