drupalcon
Drupalcon Boston: Day 4
A Developer's Assistant: Using Coder for Module Developers and Maintainers
Session led by Doug Green from Civic Action, maintainer of the coder module.
The Coder module aids developers in adhering to Drupal's community coding standards as well as helping with security pitfalls and upgrading modules from one version of Drupal to the next. Specifically, Coder reviews:
Session led by Doug Green from Civic Action, maintainer of the coder module.
The Coder module aids developers in adhering to Drupal's community coding standards as well as helping with security pitfalls and upgrading modules from one version of Drupal to the next. Specifically, Coder reviews:
- style (lots)
- comments (lots)
- sql (some)
- upgrades (lots)
- security (some, but not a lot)
- performance (well - not so much)
Drupalcon Boston: Day 3
Drupal Security - Best Practices and Process Discussion
Greg Knaddison and James Walker, both on the Drupal security team, presided over this session.
They talked about the various attack vectors that hackers utilize:
Greg Knaddison and James Walker, both on the Drupal security team, presided over this session.
They talked about the various attack vectors that hackers utilize:
- authentication
- authorization
- client-side attacks (XSS and cross site request forgery [CSRF]
- information disclosure
They stressed the idea of being a secure user by using a strong password, avoiding unecrypted WiFi and FTP (opting for ssh/keys instead), and being really, really careful with UID 1. On the server side, using SSL for login pages (via the Secure Pages module) if desireable, if possible.
Submitted by michael on Wed, 03/05/2008 - 9:29pm
Filed under:
Filed under:
Drupalcon Boston: Day 2
Here's a brief rundown of the sessions I attended today.
FastCompany.com Case Study
This site recently re-launched in a massive way - the entire site (as well as a companion site) was re-written in Drupal with social networking at it's core. It launched with more than 500,000 nodes that were imported from a previous content management system.
One of their goals was that they wanted users to find each other from common ideas, not common resumes. Facilite new relationships - not existing ones.
During the design phase, about 200 professionally wireframes were created. Lullabot and Achieve Internet did a lot of the heavy lifting for the site's functionality while Tree House Interactive did the themeing.
FastCompany.com Case Study
This site recently re-launched in a massive way - the entire site (as well as a companion site) was re-written in Drupal with social networking at it's core. It launched with more than 500,000 nodes that were imported from a previous content management system.
One of their goals was that they wanted users to find each other from common ideas, not common resumes. Facilite new relationships - not existing ones.
During the design phase, about 200 professionally wireframes were created. Lullabot and Achieve Internet did a lot of the heavy lifting for the site's functionality while Tree House Interactive did the themeing.
Drupalcon Boston: Day 1
I'm in Boston for the 2008 edition of the Drupal lovefest (U.S. edition), and holy cow what a difference a year makes. I arrived just as Dries was taking the stage for his State of the Drupal keynote, and I was amazed at the size of the crowd. I knew that the conference had sold out (800 attendees), but I was shocked at the sheer visual spectacle of the size of the crowd compared to the 2007 Drupalcon in Sunnyvale, CA. Jusy about everything about Drupalcon Boston is big; the crowd, the venue, the session rooms. The only thing that isn't big: the food court at the convention center. Yikes.
Keynote
Keynote