Articles about CMS

Exploiting backup copies of settings

We have all done it at some point; a quick change in production to some settings in your CMS configuration, probably in a panic reacting to some ongoing issue, and made a temporary backup of wp-config.php or settings.php with a bak or similar extension. Tested the fix and then probably forgotten to remove the backup - no problem? Big problem! - Putting the issues of such bad practice aside for a moment (fixing production directly and 'reacting' in this way), in this post I want to explore in greater depth why this is a serious issue, how it leads to compromised web sites, who is exploiting such scenarios and how to defend against them.

Drupal Commerce site for Moscow bakery

We were commissioned to create a Drupal Commerce based web site for a top Moscow bakery.
The site is a custom themed multilingual site offering online ordering, delivery slot choice alongside recipes and other product information.
The Drupal Commerce framework is an ideal platform for the creation of an online shop and with a degree of customisation provides an excellent base for this multilingual online bakery.

Apache: Better blocking with common rules

This is a follow on post to the 'Using Apache to block Spammers' post.
It shows how to use Includes in your Apache configuration to re-use useful rules.

A web site to support the Reforestation of the Atlantic Forest

The Royal Botanical Gardens at Kew engaged us to convert an existing MS Access desktop database into a multilingual CMS based web site. The site is a responsive mobile and tablet friendly CMS based web site that enables the management of a database of tree data for conservation purposes. The data relate to trees native to the Atlantic Forests of Brazil that could be used for reforestation - The South Eastern Bahia Atlantic forest database.

Dickies Workwear - Online Catalogue responsive web site

The internationally renowned manufacture of hard wearing and fashionable workwear - Dickies - engaged us to create a web site for their workwear range.
The web site presents their range of workwear and links through to a network of online distributors and retail shops. The site is presented in 10 languages, is responsive and optimised for multilingual SEO.
The site also provides access to corporate information and enables the ordering of custom workwear, embroidery and access to the extensive image library of Dickies products.

Excluding common requests from your apache logs

Log files can get filled up with repeated calls to files such as favicon, robots.txt, images, css js etc
This can be a pain when you need to scan the logs for issues and they are full of unimportant requests.
This is especially so if you use Ultimate Cron in Drupal and run cron every minute - the logs get swamped with the cron calls.
Mostly you want to log the initial request for a page and not all of the resources subsequently requested.
Troubleshooting other issues may mean you would log files such as favicon, images etc - but generally they needlessly fill up your logs.

Apache rewrites to control access to PHP files

There are certain PHP files that you want access to but don't want to make public.
Common examples of these are:

  • PHPInfo.php
  • APC.php
  • memcache.php

You also don't really want to deploy these on all of your sites on a server nor have them in your git repositories for sites.

A neat way of dealing with this is to use rewriting in your web server config files (e.g. Apache, NGINX, IIS etc) to do the following:

Images not showing in IE8

I came across a weird situation today - that I am surprised I have not encountered (or remember encountering) before. Images that show up fine in all browsers apart from IE8 - which displays the broken image with a red cross. Came across this by chance when we were doing some cross browser testing - and of course it was a rare inconsistent issue that affects IE...

Move your body (from views to Display suite)

Lately I find myself more and more moving from views fields to using Display suite layouts. However one bit of functionality I love about views is its text trimming and striping.
What I like to do is create a display suite code field that lets you do this using the original views function. I also try and keep my code in a unit and call it from the display suite (so its not hiding in the DB).

Using Apache to block Spammers

Last month I wrote a post about blocking spammers from a Drupal (or any Linux / Apache) site by identifying the originating IP address from the watchdog table.

By way of an update I thought I'd share a way you can do this using the Apache configuration. Ideally this would be done in the vHosts/Httpd files if you manage your own server but works equally well within the .htaccess files that most people have access to on shared hosting.

How to let users create 'unpublished' content in Drupal 6

Basic Content authoring in Drupal

Each node in Drupal has an option to be 'Published' or 'Unpublished Published' under “Publishing Options” in the node edit screen. This enables content authors to be able to create content before publishing it on the live site. The field out of the "core" box can have the values of published and unpublished (this can be extended but that's a topic for another post).

Drupal Discovery Day - Brighton

Drupal (pronounced drew-pull) is a Content Management System and web application development software written in a popular scripting language - PHP. Drupal has over 11,000 modules and over 1,000 themes, along with both a point and click interface to allow tech-savvy people to put together websites with no programming experience; and an API and framework for programmers to develop unique applications. Best of all, it's free, open source software!

Importing Products Displays and related Products to Drupal Commerce

In this post I am going to look at Drupal Commerce and demonstrate how to prepare e-commerce product data for import into Drupal Commerce - and show how to create a delimited list of product references to link the products to their display nodes. These techniques supplement the wealth of great practical demos and documentation provided by the Commerce team.

Top Car Dealership adopts Drupal

Kambara has just launched a new website design for Burton Kia at

History of Parliament Online - Uses Drupal

We were engaged by the History of Parliament Trust to work on their flagship website that publishes the results of research into the members and constituencies of all British parliaments since 1386.

See for yourself at :

This data rich web site is managed by the Drupal CMS and has tens of thousands of 'nodes'.

A case for the Drupal commerce detective

Finally solved a curious issue that has been nagging me on a test Drupal commerce site.
I have a utility script that lists products that are not linked to Product Displays (handy). Perplexingly the ‘report’ kept showing some orphaned products even though I had linked them all and the report had shown none previously.
It is a test site undergoing some heavy development so at first I put it down to that - rolling the database back and forth etc But today I noticed it and was pretty sure that nothing had changed that could cause such data changes. Could it be some bug in entity API, commerce ? Unlikely! So crack out the deer stalker and pipe lets investigate!

Drupal 7 commerce multi currency site using a price list

Below are my notes taken as I investigate techniques to achieve my Objective,
(This post is not a normalised set of instructions but the process I went through to figure out the best way to handle multiple currencies c objective)
if I get a chance ill create another post with a normalised set of instructions/explanation.

We were engaged by Pelgrow UK Ltd to develop an online e-commerce solution for their network of highly successful high street pharmacies in London and across the UK. We were tasked with the design and building of the YourPharmacy brand through the design and creation of an online e-commerce store.

Drupal Blueprint theme playing SEO nicely with other modules

Getting your page title and metatags correct is great for SEO and enables your readers to locate your content by getting it indexed well.
In this post we'll see how to get your modules and theme to play nicley together to ensure that your page structure is optimal for web standards and indexing. In most cases this can be sorted with a simple fix.