CAll Us: +1 888-999-8231 Submit Ticket

Author Archives: admin

Adding Content to Your Site

Adding Content to Your Site

Adding Content to Your Drupal 8 SiteOn to Part 4 of our series, Getting Started with Drupal 8. Go here for Part 3.

Previously, we covered the basics of customizing your site, setting permissions and roles, and giving your visitors a way to contact you. This entry provides you with a few more tools for adding and managing content in Drupal 8.

Our screen captures reflect changes we made during earlier entries in this series, without modules and with default Drupal 8 theme, Bartik. Recreating these changes is not necessary, but if you’re using a different theme, or have added modules, what you see will differ from our images.

Contents

Graphics & Text Styles

In a previous article, we created a simple blog post. To get a better feel for how to wrangle graphics and text styles, we’ll create an “About Us” page for our website, FearTheSquirrel.

From your admin menu (click Manage), click Content, then click Add content. Or, select Add content from Shortcuts.

Click Basic page.
Basic Page Selection

In the Title field, enter “About Us.” In the Body field, enter one standalone sentence, followed by a few paragraphs. We’re using mostly “lorem ipsum” placeholder text, but feel free to use whatever you like.

The bar along the top of the Body section allows you to adjust text size and appearance, as well as add hyperlinks, images, and other elements common to text editors. Highlight the first sentence, and click the B icon to make it bold.
Text editor and sample text

Before continuing, note the Source button, which will show your text as HTML. You can enter or edit HTML while in this mode. Click Source again to revert.

To add an image, click the image icon, then click Choose File to upload an image. If necessary, use the one provided below.

Squirrel Image

After uploading your image, fill the Alternative text field, which will help screen readers and people with vision impairments. Decide which Align option appeals to you, but leave the Caption option alone for now. Click Save when done.

Drupal 8 Insert Image Page

To publish, confirm the Published check box is selected, then click Save.

 TipYou can preview content at any time by clicking . Click Back to contend editing to return to your editor.

Once published, note the View, Edit, and Delete tabs. These tabs are only visible when logged in as a user with permissions that allow content editing.
Drupal 8 View Edit Delete tabs

Metadata, or “data about data,” is used by search engines and other websites to gather information about your content.

Return to your previous post and click the Edit tab; or, click Content from your admin menu, find your recent post, then click Edit.

Drupal 8 Sample Revision Log Entry, "added metadata"

While we’re here, it’s worth noting the Revision Log on the right. Enter “adding metadata.” Getting into the habit of this now will make it easier to track revision history when managing your content later.

In Menu settings, select the Provide menu link check box. Parent item and Weight change how it appears in the menu, but leave these alone for now.

Drupal 8 Menu Settings

The URL alias field re-assigns the web address of this node from the default, which is currently your domain, followed by /node/, then a number; for example, https://mydomain/node/9. Change the URL alias to “/about-us”, and don’t forget the forward slash (/)!

Drupal 8 URL Alias Menu entry, "/about-us"

Authoring information allows you to designate an author and change the date of authorship., The author must match the username of a content author for your site.

Drupal 8 Authoring Information menu

Promotion options is useful for when you want to highlight important content. Leave these selections unchecked for now.

Click Save when ready. Go to your homepage, then click your newly created About Us menu option.

About Us location on Drupal 8 homepage

 TipIt’s usually worthwhile to view recent changes as an external visitor. To do so easily, visit your site in an alternate browser.

Should you need to view the revision log or revert to a previous version, click the Revisions tab.

Drupal 8 Revisions Tab

In the Revisions Log, you can view any previous version, read log messages, and Revert as needed.

Drupal 8 Revisions tab options

Teasers

As the name suggests, a teaser is an abbreviated view of your content. Teasers make it easier for visitors to find content that interests them, and ignore content that does not. Before continuing, go to your home page and create a new post (Shortcut > Add Content > Article). You can choose your own content if you prefer.

In this example, we’re entering “Caught in the Act!” in the title field, placing mostly “lorem ipsum” text in the Body field, and adding the image of the vile creature below.

Red Squirrel caught in the act of being cute

Once we publish, the teaser appears:

Note the Read more option near the bottom of the teaser.

Drupal 8 post with squirrel picture

By default, Drupal 8 allows you to customize the appearance and behavior of teasers by content type. Additional themes and modules can expand your options, but for now, let’s stick with the default Bartik theme.

To customize a teaser, go to your admin menu and select Structure > Content Types. In the Article row, select Manage Display from the drop-down menu.

Drupal 8 Content Types menu

 TipOn this page, it’s also possible to create additional content types by clicking . It is possible to administer an attractive Drupal website without creating additional types, but some admins will appreciate the option.

You are now on the Default tab within the Manage Display page. Click the Teaser tab.

Drupal 8 teaser tab

From this page, you can change your teaser options as needed, just keep in mind it affects all content of this type.

For example, to adjust the size of the image in the teaser, click the gear icon the Image row. Set the Image style to large, then click Update

It is also possible to reorder items in the Field column by clicking and dragging the icon corresponding to each field.

Reordering Drupal 8 teasers

Newsfeeds

Visitors can click the orange RSS link icon at the bottom of any page to subscribe their news reader to your site. Just as with teasers, can customize how this content appears in their news feeds, and the interface is nearly identical.

To customize RSS, go to your admin menu and select Structure > Content Types. In the Article row, select Manage Display from the drop-down menu, then click the RSS tab. Make your changes, then click Save when done.

Content Management

As your site grows, so will the need for one “point of truth” for managing your content. From your admin menu, click Content.

 TipAlthough it is possible to manage your content directly from the database, do not attempt to edit content in the database; use the Drupal interface instead. If you need to manipulate images, most are found in sites/default/files, though any related to specific themes and modules will be in those folders.

Basic Interface

This page shows every published and unpublished node on your site. From here, you can edit and delete individual nodes from the Operations column.

Drupal 8 Content Management interface

You can also can perform operations on multiple nodes at once. To do so, 1) select the check box corresponding to each article, 2) select an action, then 3) click Apply to selected items.

Drupal 8 options for operations on multiple nodes

 TipYou can also manage comments and files from this page by selecting the Comment or File tab near the top of the page.

Filters

Eventually, your site will contain too many nodes to manage effectively without a filter, which appears at the top of this page.

Drupal 8 Filter options

The Title field functions as a search bar, though it will search only titles, not topics or keywords. The Content type, Published status, and Language options are self-explanatory. However, remember you can add content types, which will give that filter greater significance.

Block Basics

Blocks provide you an easy way to “layer” important information without getting in the way of your core content. Blocks can look different based on who is viewing them (user, admin, and so on), but only users with appropriate permissions can

Configuring blocks

You can interact with blocks on any node by clicking Edit on the upper right, then clicking the pencil icon near any block.

First, let’s check out the “Tools” block on our homepage. Click near that block, then Configure Block.

Drupal 8 Edit Block options

From the Configure block page, you can change the title, menu level, and the region of the page in which it appears. You can also restrict the visibility of this block by content type, page, or role.

Drupal 8 Configure Block options

For now, let’s just remove this block. Click Remove block at the bottom of the page, then confirm.

Block Layout

From your admin menu, select Structure > Block Layout. This view shows all the blocks on your website, though as noted above, it’s possible to restrict individual blocks to certain pages, roles, and content types.

Drupal 8 Block Layout options

From the Operations column, it is possible to Configure, Disable, or Remove any block. The Configure option opens the same page described in the above Configuring Blocks section.

The Block column shows various regions: Header, Primary menu, Secondary menu, Highlighted, and so on. You can move blocks by either clicking and dragging them from one region to another (use the pencil icon), or select a new region from the dropdown list in the Region column.

 Tip: Use the tabs near the top of the page to compare block layouts between themes.

Click Demonstrate block regions to see a graphical representation of all regions.

Drupal 8 Demonstrate Blocks page

While it is not possible to move blocks from this view, it will give you an idea of their placement. When done, click Exit block region demonstration to return to the Block Layout page.

Creating blocks

From the Block Layout page, click the Custom Block Library tab, then click Add custom block.

As when creating content, note you can insert links and images.

Enter some text in the Block description and Body fields, then click Save.

Drupal 8 Add Custom Block menu with sample entries

Return to your Block Layout page. You can either add your newly created block to an existing region, or designate a new one, though the process is very similar either way.

 Tip: Remember, if you’re curious about where the Sidebar second region is, click Demonstrate block regions.

Select a new block by scrolling to the Sidebar second option, then click Place Block. Locate your newly created block in the provided list, then once again click Place Block.

This brings you to the Configure Block page for your newly created block, which you can always edit later. See the Configuring Blocks section for more information about your options. Click Save Block when ready.

Return to your home page to view the results!

Next Steps

That’s all for now, but we’re not done yet! Part 5 will dive into comment management, shortcuts, using views, and other tricks of the Drupal 8 trade.

Posted in:
Drupal

Tags:

Source link

BGP and How Networks Talk to One Another

BGP and How Networks Talk to One Another

BGP and How Networks Talk to One AnotherUnless you’re a network administrator or tech enthusiast, you’ve probably never heard of BGP (Border Gateway Protocol), but the Internet could not exist without it.

A network is a group of computers linked together, either wired or wireless. Each computer is identified by a unique ID number called an IP address. BGP allows computers in different networks to communicate with one another, and we’ve come to know the combination of all the countless interconnected networks on the planet as the Internet.

A technology that defines how exactly to communicate messages is called a protocol. When you define a protocol, you mostly define what kinds of communication can take place. So what kinds of communication are possible with BGP?

First, it advertises blocks of IP addresses on that network to neighboring networks, a process known as originating an advertisement. Second, it gives networks a way to pass along this information to other networks, who pass it in turn to other networks, a process known as propagating an advertisement.

So why are these two kinds of communication needed?

One network

Figure 1

If there was just one network in existence, there would be no need for a protocol that allows networks to share information about addresses. Figure 1 represents a network, labeled AS1.

You can think of this as just a name, but AS actually stands for Autonomous System, which is another word for network. A network is a system that is managed by a single person or group of people, and is thus “autonomous”. Generally, each organization has its own AS, and each has a unique number assigned to it. Networks use numbers rather than names because numbers are easier for computers, so AS1 is network 1.

 

Two networks

Figure 2

If there were two networks, then each network would just need a way to tell the other, “These are my IP addresses.” This type of message is called an advertisement. This makes more sense when dealing with more than two networks, but for now, it’s worth knowing that creating an advertisement for your own IPs is called originating an advertisement. The red arrow in figure 2 represents AS2 originating an advertisement to AS1.

Three networks

Figure 3

With three networks, we need an additional mechanism. In the diagram, AS3 is originating the advertisement for its addresses. But it would be nice if the people in AS1 could also reach AS3. So AS2 now takes the advertisement from AS3 and sends it on to AS1. This is called propagating an advertisement, and the diagram represents it with the green arrow. In this simple example, AS2 could just pass on the message it got from AS3 to AS1 without any changes. But in the real-world application of BGP protocol, AS2 would add its own AS number to the advertisement.

A more complex example

Figure 4

In this image, AS5 now is originating its advertisements to both AS3 and AS4, which are in turn propagating the advertisements to the remaining networks. AS1 can reach the AS5 addresses through either AS2 or AS4.

How does AS1 decide which path is better? Because each AS has been adding its own AS number to the advertisement, each one looks different:

AS2’s advertisement says the path is AS2 > AS3 > AS5

AS4’s advertisement says the path is AS4 > AS5

All other things being equal, a path with fewer networks is usually more desirable, but other factors often come into consideration.  

BGP Allows Networks to Set Their Own Policy

BGP allows a network to control how it sends and receives traffic: what your network advertises, what it accepts, and what paths it prefers to use. In the example from Figure 4, AS1 might decide that the path through AS4 looks shorter. However, it might also decide that AS4 is untrustworthy and prefer the other path through AS2 > AS3. How exactly the network uses the data depends on the policies configured by the people running the network.

Ready, Set, Dive

It’s easy to take the Internet and the technology behind it for granted. If you made it this far, it you’re showing interest in looking under the hood and going beyond being a strict consumer.  Keep your eye on this space for opportunities to learn more!

Posted in:
Web Hosting Basics

Tags:

Source link

How Does WordPress Work?

How Does WordPress Work?

As a WordPress hosting client, you don’t need to know how WordPress works behind the scenes. In fact, WordPress was created so that people could focus on writing and publishing, not on the technical details. But it’s useful to have a basic grasp of what’s happening under the hood of your WordPress site. It may help you to diagnose problems more easily and understand why WordPress behaves as it does.

The Building Blocks of a WordPress Site

Carl Sagan once said that “if you want to make an apple pie from scratch, you must first create the universe.” Something similar is true of a complex piece of software like WordPress. If you wanted to fully understand WordPress, you’d have to be a developer, a network engineer, a database administrator, and a designer. It would take (several) books to explain the WordPress universe from scratch, so let’s stick with the basic building blocks.

WordPress is a PHP application that relies on three key components: a web server, a database, and a programming language interpreter.

  • Apache. Apache is a web server. It is responsible for listening for requests from a browser and sending a response – the web page – back. After Apache receives a request, it gives the URL and other information to WordPress, which then generates the web page.
  • MySQL. MySQL is a relational database – it stores information in tables. All of the blog posts on a WordPress site are stored in a table called wp_posts, for example.
  • PHP interpreter. WordPress core is a collection of files that contain code written in the PHP programming language. It is the execution of these files that generates web pages.

The PHP files can be divided into two basic groups: template files and files that contain functions – reusable chunks of code – and constants that are used in templates and elsewhere in WordPress’ code. WordPress is a content management system, so the template files are the most interesting from our perspective. They generate the web pages.

Generating a HTML Page

When the Apache web server receives a request for a page, WordPress first runs a number of set-up scripts, including the wp-config.php file that provides information such as which database WordPress should use.

After the set-up phase is complete, WordPress starts the process of generating an HTML page by executing a template file. The template files are a mixture of HTML and PHP. The role of the PHP code is to fetch data from the MySQL database and to process it into HTML. Exactly which HTML is output depends on various factors: the available data, which user is logged in, the time of day, and more. Other functions are executed on template pages, but the ultimate goal is to dynamically generate an HTML page that can be sent to the requesting browser.

There are many template files and which one is executed depends on a complex set of rules, but is primarily determined by the URL of the request. For example, if the URL is the site’s home page and the site is configured to display a list of blog posts, the home.php file is executed, unless there is a front-page.php file, in which case that is executed.

The full template hierarchy for the front page looks like this:

There are templates for posts, pages, tag indexes, category indexes, the 404 page, and more. Most of them are provided by the site’s theme.

Hooking In

You might have noticed that we haven’t mentioned plugins yet. Plugins can change the HTML that is rendered on a page, but their code does not live in the template files. Instead, WordPress provides a number of hooks onto which people can hang their own code. Hooks are the foundation of an event-based system for extending WordPress. Developers can register code to be executed when an event occurs. There are dozens of events developers can hook into, such as wp_loaded, which runs after WordPress is fully loaded, and pre_get_posts, which runs before a database query.

Hooks come in two varieties: action hooks and filter hooks. The difference between them is not important for our explanation of how WordPress works. It is enough to understand that the code associated with hooks can carry out actions and change the HTML that is output. For example, a hook can be used to add a widget to a page.

WordPress plugins use hooks to integrate their functionality with the HTML rendering process, and they’re one of WordPress’s major strengths. WordPress would be much less powerful if it didn’t provide a mechanism for developers to extend its functionality.

As we said at the beginning of this article, there is a lot more happening beneath the hood of a WordPress site than can be explained in a blog article, but we hope that reading this has given you a useful understanding of what happens when someone loads a page on your WordPress site.

Posted in:
WordPress

Source link

Building Your Drupal 8 Site

Building Your Drupal 8 Site

Welcome to Part 3 of our series, Getting Started with Drupal 8. Go here for Part 2.

Last entry, you learned the basics of creating content, adding images, and dabbled in your first themes and modules. Before we start adding more your content — and we will in Part 4 — let’s look at some other fundamentals of managing your Drupal site.

 

Contents

Tailoring Your Site’s Identity

Although we installed a theme in Part 2, Navigating Drupal, this section uses the default theme, Bartik. If you are currently using a different theme, you can revert by selecting Manage > Appearance, locating the Bartik theme, then clicking Set as default.

 Tip: To stay focused on Drupal basics, this article does not explore Cascading Style Sheets (CSS), which are a powerful and effective way for a developer to customize a website.

Site Details

To start, view your current site as a user by opening an alternate browser where you are not currently logged in as an administrator. There’s a few ways to confirm you’re viewing it as a user, but the easiest is to check for the Log in option on the upper right.

It’s possible to move this, but we’ll cover that in a later entry.

First, let’s change your site name. From your admin menu, select Configuration > System > Basic Site Settings. In the SITE DETAILS section, fill the Site name and Slogan fields with whatever appeals to you.

The Email Address field is the email for the site itself, though it currently shows whatever email you provided when creating the site. You can change this later. This address will receive automated emails, such as password resets and other notifications. It is not what site visitors will use to contact you, which we will set later.

Scroll down to see areas to designate your site homepage (FRONT PAGE) and 403 (access denied) pages. Note where to find these, but leave them blank for now.

Click, then click  to view your changes as an admin. While you’re at it, check out your browser tab. This is your first step in search engine optimization (SEO), which makes it easier to search engines to find your site.

Regional Settings

From your admin menu, select Configuration > Regional and Language > Regional Settings.

Make necessary changes to the Default Country, First day of week, and Default time zone drop-down options.

Click  when done.

Adding Your Logo

If you don’t already have a logo, save the “FEARTHESQUIRREL” logo to your local device. You can always change this later.

From your admin menu, select Appearance, then click the Settings tab.

In the LOCAL IMAGE section, clear the Use the logo supplied by the theme checkbox. In the Upload logo image section, click   to upload your logo. Click   when done, then return to your homepage.

It’s a welcome replacement for the Drupal logo, but it clashes with the default blue at the top of the page. To fix it, select Appearance, then locate the Bartik theme and click Settings.

You will now see a COLOR SCHEME and Preview section.

 TipIf you are using a theme other than Bartik, this page may look different from our screen captures.

The Color set drop-down list is currently set to the default Drupal appearance, Blue Lagoon. It provides a handful of other options, but ignore those for now.

For the sake of learning the basics, we’re adopting a minimalist approach:

 TipAs you make changes, view the Preview section to see their effects.
  1. Set the Header background top and Header background bottom fields to pure white. You can use the color grid, or just enter FFFFFF in both fields.  
  2. Oops! The white background washed out our slogan and some of the other text. Change the Title and slogan field to black. Either use the grid, or enter 000000.
  3. Adjust the Sidebar borders field to black, just as you did in step 2.
  4. Click , then return home to check your work.
  5. As you can see in the preview, the site name next to our logo is redundant. Let’s remove it. Click  on the upper right.
  6. Click the   by the site name, followed by Configure Block.
  7. In the TOGGLE BRANDING ELEMENTS section, clear the Site name check box, then click .
  8. You can view your site from your home page, but now would be a good time to view it from your alternate browser so you can see it as a visitor would.

    Sparse but clean!

Adding Your Favicon

Let’s replace the Drupal favicon appearing in your browser tab with our own.

If you don’t already have a suitable Favicon, download the one shown below to your local device.

Select Appearance from your admin menu, then once again locate the Bartik theme and click Settings. Scroll down to the FAVICON section, then clear the Use the favicon supplied by theme check box.

In the Upload favicon image section, click  to upload your logo. Click when done.

Return to your home page to view your new favicon!

Setting Permissions and Roles

Drupal is designed for teams of multiple users. It is possible to tailor specific roles and permissions without adding modules.

Access your permissions and roles by selecting People from your admin menu.

Permission Fundamentals

 TipUse caution when assigning permissions, especially ones saying “Warning: Give to trusted roles only; this permission has security implications.”

Click the Permissions tab.

Drupal’s default installation provides three types of users; anonymous, authenticated, and administrator. Take a few moments to scroll through the list and take a glance at the default permissions for each type. You can customize any of these roles.

Anonymous users

Anonymous users are unregistered. Anyone visiting your site for the first time will be this type, and the View published content permission means they can view your site. Otherwise, they have very few permissions, but we recommend going one step further: disable their ability to contact the site using the site form. This will help prevent spam.

Authenticated users

Authenticated users represent users logged in with registered accounts. Unlike anonymous users, they can use shortcuts, contact the site, view basic HTML, and post comments. We’ll save the topic of comment moderation for a later entry in this series.

To set up the process by which anonymous users become authenticated users, go to your admin menu and select Configuration > People > Account Settings. Scroll to the REGISTRATION AND CANCELLATION section.

The default settings achieve a good balance of security and convenience for many sites. The current option under Who can register accounts?, Visitors, but administrator approval is required, means admins must approve any user attempting to become an authenticated user. The top option, Administrators only, means visitors wanting to become authenticated users must contact an admin directly, who will create the account on their behalf. Your choice will depend on the purpose and volume of your site.

Administrators

Administrators have access to all areas of the site. This role can be given to anyone. As the site’s creator, however, you are the superuser and it is not possible to change the superuser’s permissions.

 Tip: Protect your site by keeping the superuser role to yourself. Don’t share your superuser login credentials with anyone!

If you plan to have several people helping you work on your site, it is best practice to avoid handing out this role to everyone. Continue to the next section for details.

Creating Roles

You can designate different “flavors” of administrators by creating new roles. While the “how to build a site development team” question is outside of our scope, possible roles include:

  • Site builder: Researches and maintains modules, structure, and configuration
  • Site designer: Creates CSS and maintains appearance and aesthetics
  • Content manager: Writes, edits, and manages all site content; may oversee content writers
  • Community manager: Oversees content, permissions, and the comments
  • System administrator: Monitors and maintains site performance, security, and uptime

Drupal makes it easy to tailor permissions on an as-needed basis. To create a role, go to your admin menu and click People, then click the Roles tab. Click to get started.

In the Role Name field, enter a name, like “Content Manager.” Click when done.

Any new role you create begins with the same permissions as Authenticated Users. To customize them, click the Permissions tab.

For a content manager, we’d likely want them to have any permissions related to creating, editing, or maintaining content. Many of these are found in the Node section. The exact permissions for each member of your team will vary according to your needs, your team size, and other factors.

 TipAlways assign permissions with care, particularly any that change content or contain the phrase, “Warning: Give to trusted roles only; this permission has security implications.”

Giving Users a Way to Contact You

It is usually in your interests to make it easy for authenticated users to reach you with feedback about your site.

Go to your admin menu and select Structure > Contact forms.

For now, ignore the Personal contact form, which allow users to contact one another, not you. Go to the Website feedback option, then click .

In the Recipients field, specify the email addresses to receive the feedback. In the Message field, enter the message viewed by the user after they send you feedback. Click when done.

Test your work. Return to your homepage, click Contact, and walk through the process to see if it unfolds as you planned.

You can create additional forms, but without modules, you can only have on default feedback form at a time.

Reports to Rememgber

Your default installation of Drupal 8 provides you with reports to help you maintain your site troubleshoot issues. To view your options, go to your admin menu, then click Reports.

Available updates serves as a reliable way to check if you site is out of date. Running anything other than the latest stable version can expose your site to malicious activity. You can also subscribe your email address to update notifications by clicking the Settings tab. We also recommend following @drupalsecurity on Twitter and subscribing to RSS feeds for core security updates, contributed project updates, and public service announcements.

Recent log messages can help you monitor or troubleshoot your site. Use the Type and Severity filters to refine your search as necessary.  

Status report a general assessment of the “health” of your site and provides other system information. If you have a more serious error or warning, it will often, but not always, be found here.

Next Steps

See you soon in Part 4 of our series, Getting Started with Drupal 8! On deck is trying our hand at graphics, metadata, newsfeeds, sidebars, and a few other squirrely surprises.

Posted in:
Hostdedi

Source link

How To Prevent Data Leaks On Your eCommerce Store

How To Prevent Data Leaks On Your eCommerce Store

Data is one of your eCommerce business’s most valuable assets. But it’s not only valuable to your business. It’s also valuable to criminals, who use personal data for identity theft and credit card numbers to commit fraud. Over the last few months, several major eCommerce retailers and many smaller stores were targeted by Magecart, a criminal group primarily focused on scraping credit card numbers.

Magecart is the most prominent victimizer of eCommerce stores, but they are far from the only one. eCommerce store owners should be alert to the risk of data theft and know how to fight it.

Attackers like Magecart rely on malware injected into an eCommerce store’s pages. Malicious JavaScript code grabs credit card numbers as they are entered into forms, sending them to servers owned by the attacker, a typical cross-site scripting attack (XSS). Cross-site scripting attacks only work if attackers can execute JavaScript in the context of a store’s pages. They use several strategies to inject JavaScript, all of which depend on flaws in the store’s security.

Store owners fighting this type of data leak should focus on preventing the attacker from injecting malicious code in the first place.

Keep software up-to-date. Attackers frequently exploit vulnerabilities in older software. If an attacker can compromise an eCommerce store via a known vulnerability in the operating system, utility software, or the store itself, they will inject malicious code, which will run in shoppers’ browsers. Updating fixes known vulnerabilities.

Ensure the database is only accessible via the web store. Database misconfiguration is a common source of data leaks. An eCommerce store’s database should only respond to requests from the application, not to requests from the internet. It should be password protected to prevent any access from unauthorized individuals.

Use a web application firewall such as ModSecurity. A web application firewall can mitigate the risk of attacks against a store’s front-end, including SQL injection attacks and cross-site scripting attacks. Hostdedi uses the advanced ModSecurity WAF on Magento and WooCommerce hosting accounts. To learn more, check out our post on Why ModSecurity Should Be Your Web Application Firewall.

Use two-factor authentication on your Magento or WooCommerce store. The easiest way for an attacker to breach a store’s defenses is to guess the right password. Simple passwords, popular passwords, and passwords based on dictionary words are easy to guess. Long and complex passwords are difficult to guess, and the longer they are, the more difficult it becomes. However, we can’t always trust users (or even developers) to choose a long and random password. Two-factor authentication, as provided by Hostdedi’ Sentry extension for Magento, helps to protect stores from poor password practices.

Disable unused store and server passwords. Unused accounts serve no purpose and increase the surface area of a store that can be attacked. Audit the user accounts on your store and server, deleting those you no longer need. On a related matter, when giving an employee or third-party access to your store, use a unique account created for the purpose. Once they no longer need access, delete the account.

Be aware of supply-chain attacks. The Magecart malware often finds its way onto eCommerce stores via a supply-chain attack. Instead of attacking stores directly, criminals target software used by stores: JavaScript libraries, extensions, themes, and so on. When the eCommerce store is updated, the compromised software is installed and the malicious code injected. Supply-chain attacks are difficult to defend against, but store owners should exercise caution when sourcing software. Use extensions from official repositories or trusted developers. Keep an eye on vulnerability reports for software downloaded from third-party sources, such as CDNs or GitHub. Consider implementing Content Security Policy and Subresource Integrity on your store.

If attackers can’t infect your store with malicious code, they can’t steal your shopper’s details or credit card numbers. By following a few security best practices, you substantially reduce the risk of data theft.

Posted in:
eCommerce, Magento

Source link

The New Drupal Layout Builder

The New Drupal Layout Builder

The New Drupal Layout BuilderApril 10, 2019 – Drupal 5.7 is just three weeks away, and with it will come the Drupal layout builder.

Drupal has always been about accessibility, and the last several years have only seen that commitment ramp up as the teams behind the open source platform have begun to invest more in matching the true ideals of open source.

The layout builder marks a new stage in the CMS’s life; one in which content creators and managers no longer have to rely on developers for the minutiae of complex Drupal builds. Instead, content updates can be deployed quickly and effectively through a WYSIWYG editing interface.

The New Layout Builder: What to Expect

The new layout builder is essentially a WYSIWYG, with default theme previews, per entity customization, and connection between entity display, and views and other blocks.  

A powerful design tool, Drupal’s layout tool goes beyond standard layout builders by allowing sitewide edits to templated content. This incredibly powerful feature means that site builders and content managers can add content to pages throughout a site with minimal effort and time commitments.

What to Expect With the New Drupal Layout Builder

Another strong feature is the ability for content creators to easily create and push custom pages with unique designs and layouts. By adding blocks to a blank page, creators can easily push videos, maps, text, or custom-built widgets. As adoption increases for the layout builder, we expect more modules to appear that will add increasingly diverse functionality to the builder.

The Layout Builder: When Can I Get It?

If you’re looking to stay ahead of the crowd, you can actually download and install the beta module for the layout builder now. This will give you access and time to explore the new feature’s functionality before going live with it.

The full release will be with Drupal 8.7 in three weeks. Keep an eye on the layout initiative page for more up-to-date information.

Hostdedi and the New Layout Builder

If you’re looking to start adopting Drupal and the new layout builder with Hostdedi, you can currently install the module on your Drupal instance and begin working with it. Alternatively, when Drupal 8.7 is released, you can either update your instance yourself, or you can get in touch with our support team and they will update your Drupal site for you.

As always, we recommend testing any new updates on a development site before going live. We especially suggest doing so with the layout builder, to see how and if it will affect your existing site.  

Posted in:
Drupal

Source link

Miguel Balparda’s Adobe Summit recap

Miguel Balparda’s Adobe Summit recap

Miguel Balparda's Adobe Summit recap After a week in Las Vegas as a Summit Insider for the Adobe Summit, I’ve learned quite a few things about Adobe and their plans for Magento 2.

Adobe invited all of the Magento Masters to assist their annual event as Summit Insiders, a program that includes top executives, industry experts, major media correspondents, and pioneers in technology from around the globe.

 

 

 

 

Disclaimer: As a Magento Master, I attended the event for free, but these opinions are my own.

Day 1

The week started with an Insider’s presentation, reviewing previous years and also showcasing some of the new Adobe tools we should be using already, like Adobe Rush and Adobe Sign with its Office 365 integration. One of my favorite takeaways of going to this non-Magento event was getting to know the rest of the influencers and how they apply their different backgrounds to eCommerce.

After the introductory session, we headed to The Mirage for the Experience Maker Awards, an incredible private event including a reception and acts from The Beatles Love theatrical production by Cirque du Soleil. Several companies walked away with awards, with Platypus Shoes, a Magento 2 site, winning Best Commerce Experience.

Day 2

Day 2 started with the opening keynote, where Shantanu Narayen explained how Adobe sees the market and how their analytics point to retention as “the new growth.”

Right before the keynote, a new Techcrunch blogpost dropped, highlighting Adobe Commerce and how it integrates with Magento 2. Right after Santanu, Jason Woosley jumped on stage and explained to an audience of 16,000 what this meant for Adobe and Magento. Adobe Commerce is not a rebrand or a substitute for Magento 2, but a bundle of Adobe, Magento, and Adobe Experience Manager (AEM). This new product integrates with the Amazon marketplace to try to close the last gap in Adobe’s experience offering.

Right after the keynote, the Community Pavilion opened. This pavilion was immense, with huge demos showcasing integrations between Adobe products with VR and AR. I paid extra attention to the Adobe Experience Manager and Magento2 GraphQL integration, an interesting proof-of-concept that creates product pages using drag-and-drop predefined blocks with the Venia theme.

The day continued with sessions about different technologies. I assisted one with Magento Cloud, but my favorite was from Dr. John Grotzinger, chief scientist for the NASA Curiosity rover mission to Mars.

Right after, we were invited to go back to the 90s by experiencing the thrills of Rolodexes, floppy disks and VHS movie rentals.

After a long day, we moved to the Influencers and Media reception at CHAYO for some beers, tacos, and enchiladas. We met several Adobe enthusiasts and chatted about the future of Magento, with everyone agreeing we had much to be excited about!  

Day 3

Day 3 started with more sessions, with Shantanu Narayen and Microsoft CEO Satya Nadella taking the stage stage to talk about how Adobe and Microsoft work together to integrate their offerings.

Right after them, Reese Witherspoon and Adobe CMO Ann Lewnes took the stage to discuss how Reese launched her own production company and self-funded it for 5 years, making it possible to make her own decisions without shareholder interference.

After the keynotes, we headed back to the community pavilion to visit sponsors and take part in a Magento Masters Mixup meeting with Adobe employees. In this meeting, we met David Nuescheler, one of Adobe’s open source advocates and a key figure to follow if you’re interested in the future of Magento 2 open source.

 

The day wasn’t over yet and we headed to Sneaks, where Adobe showcases what’s to come in the near future. Hosted by actress, writer, and producer, Mindy Kaling, and Steve Hammond, Adobe’s Sr. Director of Experience Business in APAC, much of the focus was on AI and VR technologies.

After Sneaks, we gathered up some more Magento peeps and headed to the T-Mobile arena for Adobe Bash, the closing party featuring The Killers. There is not much to say about this, other than it was by far the coolest closing party I’ve ever attended! The Killers played all their hits in an arena just for Adobe, with plenty of food and drinks to go around.

After the party was over, I headed back to the hotel to rest up and start packing, but we had one day to go!

Day 4

Day 4 was all about Marketo and their Marketing Nation Summit, which is now part of Adobe Summit. I assisted with a couple of sessions, but took most of the day to get to know more Adobe integrators and developers and their ecosystem. One the day ended, I headed back home to Argentina to rest up and get ready for Magento Imagine in May.  

The biggest takeaway was how Adobe wants to include and integrate Magento into their offerings, and how we can work with other platforms to create a unique experience for our customers. Witnessing this first-hand helped me understand the size of Adobe (it’s HUGE), its potential for customers, and how those customers differ from the customer base we’re used to.. I’d say our builds will now become bigger and more complex, but with the correct developers and integrators, we can continue to consider Magento the leading eCommerce platform worldwide.

See you in Las Vegas next month for Magento Imagine!

Posted in:
Hostdedi

Source link

Magento vs Prestashop: The Best eCommerce Platform

Magento vs Prestashop: The Best eCommerce Platform

Magento vs PrestashopWhether you’re new to eCommerce or looking to see if there’s a better option for your growing store, choosing the right web application is important. There are several different options out there for merchants. This article looks specifically at Magento and Prestashop.

Both of these applications are open source platforms that allow merchants to start, maintain, and manage their online store. Both offer unique customization features, and both have been adopted by large audiences of both developers and merchants.

Yet the online eCommerce landscape changed in 2018. Multiple applications adapted to evolving merchant demands, as existing and new users moved to platforms that better suited their requirements. Moreover, with continued development of headless in mainstream eCommerce circles, merchants found they were no longer restricted by the eCommerce API they selected.

Internally, we’ve seen continued success and growth by Magento stores. According to our research, Magento cloud solutions grew by an average of 18% per month in 2018. Prestashop, on the other hand, boasts that over 270,000 stores run on it worldwide. However, looking a little deeper shows that this number may not be what it at first seems.

 

In Numbers
Design and Templates
Ease of Use
Functionality
Modules and Extensions
Inventory
Performance
SEO
Security
Pricing

 

Magento vs Prestashop: In Numbers

Before taking a deeper look at the differences between Magento and Prestashop, we’re going to see how they rank in terms of numbers.

Magento has 3x the number of sites Prestashop has

In a comparison of all sites that use Magento and Prestashop, 76% of sites use Magento. While this tells us about the number of sites that use each eCommerce CMS, it doesn’t say anything about the quality of those sites.

When we only consider the top 1 million websites worldwide, we see a similar pattern emerge. 1.5% of the top 1 million sites worldwide run Magento, compared with just 0.4% that run Prestashop. Let’s take a look at some more specific numbers.

64 percent of hosting solutions run on Magento

Internally, we’ve seen Magento dominate the eCommerce web applications market. 64% of our hosting solutions run optimized Magento environments. Asking clients why they have made this choice, frequent responses include functionality and the ability to implement development processes easily.

MagentoPrestashop
Number of sites850,000270,000
Number of plugins or extensions4,7003,900
Monthly Cost$0$0 – $22

 

Now we’ve taken a look at the numbers, let’s look at some specifics.

 

 

Designs and Templates

A good looking eCommerce store is important. According to Blue Corona, 38% of visitors will stop engaging with a site if they don’t think its design is attractive, and 48% of visitors believe that a website’s design is the number 1 factor involved in determining credibility. For these reasons, design and template functionality have made it to the top of our list.

Prestashop does have a large number of free and paid templates available. In addition to those available through Prestashop, there are numerous development agencies that also offer templates for a fee. In general, these templates are able to provide most merchants with an attractive, fast site design that can easily be adjusted to fit their unique business. Merchants can also make simple adjustments to the color scheme, responsiveness features, and more through the Prestashop’s UI.

Magento, on the other hand, offers merchants the opportunity to create something unique and individual. While there are numerous themes available through the Magento Marketplace, they are limited and will cost money.

For this reason, most Magento merchants opt to either hire a developer or learn how to design their site for themselves. This allows them complete freedom in regards to how their site looks and performs. Everything can be customized, from responsive design delivery to core layout options. Advanced Magento developers are also able to take their store headless and implement PWA, whereby Magento serves as the back-end for a separate front-end.

Winner: Magento

 

Ease of Use

Ease of use is where Prestashop and Magento differentiate themselves. Prestashop is aimed at beginners and less technical users. While this is great for getting started with eCommerce and simplifying daily management and maintenance of a store, it does have its drawbacks.

At the time of writing, Magento is one of the most flexible eCommerce web applications available. Merchants are able to implement a near-infinite number of capabilities. Moreover, with the continued development and integration by Adobe, we’ll likely see this functionality only increase.

Regardless, if you’re looking for ease of use, Prestashop beats Magento. If, however, you’re looking to create an online store with unrivaled functionality, Magento’s learning curve is probably worth it.

Winner: Prestashop

 

eCommerce Functionality

Magento’s main strength is its functionality, and while Prestashop does an admirable job of trying to keep up with a number of optional modules, it just can’t compete.

Prestashop does include integration with other popular eCommerce platforms such as eBay and Amazon. It also offers its own internal analytics system for gaining insights into your audience.

Magento, on the other hand, offers an extensive list of functionality. This includes, but isn’t limited to:

  • Dynamic rule-based product relations
  • Visual merchandising page optimization
  • Customer segmentation and personalization
  • A powerful admin experience
  • B2B integration through custom catalogs, price lists, and more
  • Powerful search integration

One of Magento’s biggest strengths is its Elasticsearch integration. Elasticsearch is a powerful search engine capable of providing customers with results they’re looking for quickly and effectively. According to Moz, on-site searchers are 200% more likely to convert than non-searchers.

While Elasticsearch can be implemented with Prestashop installations (there is a connector module), it doesn’t run as efficiently. With Magento increasing focus on user experience, search has taken a dominant position within the eCommerce application’s ecosystem. The same can’t be said for Prestashop.  

If you’re looking for functionality, without a doubt, the winner is Magento.

Winner: Magento

 

Modules and Extensions

Magento offers over 4,700 extensions, about 25% more than Prestashop’s 3,900 modules.

Some of Prestashop’s most popular modules includes Amazon Market Place, SEO Expert, PayPal & Braintree, the Google Merchant Center, Advanced Search, and Abandoned Cart Reminder. These modules add a lot of functionality to stock Prestashop, allowing merchants to improve conversion rates and customers experiences.

Magento’s most popular extensions include Yotpo, Add free product to cart, AJAX Catalog, Improved Sorting, and Advanced search. Immediately, a difference can be seen between what merchants are adding to their stores. Magento merchants are looking for added features, where Prestashop merchants are more interested in integrations.

It’s a tough choice here, as both have their advantages. Prestashop is great for beginners and the add-ons allow for site owners to easily integrate other eCommerce products into their store. However, Magento offers even more functionality (on top of already impressive functionality).

Winner: Draw

 

Inventory Size

Both Magento and Prestashop theoretically come with the ability to host an unlimited number of products. However, if not properly optimized, stores with more than 100,000 products can start to slow down.

With Magento, a number of hosting providers and developers have developed and released information on optimizing the Magento environment to ensure that large stores do not slow down. We should know, we wrote the book on it for Magento 2. Prestashop hasn’t managed to attract as many large stores (as indicated above), so isn’t quite on par in terms of optimization.

If you’re looking to run a large eCommerce store that can maintain good performance, we recommend Magento. Even for smaller stores, Magento environments can be optimized to be blazing fast.  

 

Winner: Magento

 

Performance

Magento is a known resource hog and requires a powerful environment to run. Users often complain that Magento’s back-end can cause slow downs. For these users, the applications functionality is much more of a draw than its performance.

However, Magento doesn’t have to be slow. Often, slow sites are a result of either poor development or unoptimized hosting. See if your environment is optimized before migrating to another application. Optimization is a lot faster than a site redesign… and less costly.

Prestashop is much more lightweight, so there are usually no issues with site speed. Despite this, as we mentioned above, the eCommerce platform does experience slowdowns when too many SKUs are added.

We’re going to call this one a draw. Prestashop is more lightweight, but it also suffers from slowdowns when too many products exist.

Winner: Draw  

 

SEO

In terms of SEO, Magento and Prestashop are in two different leagues. In research conducted by eCommerce Platforms, the stock SEO capabilities of Magento outrank Prestashop in almost every area. In fact, Magento came 4th in a list of the top 16 eCommerce applications available, in terms of SEO value, with a score of 95. Prestashop only scored 40.

Prestashop only has an SEO score of 40
Reasons for this disparity include Prestashop’s need for additional modules to serve simple SEO requirements. For example, you cannot add alt tags to images without installing a module first. Magento, on the other hand, comes with a powerful suite of SEO tools from the outset; including dedicated SEO content sections for products.

Magento wins in this category hands down.

 

Winner: Magento

 

Security

Security is vital for eCommerce stores. Customers only shop with merchants that they trust.

So it’s unsurprising that both platforms offer great security features and have a history of reliability. Both have also been the victim of security breaches.

However, as with any website and its security, infrastructure is as important as the application itself. Important features to note are a web application firewall (WAF), whether the hosting provider is PCI compliant, and what else the provider proactively does to keep a site secure.

Magento is often optimized for its environment and so comes with a level of security you don’t see with Prestashop. Moreover, with a large number of dedicated providers offering platforms to develop on and great public documentation, most providers have more knowledge of how to secure and maintain the application itself.

While there is a self-hosted version of Prestashop available for download. A large number of users host their site with Prestashop. If you want your eCommerce store to remain secure, it’s usually better to have control over the environment and access to a support team. For this reason, we recommend a self-hosted solution regardless of which application you pick.

 

Winner: Magento

 

Pricing

Both Prestashop and Magento offer free, open source options for merchants. However, to support these you will need to pay for hosting. Hosting costs vary by provider. We offer optimized Magento hosting solutions that enable merchants to create scalable and powerful eCommerce stores on a secure platform.

As a result of the incredible functionality that comes with it, Magento can be resource hungry. For this reason, we recommend only opting for a hosting provider that optimizes specifically for Magento. Prices for a stable provider start at around $20 a month and scale to several thousands for a dedicated cluster environment.

Prestashop, on the other hand, is not as resource intensive, and can be installed on a flexible environment without any needed optimizations. Flexible solutions can start from less than $20 a month, but they usually limit the number of monthly visitors substantially. The lower your monthly visitor capacity, the lower your likely revenue.

If you’re looking for a cheaper solution, Prestashop is likely the right choice. However, if you believe your store is going to grow and want to invest in a scalable solution now instead of later, Magento should be your eCommerce application of choice.

 

Winner: Draw

 

Magento vs Prestashop: The Winner

Both web applications provide merchants with a secure eCommerce environment. However, at their core, they are aimed at different types of merchants. Prestashop is aimed at merchants with smaller eCommerce stores and that require much less functionality. Magento, on the other hand, is aimed at merchants that require more advanced eCommerce functionality and are looking to optimize their conversion rate.

From a merchant perspective, if you’re able to invest enough time into a proper Magento implementation, then it offers much more than Prestashop and you’ll like see higher ROI. If, however, you’re looking for an easy WYSIWYG and don’t necessarily require some of the basic functionality that comes with Magento (such as advanced customer connection tools or SEO tools at the core) then Prestashop may suit your business model more.

Posted in:
eCommerce, Magento

Source link

Organize Your WooCommerce Store With Categories, Tags, And Attributes

Organize Your WooCommerce Store With Categories, Tags, And Attributes

Browsing antique stores is one of our favorite pastimes, especially stores that make no effort to organize their wares, chaotic jumbles of products grouped according to whim or chance. We enjoy the prospect of serendipitous discovery. However, when we’re shopping online, a lack of organization is not enjoyable. A positive eCommerce experience depends on the thoughtful organization of products into groups that create meaningful connections between them.

WooCommerce is, at heart, an application for creating order and connectedness in large catalogs of products. WooCommerce store owners have three different organization tools at their disposal: categories, tags, and product attributes, each of which adds information to a product listing. WooCommerce’s interface uses that information to group products in the interface and to help shoppers navigate the catalog.

Categories

Categories are WooCommerce’s primary organizational tool, and the one that has the biggest impact on the user interface. Most WooCommerce themes use categories to form the main navigation menu.

Every product on a WooCommerce store must be in a category. If you don’t assign a category to a product, it will be put in the “uncategorized” category. Each product can only be in one category, and categories are hierarchical — you can create categories that contain other categories.

For example, an online pet store might put a scratching post in the “Cat Toys” category, which is itself part of the “Cats” category. WooCommerce will use that categorization to group and filter products in the interface.

Categories are created in the Products > Categories interface, and products can be added to categories via product pages.

Tags

Tags differ from categories in a couple of important ways: each product can have many tags, and tags are not hierarchical. Tags are used to group products across categories.

A store selling pop memorabilia might put a signed poster of David Bowie in the “Posters” category, but tag it with “David Bowie”, “Glam Rock”, and “English”. Shoppers can then filter for products that are related along different dimensions.

The free-form nature of tags is useful, but without careful management a store’s tags can become chaotic. It takes discipline and forethought to build a coherent system of tags that group products in meaningful ways. We have seen WooCommerce stores with dozens of tags, many near duplicates, a large number of which were only applied to one product.

It is worth taking the time to sketch out a “canonical” set of tags. The set should evolve over time, but new tags should be introduced systematically.

Product Attributes

Product attributes contain additional information about products. Each product attribute has a predefined set of terms, which can be thought of as labels that indicate a quality of the product. A coat might have a size attribute, which has small, medium, and large terms. Product attributes are useful for variable products with multiple SKUs.

Attributes and their terms can be added to WooCommerce via the Products -> Attributes menu. Once product attributes have been added, they become available to you when adding and editing a store’s products.

The combination of categories, tags, and product attributes allows WooCommerce retailers to organize, filter, and group products so that shoppers can easily find what they are looking for.

Posted in:
WooCommerce

Source link

Navigating Drupal 8

Navigating Drupal 8

Welcome to Part 2 of our series, Getting Started with Drupal 8. Go here for Part 1.

You’ve installed Drupal, updated it to the most current version, and know how to back it up. Next up is learning the basics of how to navigate the interface and manage your content. Let’s jump in! 

 

 

Contents

Interface Tour

You’ve installed Drupal, updated it to the most current version, and know how to back it up. Next up is learning the basics of how to navigate the interface and manage your content.

When you visit your site, you must first log in to your admin panel to make any changes. Once you do, it’ll look something like:

Drupal Terminology: Nodes and Blocks

Most information in Drupal is presented either in nodes or blocks. Node content is essentially the core content of the page, like an article, blog entry, forum post, and so on. Blocks are smaller units that usually add some basic element of utility to the page, like search bars, login buttons, navigation tabs, and other at-a-click functions featured on most websites.  

You may view all editable blocks on your current page by clicking on the upper right. You may now edit any block by clicking , followed by Configure Block. As you can see in the image below, almost any block can be configured to your exact specifications. We’ll dive more into this later.

Your Drupal Admin Panel

The admin panel on the top of the page has everything you need to create content, manage users, and perform other critical functions. It has three options: Manage, Shortcuts, and admin.

Shortcuts gives you a quicker way to access your favored site functions. For now, it shows only two: Add content and All content, though it is possible to customize this later. admin allows you to adjust your contact information and login credentials.

For now, let’s focus on Manage, where you will find the bulk of actions necessary to administer your Drupal site.

Click Manage open your admin panel.

 Tip: To alternate between vertical and horizontal menus,  click  or , as appropriate.

Content

This lists all of your site’s content, comments, and files, and also allows you to create new content.

You currently have no content. We’ll circle back around to this later in the Creating Content section.

Structure

This is a powerful tool that gives you many ways to configure your content. Just note its location for now, we’ll explore this more in a later entry.

Appearance

This is where you add themes and view ones already installed. Themes change the appearance of your site. We’ll explore this further in the Installing Your First Theme section.

Extend

This page allows to install, view, and uninstall modules, Drupal’s version of plug-ins, which add new functions to your site. Modules can be somewhat tricky to deploy, so leave this alone for now.

Configuration

From here, you will execute most of your administration tasks, like content authoring, automation, basic site settings, and many other essential functions. We will spend more time in this area in a later entry.

People

Here, you manage users, permissions, and roles. Drupal is known for deep default functionality for user administration, and can be particularly useful for managing the efforts of larger teams with specific roles. We will user administration further in a later entry in this series.

Reports

This provides various tools for assessing the health of your site. Here, you can check for updates, read your logs, and run status reports, among other useful information.

Creating Content

  1. To get started, either select Manage > Content, or select Add Content from the Shortcuts tab.

  2. Click .
  3. You now see two possible content types: Article and Basic page. Select Article.

  4. Fill the Title and Body fields with something simple.

  5. At the bottom of the page, note the Published check box. If you clear the Published check box before clicking , it will appear as an unpublished draft on your Content page. For now, leave the Published check box selected and click .

You will now see your newly published content, otherwise in Drupal as a node. Note the web address, or URL, which ends in “node/” followed by a number. For example, https://8ac818c39-731.hostcli.net/node/4. Although it is possible to customize this URL, for now just note the terminology and the numbering system.

If you scroll down on the page, you will see an area to add comments because you’re viewing your post as a site admin. 

Admin view with ability to comment.

It is often informative to view your website as a casual visitor by accessing it from another browser, one where you are not logged in as a site admin. By default, your visitors can view comments, but are unable to create them. It is possible to adjust your site permissions to tweak these settings, but leave them as is for now.

Visitor view without option to comment.

Editing, Tags, and Images

  1. Return to your admin panel, then click Shortcuts > All content.
  2. Find the article you just published, then click .
  3. In the Tags field, enter a few tags, separating each with a comma.
  4. Attach an image to your post. In the Image section, click . Select any image from your local device, then click Open.
  5. In the Alternative text field, enter a short description of you image to assist screen readers and enhance accessibility.
  6. Click   when ready.
  7. Visit your page from another browser to see it as a visitor will. It should look something like:

Installing Your First Theme

  1. If this were an established site,  this is where you would back up your site as an insurance policy against a misbehaving theme. Because this is your first install, you may skip this step.
  2. From your admin panel, select Manage > Appearance.
  3. To open the Download & Extend page on the Drupal website in a separate browser window, click themes while pressing Ctrl (Windows) or Cmd (Mac).

  4. On the Drupal Download & Extend page, refine your search as follows:
    Maintenance status: Actively maintained
    Development status: Any
    Core compatibility: 8.x
    Status: Full projects
    Stability: Has a supported stable release
    Security advisory coverage: Has security advisory coverage
  5. Click . Scroll down until you see the Nexus theme, which is a relatively simple and versatile option for those new to Drupal. Click Read more.

  6. Whenever researching themes and their features, take time to read the Installation and Dependency notes. As noted in the description, the Nexus theme requires e jQuery Update module. Click the jQuery Update link to learn more.

  7. Good news! The Downloads section contains below note, so we’re good to install the Nexus theme:
  8. Return to the Nexus theme page. Scroll down until you see the green box containing version 8.x (it may read later than 8.x-1.4). Right-click on the tar.gz download link and copy it to your clipboard.


  9. Return to your site’s appearance page (Manage > Appearance). Click .
  10. In the Install from a URL field, enter the link you copied in Step 7. Click .
     Tip: It is also possible to download a module to your local device, then upload it using the Upload a module or theme archive to install option.
  11. Drupal will notify you of the result. To install the Nexus theme, click Install newly added themes.


  12. On your Appearance page, scroll to the Uninstalled themes section, find the Nexus Theme, and click Install and set as default.

  13. Once installed, click Back to site on the upper left. Enjoy your new theme! To revert to your default theme (Bartik), return to your Appearance page, find Bartik, and click Set as Default.

Installing Modules

Use caution when adding modules. Although adding modules is much like adding themes, it involves a little more risk because they can sometimes affect your site in unwelcome ways. Before adding any module, make sure you have a backup.

  1. If this were an established site, this is where you would back up your site as an insurance policy against a misbehaving modules. Because this is an early install, you may skip this step.
  2. To start the process, click Manage > Extend, then click .

  3. To open the Download & Extend page on the Drupal website in a separate browser window, click modules while pressing Ctrl (Windows) or Cmd (Mac).

  4. Repeat Steps 4 – 6 from the Installing Your First Theme section, but for your desired module instead of the Nexus theme.
  5. Repeat Steps 8 – 13 from the Installing Your First Theme section, but do so from your admin panel, using Manage > Extend admin panel instead of from Manage > Appearance.

Next Steps

Watch this space for Part 3 of our Getting Started with Drupal 8 series, where we’ll explore more ways to customize your site, keep it secure, manage comments, and more!

Posted in:
Drupal

Tags:

Source link