
We’re excited to hear your project.
Let’s collaborate!
Imagine your Drupal site as a... patient who has received the wrong diet (or who simply hasn't been told that he should stick to a special diet in the first place) and all the wrong medication, as well. A silly metaphor for the most common Drupal mistakes that you might have been making on your website.
... and whom (your website “patient”) you're now striving to train for the Olympics, meaning to boost its overall performance.
It's not going to work unless you “detect” those common issues deriving from improperly handling your site and from deviating from Drupal's best practices. And not before you get them fixed, obviously.
And how can you know for sure whether you are making these “popular” mistakes on your Drupal website?
Easy! You just give an honest answer to each one of the 7 questions from our little “investigation” here below.
Ready?
Just admit it!
And then try counting how many times you placed the Drupal Core and Contrib Drupal Security Advisory at the very end of your priority list. Or just how many times you ran the suggested upgrades selectively?
The more time has passed since you stuck to this “bad habit”, the more vulnerable your Drupal site's become.
This is, undoubtedly, one of the common Drupal mistakes and the “ultimate” source of the most security threats.
Note: For instance, if it's an unacceptably long period of time that we're talking about since you stopped maintaining your website properly (if it runs on a version older than Drupal Core 7.32), then it stands all the chances to have turned into an easy target for Drupageddon attacks.
This is precisely what you get when you're being negligent in managing your unused modules (or themes).
Those modules that maybe you just installed and took out for a quick spin, fascinated with their much-talked-about functionality, and that you no longer use. Yet you just leave them... be. And weight down your database with an unnecessary load of source code.
Some of them might be lingering there since... your site's early days. Think of all the developer and administration modules (e.g. Devel or View UI) which shouldn't be overburdening the production version of your website.
Yet, they still do!
They're just being tolerated and gradually turning themselves into some major security issues if no one in your team deals with Security Advisories regularly.
The solution to this issue, that can easily make it to top 3 most common Drupal mistakes, is as clear as daylight: uninstall all the modules and themes that you're no longer using! Don't just bundle up unnecessary overhead.
And while the solution is ridiculously handy, the benefits are definitely worth the time and “effort”:
Just skip this question if it's a Drupal 8 website that you own. For this specific module has been (thank God!) removed from Drupal 8 core.
Now, getting back to the PHP Filter module, which many site owners decide to enable (like you, probably), here's why you should rush to... uninstall it:
If so, then the JavaScript and CSS files that Drupal renders in HTML can be easily bundled up and compressed.
But if not properly configured, your users' browsers will be forced to process far more requests in order to render your web pages' content. Which will inevitably impact your site's page load times.
Or not? Don't be too harsh on yourself if you have, indeed, “overused” the user roles system. It's, undoubtedly, one of the most common Drupal mistakes website owners make after all.
And what else could you have done when the default user roles that Drupal provided you with just didn't fit the specific permission levels you had in mind for your users, right?
You went ahead and created your own roles...
Unfortunately, these newly custom-made roles can easily:
Or have you simply overlooked it entirely? Have you just disabled HTML filtering from the HTML Input Filter completely?
By configuring the Full Input Format for ALL your users, you're basically granting everyone permission to post HTML on your website. This way, you're just opening a gateway for any user to embed malicious code on your Drupal site.
Even a banal little thing such as an image tag can easily turn into an "injectable solution", a dangerous one, in the hands of an ill-intended user who can post HTML on your website just like that.
Now here's what you should do to avoid this scenario:
Do you need ALL the content types currently overcharging your database (considering the fact that three database tables get added to your database with every new content type that you bring on)? Are you actually using them all?
For, it not:
And now the solution to this issue, for certain one of the top most common Drupal mistakes:
Just run an inventory of all your content types, sort them into used and no longer used ones and... just "trim the fat"! Get rid of those that are just filling in space in your database!
This is our top 7 mistakes that you, too, are probably making on your Drupal site (even if not all of them).
Now that we've exposed them to you we can't but end our post with a conclusion/piece of advice:
The handiest way to optimize your website's performance is by preventing performance issues to occur, in the first place. Now that you have them “brought to light” it should be easier, with a little bit of effort, to avoid them, shouldn't it?
We’re excited to hear your project.
Let’s collaborate!