Administering a Drupal site

Getting started with Drupal administration

This section is an introduction to site administration for new Drupal users.

Managing content

This sections provides a basic introduction on how to manage content in Drupal.

Multilingual guide

Multilingual guide for Drupal 8 or higher.

• Choosing and installing multilingual modules
• Translating content
• Translating site interfaces
• Install a language
• Enable language negotiation
• Translating configuration
• Adding a language to Drupal core
• Setting the language for administration pages

Checklist for launching a site

This is a checklist of things to remember to do before launching a Drupal web site

Configuration management

This guide explains how to import and export your site's configuration and manage it with version control.

• Managing your site's configuration
• Workflow using the Drupal UI
• Workflow using Drush
• Changing the storage location of the sync directory
• File system based workflow
• Development modules excluded from configuration management
• Keeping Your Local and Remote Sites Synchronized

Creating a static archive of a Drupal site

How to produce a static mirror of a Drupal website.

Cron automated tasks

Configuring 'Cron' automated tasks for your Drupal site.

• Cron automated tasks overview
• Automated Cron

Managing site performance and scalability

Managing site performance and scalability

• Blazy
• Block bad bots and crawlers
• Content Delivery Network [CDN]
• Server Scaling
• Site monitoring tools
• Varnish
• Varnish

Node revisions

Drupal automatically creates a new revision whenever you edit a node. This allows you to see how the content has evolved over time and rever

Security in Drupal

Securing your Drupal site.

• Writing secure code for Drupal
• Security of generated PHP files
• Secure configuration for site builders
• Accepting Payments Online: Drupal and PCI Compliance
• Authentication improvements
• CAPTCHA configuration options
• CAPTCHA module: spam control
• Configuring cron for HTTP authentication
• Configuring text formats (aka input formats) for security
• Deleting users who have written nodes/comments can lead to access bypass
• Detection and Prevention
• Disable the permissions interface using Secure Permissions
• Egglue CAPTCHA
• Enabling HTTP Secure (HTTPS)
• Enhancing security using contributed modules
• Frequently asked questions
• Gotcha module: contact spam catcher
• Hashcash module
• Hide, obscure, or remove clues that a site runs on Drupal
• Hiding information from visitors
• Honeypot: spam bot form protection
• How to add CAPTCHA Challenge to a Content Type
• IP & email blocklisting modules
• Is Drupal secure?
• Known issue with cURL and outdated root certificates
• Legal issues helpers
• Login Security module / Lacking features / other modules & integration
• Miscellaneous security modules
• Moving all PHP files out of the docroot
• My site was defaced ("hacked"). Now what?
• Password management
• Preventing execution of untrusted PHP
• Privacy management
• Secure files using Encrypted Files (Version 1.x)
• Securing Authentication Credentials
• Securing file permissions and ownership
• Securing the admin super user (#1)
• Securing your site
• Session management
• Setting up digest authentication
• Spam control modules
• Spam module
• Tarpit spam trap
• US NIST Password Guidelines review
• reCAPTCHA

Uploaded file management

How uploaded files are managed, specially how they could be cleaned.

Internal Page Cache

In Drupal 8 or higher the Internal Page Cache module, which caches pages for anonymous users, is enabled by default.

Troubleshooting Drupal

How to make your Drupal installation work (again).

• How to ask for support from the Drupal community
• Broken site problems
• Fix Drupal 'Clean URLs' problems
• Restore the anonymous (user ID 0) user record
• View PHP settings using phpinfo()
• Fixing emails that vary only by case
• How to fix "The following module is missing from the file system..." warning messages