Drupal 7 Site Maintenance and Support
Drupal 7 websites require maintenance and support to keep them running smoothly and to keep them secure from attackers. Security has become a key focus with the end-of-life date for the system set to November 2022.
GWS has extensive experience creating, managing and supporting Drupal 7 websites over the last 10 years - our team has worked with Drupal since 2008, and we have remained enthusiastic advocates for it with the release of versions 8 and 9. We have continued to use it to build client websites where custom functionality and log-in areas with fine-grained control of permissions are required.
We can host, maintain, and upgrade Drupal 7 websites to ensure your website and any critical web applications within your site continue to work normally until the point where you want them upgraded, or replaced with a new content management system. We have more information about upgrading Drupal 7 websites here [link].
We can also continue to develop your site with features and bugfixes (if any are needed), giving you breathing space while the best upgrade route for the future is considered.
If your Drupal 7 website is currently hosted on a shared server, we can advise on your best options - we may recommend moving it to a virtual dedicated server which provides more control of the server setup and will make it easier to keep your site functional and secure. It will also run faster and will not be affected to the same extent by the behaviour of other websites on shared hosting.
Areas we help with include:
- Providing appropriate and secure hosting. Many Drupal 7 sites were originally created for PHP version 5 which has passed its end-of-life date and is no longer supported. If you continue to run your website on an earlier version of PHP you are exposed to increased risks of hacking, data loss with associated reputational damage, and GDPR compliance violation. We can advise on and install secure PHP 5 versions to host your site, and also check to see whether your current hosting is secure. Most hosting will not be secure if it has a PHP version less than 7.3 or 7.4 (as of Autumn 2021).
- We can also assess whether your site will run on more recent versions of PHP 7. Most Drupal 7 sites have custom code in them related to special functionalities such as customer and staff login areas, or tools and calculators. We can advise on whether it is possible to modify your site to run on PHP 7 and carry out this work. We are experienced in upgrading custom code on your Drupal 7 to work with supported versions of PHP 7, extending the lifespan of your website and increasing the return on your original investment.
- With Drupal 7 approaching end of life in November 2022, many contributed Drupal 7 modules have been discontinued or have known security issues which are not going to be fixed. This affects Drupal 7 sites which make use of these modules; we often see this affecting sites which used more modules than were strictly needed. We can advise on what to do to replace discontinued modules or work around their flaws.
- We can help mitigate the risks of running unsupported modules or custom code in your Drupal 7 website, with a security assessment of the custom code and the privilege levels within the website, followed by appropriate action to deal with the main risks identified.
- We can help mitigate overall risk to your Drupal 7 website with the use of a web application firewall, which will block most known attacks. This can make all the difference particularly if there are unsupported modules or parts of your site that cannot be upgraded. There are a number of different options available, and we can advise on the best solution for you.
- We can advise on setting file and folder permissions to levels which significantly reduce the chances of your site being compromised (including the option of using SELinux).
- We can provide a tripwire script to log changes to key files, and alert you to any changes which look suspicious. This is no substitute for the other steps outlines above, but it means there is an immediate log available of changes and a notification email in the event that your website is compromised.
- When the time comes, we can help you to upgrade to Drupal version 9 or 10, and we can assess the work involved in that process and the best way forwards. Some Drupal 7 sites are best remade in WordPress, but for most of them the best way forward is a move to Drupal version 9 - well established and with an excellent upgrade path for content and custom content types, which will typically save a huge amount of time compared to porting the site to a different CMS.
We can also advise on long term support for Drupal 7 after its official end of life date, if the upgrade route to Drupal 9 or 10 is not feasible.
We are happy to discuss your individual requirements and answer any questions you may have if you would like to contact us.
Please note that we charge a standard rate of £190+VAT to provide costings and recommended options for your site, following on from an initial free consultation (this can be a phone consultation, a Zoom-based virtual consultation or a face-to-face meeting at our premises in Bristol).
In order to provide those costings and recommended options we will need sFTP and database access (or a file and database dump) of the current website, and any details you may have where there is custom server configuration.