Security - I'd rather use a static site generator

Today, from the Drupal Security Team…

There will be a security release of Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28th 2018 between 18:00 - 19:30 UTC, one week from the publication of this document, that will fix a highly critical security vulnerability. The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days.

See https://www.drupal.org/psa-2018-001.

Drupal, WP, and others certainly have their place, but I’m sure glad I’ve limited my clients’ exposure by migrating most sites from traditional CMSs to static sites.

Yuck.

8 Likes

I still have one Drupal site running. My inbox this morning…

5 Likes

sounds familiar almost everyday headache with these cms’s

I am slowing moving all blogs and marketing sites to Hugo or a middle ground for e-shop’s with headless to nextjs.

I have 1 site with Drupal using this https://next-drupal.org works great

In the near future should 1 expect static/ dynamic page generation with Hugo similar to next.js but based on golang instead of js. :slight_smile:

1 Like

The ability to “deploy and forget” and “no security updates” are always my main points when I talk a customer in to using Hugo.

The need to constantly keep Wordpress, Drupal and any other CMS plus plugins/modules/extensions updated add a lot of cost and hassel over the years.

I worked with Drupal sites for over ten years but now I have none left that I maintain. I work on one big Django project and the rest is Hugo.

Hugo made the web fun again for me!

2 Likes