Security - I'd rather use a static site generator

Today, from the Drupal Security Team…

There will be a security release of Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28th 2018 between 18:00 - 19:30 UTC, one week from the publication of this document, that will fix a highly critical security vulnerability. The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days.

See https://www.drupal.org/psa-2018-001.

Drupal, WP, and others certainly have their place, but I’m sure glad I’ve limited my clients’ exposure by migrating most sites from traditional CMSs to static sites.

Yuck.

I still have one Drupal site running. My inbox this morning…

image2298×1064 444 KB

sounds familiar almost everyday headache with these cms’s

I am slowing moving all blogs and marketing sites to Hugo or a middle ground for e-shop’s with headless to nextjs.

I have 1 site with Drupal using this https://next-drupal.org works great

In the near future should 1 expect static/ dynamic page generation with Hugo similar to next.js but based on golang instead of js.

The ability to “deploy and forget” and “no security updates” are always my main points when I talk a customer in to using Hugo.

The need to constantly keep Wordpress, Drupal and any other CMS plus plugins/modules/extensions updated add a lot of cost and hassel over the years.

I worked with Drupal sites for over ten years but now I have none left that I maintain. I work on one big Django project and the rest is Hugo.

Hugo made the web fun again for me!

I generally frown upon bumping old topics, but… I still have one active Drupal site. And my Inbox this morning:

image708×275 13.1 KB

Any specific reason why you haven’t made it static yet?

Ouch. Combination of laziness and hope (as in, I hope it will be abandoned).

Reminds me of those incessant security emails from WP. I am glad I ditched it three years ago.