On the 28th of March 2018 the Drupal Security Team announced SA-CORE-2018-002, a serious Remote Code Execution vulnerability, which came to be known by many as "Drupalgeddon 2". The patches to Drupal core were quite simple and Acquia implemented a platform-level mitigation within a few hours of the announcement. However, it was not trivial to reverse engineer the actual exploit(s), and it took a couple of weeks for credible Proof of Concept exploits to be published.…

Acquia Engage 2018, which takes place November 7-9 in Austin, Texas, is a sprawling event, broadly focused on what organizations need to know to stay ahead of fast-moving trends in the digital experience world. The Acquia Engage conference was started four years ago to connect Acquia customers, partners, prospects and team members in the spirit of learning and collaboration. It’s been a big success, helping professionals work together to address growing digital…

Cache tags are a game changer for your caching strategy in Drupal 8. Expiry vs invalidation Up until Drupal 8, Drupal has had one caching strategy called cache expiration. It cached computed output for a fixed period of time (e.g. 1 hour). There are two downsides to this approach: You cannot see newer content until the expiration time (time-to-live or TTL) had lapsed. You would have to compute output again after the expiration period even if nothing had changed.…

If you’re going to start a Drupal 8 project, and there are many reasons why this makes sense, you should start with Acquia Lightning. Because this flexible Drupal 8 distribution streamlines the process of building and delivering feature-rich Drupal 8 sites. It takes the guesswork out of Drupal 8 module selection and configuration for key features like media, page building, and workflow. The result: Acquia Lightning saves web developers and builders 30 percent or more…