By: Akshita
December 7 2018

Google will Never Tell you About These Best Drupal Practices

In this blog, we will talk about the best practices which will help you enhance your user experience from good to better and how Drupal 8 can be a game changer in this quest. 

Often we have heard how Drupal is not for beginners. While setting up a Drupal website has become a lot easier with Drupal 8.6, a good website is not just about setting up some web pages under a single domain name. 

Google processes over 3.5 billion searches per day.

A stale site, which is not usable, loads slow and you risk leaving your potential customers frustrated, reflecting poorly on your business. While maintenance should never be out of the plan, investing in some good practices can result in the longevity of your website and business alike.  

a man pointing finger on the screen in english clothes


Here are some of the best Drupal web development practices to ensure your website is as much providing a great user experience as it helps you rank your content on Google page 1. 

8 Best Drupal Practices

Creativity isn’t alone when it comes to considering, there are many other factors which can influence your reputation in the online market. 

Drupal’s Architecture

A healthy architecture will not only ensure the demands of different stakeholders is met, but also that the site remains robust for future initiatives as well. 

Make your architecture robust. 

On a basic level, your content structures must include all the fields and content types. A clean content architecture not only helps ensure good performance but a great user experience, and easier maintenance too. 

Although a well-maintained website is critical, you can’t do much if the base is full of errors. 

Less is always more. 

In your development plan choose limited content types and fields so as not to confuse your content creators. Drupal is a powerful tool for displaying content in different formats, languages, and screens. 

Configuration plays an important role in architecture. 

In simple words, configuration is the collection of settings of how the default site functions for the admin as against the popular notion of the placement of content on the website. It includes site name, the content types and fields, taxonomy vocabularies, views and so on.

You can also check out this video by Pantheon on Drupal 8 architectural practices.

Site configuration data in Drupal is consistent, everything from the list of enabled modules, content types, taxonomy vocabularies, fields, and views can be done easily. 

Your approach must be flexible. 

In the basic level, you must use a new entity type for different types of data. In case of similar data types, use bundles for a single entity type. However, for modules, they are designed to work with Nodes, and not other entity types. 

Using nodes is easy, as it allows to create a new content type through the admin interface without much coding against the case of creating entities which require coding. As a developer, your approach should be flexible. 

Bonus tip: Don’t make configuration changes on a live site without testing them locally.

Check the Codes

We all know how good coding helps improve quality and get better results. Basics should be to start with simple codes. Remember, it is always difficult to modify complicated codes in the future. Thus, you should keep your coding simple for the longer run.

Drupal coding standards are version-independent and "always-current". All new codes follow the current standards, regardless of (core) version. In case you want to update existing code for the current standards, always create separate and dedicated issues and patches instead of squeezing into unrelated patches.

Remember to use US English standards for spellings in your code, which means it will be "color" not "colour".

Here are the top 6 coding practices by Drupal.org:

  1. Use an indent of 2 spaces, with no tabs and the lines, should have no trailing whitespace at the end.
     
  2. All binary operators (operators that come between two values), such as +, -, =, !=, ==, >, etc. should have space before and after the operator, for readability.
     
  3. Control statements should have one space between the control keyword and opening parenthesis, to distinguish them from function calls. Control structures include - if, for, while, switch, etc.
     
  4. All lines of code should not be longer than 80 characters. Lines containing longer function names, function/class definitions, variable declarations, etc are allowed to exceed 80 characters. Conditions should not be wrapped into multiple lines.
     
  5. Arrays should be formatted using short array syntax with a space separating each element (after the comma).
     
  6. When unconditionally including a class file, use require_once(). When conditionally including a class file, use include_once(). In either case, it will ensure that class files are included only once.

You can use Coder for coding standards validation without loading Drupal. 

Infrastructure

Infrastructure covers the stack your website lives on, including the server, the database, and any software layers, such as Varnish or Memcached, which ensure your visitors have a snappy experience. Planning the infrastructure from the start and developing in the same environment can greatly reduce variables and risk at launch time.

Having reliable multiple environment configurations and a solid disaster recovery plan shouldn’t be left to last-minute decisions. When it is, mistakes start arising. Here are a few tips to avoid the most common errors.

Best Practice:

  • Size your stack correctly, not too large, not too small. This can ensure you’re economically prepared for anything.
     
  • Bottlenecks can arise from the hardware or from processes hogging memory.
     
  • Check logs for errors and prepare for growth and spikes. Your stack is only as fast as the slowest component. Focus your efforts there; you’ll probably find low hanging fruit.
     
  • In terms of security, it’s crucial to configure to protect from internal attacks as well as external attacks

Optimize the Frontend

The frontend is more than just theming. 

While the features and their functioning depends on the backend, the usability and aesthetics depend on how well the frontend is taken care of. 

Performance of the website is shouldered equally between both.

“..powerful, adaptable, accessible, clear, concise, natural.”

Quickly brushing up the basics, here’re the best Drupal frontend practices: 

  1. Define component elements (sub-objects) using their own classes. This is to avoid relying on markup structure and overly-generic class names, prefixing them with the component’s name followed by two underscores. 
     
  2. Thoroughly exercise and test your site and resolve any PHP errors that are displayed during theming development.
     
  3. Use a stable administrative theme during development.
     
  4. Use DRY CSS and group reusable CSS properties together. Name these groups logically. 
     
  5. Name components using design semantics. HTML elements already impart semantics on the content and machines cannot derive content-level semantics from class names.
     
  6. In order to reduce the load on the frontend performance of your website:
     
    • Minify JavaScript, CSS, and HTML
    • Aggregate JavaScript and CSS
    • Enable gzip compression
    • Use lazy loading for site assets
    • Keep Inline background images under ~4KB in size
    • Remove unused CSS
    • Use efficient CSS selectors
    • Download 3rd party scripts asynchronously
       
  7. Use SASS to keep your responsive design more organized

Test, Error. Repeat. QA is Important

It is very important to keep the quality of your website an utmost priority before you move on to other technical stuff. While this might feel like a lot of work for your lot to do, it can make an actual difference. A review by your peers (is a must) will help you get an additional idea of how things look and should work.

Successful regression testing gives you the much-needed confidence.

It is also very important that you keep an eye on previous things while adding new stuff. The testing framework PHP unit is inbuilt in Drupal 8. By setting up the testing environment, websites can be tested easily (as samples of test cases which have been written by the community are already available).

Drupal has a very active community support. With almost 1,00,000 active developers who write test cases (which are later merged into Drupal) and submit solutions. With this, you can say that Drupal is quick in providing you with solutions to your problems.

Aim for Google Page 1. Don’t Forget the SEO 

75% of users don’t even click past the first page! 

Starting with the search, it is very important that the user gets the best results in her first search. Now, as a user, you must have tried different keywords in an attempt to connect to the content of your website. Here comes the art (and science) of SEO. 
Drupal offers a suite of SEO modules. However merely deploying the modules isn’t enough, it is important to configure and enable them as well. 

The SEO best practices include: 

  1. Using Robots.txt, so the right pages and information is indexed. 
     
  2. Ability to customize page titles and metadata. Also, it should be capable of automatically populating these respective fields as per SEO norms and best practices. 
     
  3. Navigational drop-down menus are crucial internal link structures, silently contributing to search engine optimization. They establish relevancy and hierarchy across your website to help search engines index them in from the beginning of time. It should also provide easy customization of navigation menus.
     
  4. URL aliasing must be enabled with Pathauto as it ensures the search engine understands what the webpage implies. 

Security Practices

Security is a vast area of expertise and it is quickly changing with time. While the list of do’s and don'ts is extensive and exhaustive to keep up with the threats, vulnerabilities and mitigation strategies, here are the best Drupal security practices to follow in order to keep up the health and security of your website. 

  1. Keep your core updated: A key practice, keeping the core updated will always be the first when listing healthy security practices. Always look out for core updates (include the minor releases as well). In all of its advisories, the Drupal Security Team asks for updating the core version of the system. 
     
  2. Use additional security module: When covering security, there is nothing as better than equipping yourself with more and more. To keep the walls up high, you can use the additional security modules like security kit, captcha, and paranoia. Drupal Security Review can be used as a checklist to test and check for many of the easy-to-make mistakes making your site vulnerable.  
     
  3. But use only security team approved modules: Your site probably uses a number of contributed modules, although that’s not an issue. Using the stable and approved modules is where the key lies. This is especially worth noting for contrib modules which are more susceptible to vulnerability.

    Always look out for the green batch when downloading a contrib module. Rest, as the advisory reads, Use it at your own risk! 
     
  4. Keep Up your Backup:  As an administrator, you have to be prepared for all uninvited events.

Drupal’s open-source basics give it a possibility that it is updated frequently with more and better security modules. 

Maintenance Practices

The life cycle of a website begins from initial plans and extends to the end of the site. The site exists in three different phases: development, deployment, and maintenance. After the site is launched, your website lifecycle practices become critical to the success of changing and maintaining your site.

  • Keep your code under version control.
  • Maintain separate environments for the different stages of the site, and keep them up to date.
  • Restrict access to the production site for all but the most trusted users.
  • Review all logs periodically, including Apache, Drupal, and MySQL.
  • Review and assess your architecture periodically, and plan for the future.

At OpenSense Labs, we understand how important your website is to you. Reach out to us at [email protected] to get a holistic view on how to enhance your user experience.