webjoke.de

The Early Bird registration is now open for the largest Drupal event in North America, DrupalCon Chicago 2026, happening March 23–26, 2026 in Chicago, Illinois. Don’t miss your chance to connect, learn, and celebrate with the global Drupal community.

For a limited time, secure your DrupalCon Chicago registration for just $575—the lowest price available!

Learn more and register now to get your ticket at the lowest price!

Don’t miss your chance to connect, learn, and celebrate with the global Drupal community.

When you buy a conference ticket, you’ll get access to:

• DrupalCon opening reception
• All general conference sessions
• All contribution sessions
• Keynote speakers, access to the Expo Hall, and raffle contest
• Trivia Night
• Lunch and coffee breaks
• Networking and mentorship

View the program at a glance now.

Stay at DrupalCon Chicago 2026 Headquarters

Make the most of your DrupalCon experience by staying at the Hilton Chicago, the official DrupalCon hotel.

DrupalCon is more than just sessions. The real magic happens in hallway track conversations, late-night discussions, and spontaneous coffee meetups. Book the conference hotel to stay close to it all.

Book your room at Hilton Chicago!!

DrupalCon Chicago 2026 Call For Speakers Deadline Approaching Soon

The Drupal Association is dedicated to creating an event that is welcoming and inclusive to everyone. The Call for Speakers for DrupalCon Chicago 2026 submission deadline is almost here!

Submitters may edit their submissions until 26 September 2025, 11:59 pm Central Time.

Submit your session soon!

Drupal 11.1 introduces a modern way to write hooks using PHP attributes, moving beyond the traditional procedural approach. This shift brings autoloading, dependency injection, better testability, and cleaner code organization—making hooks faster, smarter, and easier to maintain. Teade Geertsma of Emble explains how the new system works with practical code examples, covers ordering and backward compatibility, and highlights what remains procedural. A must-read for developers preparing their modules for Drupal’s object-oriented future.

We’re thrilled to introduce Glenn Hilton, one of the newest members elected to the Drupal Association Board, with her term beginning 1 November 2025.

Glenn is the Founder and CEO of ImageX, a Drupal agency that he established in 2001. Over more than two decades of leadership, Glenn has combined creativity with community to guide both his company and his career. His passion for open source and collaboration has made him an active participant in the Drupal community for more than ten years.

Beyond his role as CEO, Glenn is deeply committed to building strong teams and helping people reach their full potential. He believes that lasting success comes from relationships and from creating environments where individuals and communities can thrive.

We are thrilled to have Glenn bring this perspective to the Board. Here are his thoughts as he begins this new chapter:

What are you most excited about when it comes to joining the Drupal Association Board?
I'm excited to help shape the business strategy that ensures the long-term sustainability of the Drupal ecosystem. It is a unique opportunity to bridge the gap between agencies, contributors, and end clients while keeping Drupal both innovative and commercially viable.

What do you hope to accomplish during your time on the board?
I want to strengthen feedback loops with agencies and enterprise users so that we have stronger data to help us better understand and support the needs of those investing in Drupal. I also hope to help expand Drupal’s reach by improving how we communicate its value and create new paths for commercial growth.

What specific skill or perspective do you contribute to the board?
As CEO of a long-standing Drupal agency, I bring a business-first perspective rooted in delivery, growth strategy, and client expectations. With more than 20 years in leadership, I focus on scalable teams, efficient operations, and long-term partnerships.

How has Drupal impacted your life or career?
Drupal changed the trajectory of my agency and gave me a career grounded in purpose, global collaboration, and community. It is more than a platform, it is a values-driven ecosystem where even competitors work together with integrity and a shared mission.

Tell us something that the Drupal community might not know about you.
Outside of work, I am a real estate and architecture enthusiast and probably spend too much time analyzing floor plans. I have four amazing kids, one grandchild, a wonderful wife, and a deep passion for my faith in Jesus Christ.

Share a favorite quote or piece of advice that has inspired you.
“Leadership is not about being in charge. It is about taking care of those in your charge.” — Simon Sinek

We look forward to the contributions Glenn will make during her time on the Drupal Association Board. Thank you, Glenn, for sharing your time and expertise with the Drupal community. You can connect with Glenn on LinkedIn.

About the Drupal Association Board of Directors

The Drupal Association Board of Directors comprises 13 members with nine nominated for staggered three-year terms, two elected by Drupal Association members, and one seat is reserved for the Drupal Project Founder, Dries Buytaert. One seat  is reserved for the immediate past chair as a non-voting member. All Board terms start on 1 November of each year.

The Board meets twice in person for weekend retreat and about 5 times virtually each year.   The Board provides strategic guidance to the Drupal Association and oversight of the Association’s management, policy development, management, budget, and fundraising efforts.

How to use HTMX with forms in Drupal 11.3

After a shorter than expected time in the core issue queue the HTMX integration in now usable in Drupal Core, Let's see how we can use it! 

HTMX has a respectable pool of examples to choose from, today we'll focus on forms. How can we make an equivalent of the cascading select HTMX example in Drupal? 

theodore September 13, 2025

CodeLift migrated Cram-A-Lot’s e-commerce site from Drupal 7 with Ubercart to Drupal 10 with Drupal Commerce. The migration included over 100 configurable products, quote request workflows, and related content.

The approach involved replicating the production environment locally, using AI-assisted refactoring to update custom modules, and preserving the existing content architecture and field structures. Automated visual regression testing helped verify consistency across more than 40 screens.

The result is a Drupal 10 Commerce site that mirrors the original design and functionality while running on a modern platform, ensuring continuity for product data, quotes, and order workflows.

Drupal 7 has reached its end of life, which means no further support, security updates, or bug fixes. If new security flaws are discovered in your Drupal 7 instance, they won't be fixed, or if bugs start appearing, there won't be an active community working to resolve them. This builds huge technical debt for any organization. And technicalities aside, organizations must always meet compliance standards, data protection and accessibility regulations.

At the time of writing there are 7,151 reported installs of Drupal AI and adoption is accelerating. Every day, new examples emerge of how Drupal AI helps teams tackle real-world business challenges, optimise content management, streamline workflows, and improve user experiences. Yet, with so many organisations adopting Drupal AI, it can be challenging to uncover every use case.

Your Drupal AI use case could be featured—tell us how you’re innovating

We want to hear from you! If your organisation is using Drupal AI—whether you are a Drupal certified partner, AI Maker, agency, end customer, or an independent consultant—we invite you to share your story. You could be featured in a guest blog post or invited to participate in a webinar, helping others understand the practical applications of AI.

Get in touch to let us know how you are putting Drupal AI to work.

Drupal AI in action: examples from local government and education

Southwark Council, London: is transforming how it brings content online. Their digital estate holds over 2,000 PDFs, most designed for print rather than web consumption. A new AI PDF Importer, developed for the LocalGov Drupal, is helping convert these static documents into accessible, structured, and user-friendly web content. By integrating AI-powered automation, the project addresses pagination, heading hierarchies, image extraction, and link mapping, reducing a process that previously took hours to just seconds, and making vital information more accessible for residents.

University of Edinburgh, Scotland: has developed an AI tool, created during an internship, integrated into its Drupal-based content management system, EdWeb. Leveraging Drupal AI and a new “AI Agents” framework, the tool allows content editors to interact with specialised AI agents, such as a style guide agent and a site maintenance agent. These agents access trusted university resources, including the editorial style guide and acronym database, to provide context-aware guidance and support for publishers.

Artevelde University of Applied Sciences, Ghent, Belgium: is advancing knowledge on AI-assisted development through student contributions. Witze Van der Straeten has published a tutorial on converting Figma designs into Drupal components, illustrating how Drupal AI can significantly accelerate the process of turning designs into functional solutions.

These examples demonstrate the broad range of applications for Drupal AI, from local government to higher education and the wider ICT community, showing how AI can make content management smarter and more efficient. Of course Drupal AI has many other applications and we want to hear yours!

Share your Drupal AI achievements and help others learn

We want to showcase how organisations are using Drupal AI, whether in research, pilot, beta, or full production. Share your experience and you could be featured in a blog or invited to a webinar, helping others understand the practical impact of AI with Drupal.

Contact us to tell your story.

Explore 23 AI-powered Drupal modules that transform how you create, edit, and manage content. From intelligent page builders to real-time collaboration and automated media handling, this curated list by The DropTimes highlights the tools driving the future of content in Drupal.

Artificial Intelligence (AI) is becoming part of everything we do at Tag1, from performance testing to content workflows, as we continue to prove its value inside our own operations first. This post launches our AI content series, sharing how we’re applying AI in practice, what we’re learning along the way, and the principles guiding us to deliver business value without the hype.

Jeremy Thu, 09/11/2025 - 14:05

Varbase is our flagship solution, an enterprise-ready Drupal distribution that provides a strong foundation for any digital project. And like any other software, having regular updates and smart workflows in place will help the software realize its full potential. In this post, we'll cover: Latest Varbase features and release highlights Best practices for long-term longevity and security Recommended maintenance checklist you can adopt today   What’s New in Varbase Varbase 10.0.x and beyond bring major improvements, smart defaults, modern tools, and optional AI integration. Feature highlights:

Varbase is our flagship solution, an enterprise-ready Drupal distribution that provides a strong foundation for any digital project. And like any other software, having regular updates and smart workflows in place will help the software realize its full potential. In this post, we'll cover: Latest Varbase features and release highlights Best practices for long-term longevity and security Recommended maintenance checklist you can adopt today   What’s New in Varbase Varbase 10.0.x and beyond bring major improvements, smart defaults, modern tools, and optional AI integration. Feature highlights:

Unmanaged files in Drupal? Yes, there's a time and place. In this practical tutorial, veteran developer Jeff Greenberg walks through a real-world use case where skipping Drupal's file management system results in a cleaner, faster solution. Learn how to structure, access, and display hundreds of images without cluttering your database—or your sanity.

Join John and Steve as they delve into the intricacies and challenges of maintaining Drupal modules, comparing experiences with WordPress, and sharing their journey in making web development more accessible. They discuss their personal stories, the learning curve in module development, balancing user experience, and the importance of contributing back to the community. Learn about their current projects, thoughts on AI's role in accessibility, and get inspired by their dedication to improving the web for all users.

For show notes visit: https://www.talkingDrupal.com/cafe010

Topics

• Drupal Beginnings: Personal Stories
• Journey into Module Development
• Accessibility in Web Development
• Navigating the Learning Curve in Development
• The Importance of Community and Collaboration
• Challenges in Module Maintenance
• Comparing Drupal and WordPress
• Innovative Approaches to Development
• Pet Peeves and Frustrations
• Future Directions and AI Integration
• The Story Behind the Shovel Avatar

Steve Wirt

Being a Developer and Tech Lead at CivicActions has exposed him to the experience of working on some of the largest government websites in the United States. A passion for opensourcing as much as possible has lead him to develop a growing number of modules, with two addressing accessibility Alt Text Validation & Node Link Report)

John Jameson

As the Digital Accessibility Developer at Princeton University, John has come to believe that the biggest barrier to accessible content is the idea that training can compensate for unintuitive authoring interfaces. So far his work to fix the authoring interfaces, to make workflows intuitive and accessible by default, has resulted in the Editoria11y Accessibility Checker and Link Purpose Icons JS libraries and Drupal modules.

Guests

Steve Wirt - swirt John Jameson - itmaybejj

Resources

Modules

• Editoria11y Accessibility Checker https://www.drupal.org/project/editoria11y
• Link Purpose Icons https://www.drupal.org/project/linkpurpose
• Alt Text Validation https://www.drupal.org/project/alt_text_validation
• Node Link Report https://www.drupal.org/project/node_link_report

Talking Drupal #490 Contrib First https://talkingdrupal.com/490 Contrib First https://guidebook.civicactions.com/en/latest/common-practices-tools/contribution/contrib-first/

Jorge Tutor, CIO and co-founder of Metadrop, shares what he’s learned from two decades of building digital products, leading teams, and bridging the gap between business goals and technical execution. In this candid conversation, he explains why clarity—not code—is often the deciding factor in whether a project succeeds or stalls, and how systems thinking, coaching, and open source all play a role in getting it right.

All the deep dives about Drupal's future at DrupalCon Vienna

In the past month or so I had the opportunity to record videos featuring key DrupalCon Vienna sessions where you can learn about where Drupal is going. With only a couple days left to buy regular tickets, I think it is a good time to review my suggestions. 

Gábor Hojtsy Wed, 09/10/2025 - 18:03

Embrace ECA: The Future Beyond Classic Module Development Richard Papp Wed 10 Sep 2025 - 15:39

If you've been building Drupal sites for a while, you know the pattern: a new requirement comes in, you reach for a custom or dust off an aging contributed module, and before long your code base is a patchwork of narrowly-focused solutions. Over time, maintenance becomes a chore.

There's a better way.

Colombian Drupal agency Seed EM introduces Drup & Drop, a streamlined platform built on Drupal CMS that reduces setup complexity for organizations. The solution combines optimized configuration, modular architecture, and secure hosting to accelerate digital project launches while maintaining scalability and governance standards. Designed for multilingual and multisite deployments, the platform enables editorial teams to begin content publishing immediately while preserving technical customization capabilities for development teams.

Keeping your site up to date is essential, but it is only the beginning when it comes to web security. For Drupal site maintainers, this comes naturally thanks to a long-standing culture of best practices, code quality, and the dedicated work of the Drupal Security Team. But today’s threat landscape doesn’t just target vulnerabilities in code. It exploits infrastructure, automation, and scale.

This is where the Drupal Association and CrowdSec collaboration comes in. It combines deep application-layer awareness with a community-powered defense system to offer broader, more adaptive protection for the modern web.

Drupal’s Internal Security Culture

Drupal has earned a reputation for prioritizing security from the ground up. Core security practices, frequent updates, and responsible disclosure processes form the baseline. Modules like CAPTCHA, Honeypot, TFA, OAuth, and header hardening tools are widely used across websites to harden attack surfaces.

“We’ve always used a layered security model,” explains Jürgen Haas, a long-time Drupal contributor and maintainer of the CrowdSec Drupal module. “Before using CrowdSec, the Drupal Ban module helped us manually block problematic IPs, and we combined that with host-level tools like Fail2Ban or Apache’s security plugin.”

But that model has limits. For many Drupal sites, especially those with interactive features such as logins, registrations, and comment sections, malicious behavior can’t always be spotted at the infrastructure level. As traffic becomes more dynamic and attackers more sophisticated, another layer of protection is needed.

The Growing Challenge: Spam and Bots

Brute-force logins, spam submissions, scraping bots, and SEO manipulation are not new, but their sophistication is evolving. AI-generated content can now bypass traditional filters. CAPTCHA-bypass tools are widely available. And attacks are no longer personal. They are automated and global.

One Drupal community member running a high-traffic political forum suffered frequent spam attacks that rendered the site nearly unusable. Implementing CrowdSec almost immediately resolved the issue. However, it also revealed new challenges around legitimate traffic coming from sources like Tor. It is a reminder that today’s security work is not only technical but also must be ethical and nuanced.

CrowdSec: A Community Approach to Protection

CrowdSec is a free and open source security engine that detects aggressive behaviors and shares signals with a global network. If a malicious IP is attacking other sites, CrowdSec users benefit from that real-time threat intelligence. The Drupal module brings this collaborative protection directly into the CMS layer.

Initially, Jürgen was skeptical. “I used to think you should block threats early, at the server level,” he admits. “But I came to understand that some patterns of abuse, like brute force or spam, only emerge over time within the application. Drupal is in a unique position to spot them.”

That is where the Drupal integration shines. It enables behavior-driven detection that contributes to our global reputation network, without tracking personal data. The result is smarter, faster protection, especially when combined with traditional host-level defenses.

Why CrowdSec and Why Now

“We were already researching CrowdSec as a potential replacement for Fail2Ban,” Jürgen explains. “It’s easier to configure, and the crowd-sourced decision-making is what really convinced us. The idea that we all benefit from what others observe is a very open source way of thinking.”

The Drupal module allows CrowdSec to gather rich behavioral context from inside the CMS, something not possible from logs alone. Current efforts are focused on building APIs to allow other Drupal modules to contribute signals, from spam protection to user activity patterns.

“There are a dozen modules already doing great work spotting bad behavior,” says Jürgen. “Imagine if they could all contribute signals. The insights we could gain and share would be huge.”

Real-World Use and Future Evolution

Today, the CrowdSec module is running on dozens of Drupal sites, protecting everything from portals to customer platforms and content-rich applications. The roadmap includes:

• Richer behavioral context to improve upstream signals
• A signal-sharing API that enables other modules to contribute
• Enhanced reporting in the Drupal backend to show impact
• Improved documentation to help users understand and build on the module
   

On the infrastructure side, most deployments run on LAMP stacks, with a gradual shift toward Docker-based hosting. Regardless of setup, the goal is the same: stop threats efficiently, collaboratively, and without compromising the openness of the web.

Rooted in Open Source Ethics

What sets this partnership apart is not just the technology. It is the shared values. Drupal Association and CrowdSec are both rooted in transparency, collaboration, and community-driven improvement.

“CrowdSec's approach feels intuitive to people from open source communities,” says Jürgen. “You contribute data, benefit from what others share, and improve things together.”

Security is often treated as a premium feature, locked behind proprietary platforms. This partnership challenges that idea. It shows how powerful, scalable security can be built in the open, shared freely, and improved collectively.

Together, We Can Build a Safer Web

Security is not a static checklist. It is a living, evolving effort. As attackers innovate, so must defenders. That is why this partnership invites not just users, but contributors.

Here’s how to get involved:

• Try the CrowdSec Drupal module and explore what it can do
• Share your experience with others in the CrowdSec community and Drupal Security Team
• Contribute your story to help others improve their defenses
   

Security is not just about stopping bad actors. It is about protecting the values that make open source and the open web possible. Through this partnership, the Drupal Association and CrowdSec are helping build a more resilient internet. One where collective action protects everyone.

Safer together.

Keeping your site up to date is essential, but it is only the beginning when it comes to web security. For Drupal site maintainers, this comes naturally thanks to a long-standing culture of best practices, code quality, and the dedicated work of the Drupal Security Team. But today’s threat landscape doesn’t just target vulnerabilities in code. It exploits infrastructure, automation, and scale.

This is where the Drupal Association and CrowdSec collaboration comes in. It combines deep application-layer awareness with a community-powered defense system to offer broader, more adaptive protection for the modern web.

Drupal’s Internal Security Culture

Drupal has earned a reputation for prioritizing security from the ground up. Core security practices, frequent updates, and responsible disclosure processes form the baseline. Modules like CAPTCHA, Honeypot, TFA, OAuth, and header hardening tools are widely used across websites to harden attack surfaces.

“We’ve always used a layered security model,” explains Jürgen Haas, a long-time Drupal contributor and maintainer of the CrowdSec Drupal module. “Before using CrowdSec, the Drupal Ban module helped us manually block problematic IPs, and we combined that with host-level tools like Fail2Ban or Apache’s security plugin.”

But that model has limits. For many Drupal sites, especially those with interactive features such as logins, registrations, and comment sections, malicious behavior can’t always be spotted at the infrastructure level. As traffic becomes more dynamic and attackers more sophisticated, another layer of protection is needed.

The Growing Challenge: Spam and Bots

Brute-force logins, spam submissions, scraping bots, and SEO manipulation are not new, but their sophistication is evolving. AI-generated content can now bypass traditional filters. CAPTCHA-bypass tools are widely available. And attacks are no longer personal. They are automated and global.

One Drupal community member running a high-traffic political forum suffered frequent spam attacks that rendered the site nearly unusable. Implementing CrowdSec almost immediately resolved the issue. However, it also revealed new challenges around legitimate traffic coming from sources like Tor. It is a reminder that today’s security work is not only technical but also must be ethical and nuanced.

CrowdSec: A Community Approach to Protection

CrowdSec is a free and open source security engine that detects aggressive behaviors and shares signals with a global network. If a malicious IP is attacking other sites, CrowdSec users benefit from that real-time threat intelligence. The Drupal module brings this collaborative protection directly into the CMS layer.

Initially, Jürgen was skeptical. “I used to think you should block threats early, at the server level,” he admits. “But I came to understand that some patterns of abuse, like brute force or spam, only emerge over time within the application. Drupal is in a unique position to spot them.”

That is where the Drupal integration shines. It enables behavior-driven detection that contributes to our global reputation network, without tracking personal data. The result is smarter, faster protection, especially when combined with traditional host-level defenses.

Why CrowdSec and Why Now

“We were already researching CrowdSec as a potential replacement for Fail2Ban,” Jürgen explains. “It’s easier to configure, and the crowd-sourced decision-making is what really convinced us. The idea that we all benefit from what others observe is a very open source way of thinking.”

The Drupal module allows CrowdSec to gather rich behavioral context from inside the CMS, something not possible from logs alone. Current efforts are focused on building APIs to allow other Drupal modules to contribute signals, from spam protection to user activity patterns.

“There are a dozen modules already doing great work spotting bad behavior,” says Jürgen. “Imagine if they could all contribute signals. The insights we could gain and share would be huge.”

Real-World Use and Future Evolution

Today, the CrowdSec module is running on dozens of Drupal sites, protecting everything from portals to customer platforms and content-rich applications. The roadmap includes:

• Richer behavioral context to improve upstream signals
• A signal-sharing API that enables other modules to contribute
• Enhanced reporting in the Drupal backend to show impact
• Improved documentation to help users understand and build on the module
   

On the infrastructure side, most deployments run on LAMP stacks, with a gradual shift toward Docker-based hosting. Regardless of setup, the goal is the same: stop threats efficiently, collaboratively, and without compromising the openness of the web.

Rooted in Open Source Ethics

What sets this partnership apart is not just the technology. It is the shared values. Drupal Association and CrowdSec are both rooted in transparency, collaboration, and community-driven improvement.

“CrowdSec's approach feels intuitive to people from open source communities,” says Jürgen. “You contribute data, benefit from what others share, and improve things together.”

Security is often treated as a premium feature, locked behind proprietary platforms. This partnership challenges that idea. It shows how powerful, scalable security can be built in the open, shared freely, and improved collectively.

Together, We Can Build a Safer Web

Security is not a static checklist. It is a living, evolving effort. As attackers innovate, so must defenders. That is why this partnership invites not just users, but contributors.

Here’s how to get involved:

• Try the CrowdSec Drupal module and explore what it can do
• Share your experience with others in the CrowdSec community and Drupal Security Team
• Contribute your story to help others improve their defenses
   

Security is not just about stopping bad actors. It is about protecting the values that make open source and the open web possible. Through this partnership, the Drupal Association and CrowdSec are helping build a more resilient internet. One where collective action protects everyone.

Safer together.

Since late August, Acquia has been gradually upgrading from Solr 8 to Solr 9, a process that will culminate with the migration of production environments in the second half of September. This upgrade brings significant improvements and changes that require the attention of development teams.

Choosing the self-service path gives you more control over the timing of the upgrade and the ability to verify your custom configuration before the date scheduled by Acquia. This proactive approach ensures a smooth transition and guarantees that your website's search functions stably in production.

This article details the process for performing a self-service Solr 9 upgrade in Acquia environments, focusing on key configuration aspects in Drupal and the management of custom configsets.

What does the change to Solr 9.8 entail?

Solr 9 represents a significant evolution, built on Lucene 9, bringing improvements in index management, query efficiency, and a more modern and secure foundation. Among the most notable innovations is native capability for vector search (KNN and embeddings), opening the door to semantic and AI-driven search functionalities.

Key aspects to consider for configuration primarily revolve around changes in format and module management.…