Why you can't make a website and forget about its maintenance
Web and mobile app development studios are familiar with this type of client who expects their product to work perfectly whatever happens to it. Neither time nor cataclysms can disrupt its work. As a web development studio, we would be in seventh heaven if we could create such applications, but the odds are against us.
And here is an example familiar to everyone.
When was the last time you have faced non-working mobile applications? The application itself may be properly functioning, but its new version does not work on older versions of the phone’s OS. The motive for not supporting an outdated OS is that the profit that, hypothetically, an application owner can get from users of phones with the outdated OS would not cover the costs of its support. In addition to economics, there are also technological grounds. If AR features are integrated into the application, and software and hardware of your mobile cannot run such technology, then, please, either update the OS version or buy a new phone.
Sadly, not all software product developers (including website developers) warn us just like Google Chrome. What’s worse is that outdated technology is not replaced by the updated version automatically. Outdated libraries versions of the Drupal core do not receive security support and turn into a source of vulnerabilities that no one fixes anymore. And if the library is vulnerable, then the site is vulnerable too. The old version of Drupal also becomes vulnerable. Therefore, you should plan a budget: for maintenance, Drupal upgrade to the latest version, and support in advance This will enable forestall disruption of the website or an important part of it and ensures the safety of your data and user data.
Website upgrade planning: what to check and how often
The example with the end of support for Symfony 3 demonstrates that we can plan support and maintenance, and switch to the newer software version in advance. But some tasks are much more urgent and critical. Let's try to grade them.
Website migration to a newer version and security support in Drupal
Security is an important reason to upgrade the CMS version. Inevitably, bugs and vulnerabilities in Drupal libraries, plugins, modules, and themes are discovered, exploited by attackers to sabotage your site. It leads to the loss of data and the trust of the users.
Between the release date of the new version and the end of support for the old version, you need to prepare for the upgrade to the latest version to ensure the website not only has the latest functionality but also works safely. Every minor or security release is attributable to the bug fixes by the Drupal development team. No bugs found and no fixes done - no new releases.
There is the concept of a release window. During this period, a new minor version or a patch version with fixed bugs might be released. Such a version is released no more than once a month (on the first Wednesday). There could be exceptions when bugs are so critical that it is impossible to wait for the planned minor version. And the new version is released out of turn. It can happen even once a week.
Security releases for contributed modules are usually coordinated by the security team as well. This version is released no more than once a month, on the third Wednesday.
The releases with fixes in the Drupal core usually don't happen that often; they are managed by a separate team that plans further complex fixes.
As for minor versions of the Drupal core, the frequency is more or less stable: once every six months.
You can read more about release cycles in the Drupal core release cycle: major, minor and patch releases post.
The renewal of the SSL certificate is implied by default. Likewise minor versions of the Drupal core, the frequency is more or less stable: once every six months. It is done automatically or manually 2 weeks before the certificate expires.
Сheck loading speed of the website
Run the site through PageSpeed Insights and optimize its performance every 5-6 months. JCH Optimize, WebP by Bart Vanhoutte, ImageAPI Optimize WebP, ImageMagick, TinyPNG, Advanced CSS / JS Aggregation, Minify Source HTML, Minify JS will come to your aid.
Compliance with accessibility guidelines
When you develop a website that is equally convenient for people with and without disabilities, you increase your audience reach, set an example for others, and thereby create a better world. About 1 billion people live in this world with various physical and mental disabilities that prevent them from interacting with everything that surrounds them on an equal basis with others.
ADCI Solutions has published an article on accessibility in which we define the main terms from this area, compare the design of an accessible and inaccessible website page, and talk about the legislative side of the issue. More information on what websites are subject to accessibility requirements, what the fines are for violators, can be found in the article Why accessibility is important.
Drupal provides website accessibility by default. The CMS includes:
- the special HTML elements (for example, language tags),
- description of images and alternative text,
- automatic tags to form elements,
- using headers for page navigations,
- controlled tab order for visually impaired and users who cannot use a computer mouse: now they can access all elements on the page.
For non-compliance with accessibility rules, the law is harsh. But most legal actions are taken against government agencies and those companies that work with them.
If the content on the site changes on rare occasions, then a check for compliance with the principles of accessibility can be carried out once every six months. But if the content is dynamic or often updated, then a check is carried out once a quarter.
The PHP version update
The currently supported PHP versions are 7.2, 7.3, and 7.4. One becomes unsupported once a year. So, support for version 7.2 will end on December 1, 2020.
Drupal 9 websites require PHP version 7.3 or higher. Updating the PHP version may require custom code fixes, patches for some unpopular modules, etc.
Tracking errors and crashes through Google Analytics
Review analytics for new bugs once a month and two days after every time the code is deployed.
The relevance of the codebase
The project should not have a legacy code - the old code that is no longer supported or updated. Programming does not stand still: language standards are changing, and those problems that were solved elegantly yesterday, today require even more elegant solutions. For a while, the code written according to old cannons will work, but one day it will end. Developers can check if the modules have obsolete code using the drupal-check utility. If you are not a programmer, but a non-tech website owner, then the Upgrade Status module interprets and turns for the drupal-check report into an understandable form.
Check your custom code every time the site is updated, except for security updates.
If your website runs on Drupal 8, you have time to update the code and migrate to Drupal 9 until November 2021, and if it runs on Drupal 7 - until November 2022. Due to the coronavirus, the Drupal team decided to extend support for this version for a year. The old code will be marked like that - @deprecated. The APIs collected on this page are subject to removal.
The front-end refactoring
After the website administrator uploads and publishes the content through the admin panel, a Drupal website theme will determine the view for this text, images, and other media. The theme is essentially HTML and CSS, and like any code, a theme also becomes obsolete.
Refactoring makes sense when the structure changes on the back end, or if the custom theme you are using is based on a community-developed theme, and it has been updated. It will be enough to do this once every six months.
Search Engine Optimization Modules
Promoting Drupal websites in search engines is no different from promoting others on a basic level. Search engines have the same requirements for all websites, namely, they require a robots.txt file, meta tags, 404 pages, redirects, breadcrumbs, no duplicate pages, and broken links, etc.
SEO will not be considered complete without additional plugins and modules, except for those that come out of the box. To complete all search engine optimization tasks, at least such modules as Metatag, Custom filter, Search 404, SEO Checklist, Easy Breadcrumb, Pathauto, XML Sitemap should be installed. It’s the developers’ duty - to keep them up to date. The check should be done every 3 months.
Checking the functionality of the website, or why a client also needs to be a tester
So, the site developers are busy with maintenance. How can the client help them? And should they do it at all?
No matter how conscientious and involved the development team and testers are, none of its members knows the business, its goals, and customers better than the owner of this business. And where the tester finds one bug, the website owner can find five more. Therefore, it is sometimes helpful to become an accomplice in the process.
Review all forms and try to fill them out. Apply different combinations of filters and look at the output. Probably, some goods disappeared from their categories and the given price range. Be considerate of new content. Its styles, markup, even the number of characters in the header can disrupt the harmony of a web page.
You can come up with a lot of similar work and carry it out according to the checklist. The frequency of the check depends on whether the website is active, how often content is added and removed, and how often new features appear. The more you check, the better.
It is better to check the website for compliance with expectations and goals after each change 1-2 times a month. Suggest improvements based on changes in business processes.
The special information for eCommerce website owners
What if you have no sales or want more? Collect statistics and look for exact pages where site visitors leave the site and do not complete the purchase. Create hypotheses on how to fix this and run A/B testing every couple of months.
If your store is integrated with delivery services (DHL Express, Boxberry, Pony Express, etc.), then check their APIs for relevance. Sometimes it changes without notifying connected customers.
WordPress website maintenance checklist
There are websites with pages created on different CMSs, for example, Drupal and WordPress. Therefore, we want to tell you quickly what is important to do for the maintenance of WordPress websites:
- updating minor and patch versions;
- updating plugins, modules, libraries, themes;
- PHP version update;
- renewal of SSL certificates;
- checking the website loading speed by PageSpeed Insights and optimization;
- SEO improvements;
- checking the important functionality of the site following the checklist;
- error monitoring via Google Analytics;
- standards of accessibility;
- front end refactoring;
- for online stores: testing hypotheses for optimizing the sales funnel, updating delivery methods;
- checking the functionality of the site with the client’s help (as frequently as the website updates).
For your convenience, we have attached a checklist in PDF format. Download it to your desktop and check your site on time. You can download it in the article header.
As you can see, the website should be maintained all year-round. Maintenance touches on as many aspects as website owners cannot afford to track on their own. Take the burden of technical issues off your shoulders and handle it to the ADCI Solutions team that has been developing and maintaining Drupal sites on a professional basis from 2007.
As part of the maintenance, we offer customers to take care of such moments as:
- control over the operation of components and modules of the website,
- codebase relevance support (updates of modules and kernel),
- development and optimization of modules,
- removal of viruses and malicious or non-working code,
- selection of hosting,
- website backup,
- website migration to a new version of CMS,
- new features development,
- installation of security updates,
- PageSpeed Insights optimization,
- SEO, and more.
Contact us: firstname.lastname@example.org.