Drupal 6.31 and 7.27


New security releases of Drupal came out yesterday.  We are in the process of upgrading the sites that we have under maintenance contracts. This wil take a few days to get through all of the different sites. This is only a moderately concerning update and will only affect some sites depending on how they are configured.  In particular, this is likely to only affect sites that use multi-step or ajax forms that are exposed to anonymous users.  We will attempt to work our way through sites in the order of how vulnerable we believe they wil be to this bug.

Heartbleed Security Flaw


Many of you have undoubtedly been reading about the Hearbleed security issue with OpenSSL. Some of our servers were vulnerable to Heartbleed - notably our CentOS 6 servers.  The ones running CentOS 5 were not vulnerable because they are based on an older version of OpenSSL.  We upgraded the OpenSSL library on all of our vulnerable servers as soon as a patched version was available, and none of our servers are now vulnerable to this exploit.  We have re-keyed the secure certificates for our clients who were under maintenance contracts.  We would recommend that everyone go out and update your passwords on any web-based systems that may have been vulnerable to this exploit, including logins for email accounts.  If you are having any trouble with this on our systems, please let us know.

Please note that the administrative panel logins on our servers were not vulnerable to this exploit - but your logins through SSL on your own web sites were, possibly.  In any case, rotating passwords occasionally is always a good policy, and we would also recommend (as the Internet gets more and more lawless) that you think seriously about using a password system (we happen to like LastPass) to keep track of your passwords, allowing you to generate random passwords for sites, but to still keep track of them.  Last of all, we'd like to recommend that you think about implementing dual authorization on your important logins.  We are using Authy on some of our administration software to require that we not only have a password, but a random one-time key to log in to our servers. 

Drupal Open House in Minneapolis

Time for the first-ever Drupal Open House in Minneapolis - an un-conference revolving around Drupal.  Come meet the Twin Cities Drupal folk, talk about all things Drupalicious, code, sprint, have lunch, and then start again!

We'll have a couple folks from Cruiskeen Consulting there, and it's a great chance to meet people, schmooze, and learn. 


Intermedia Arts

Saturday, March 1

2822 Lyndale Ave. S.

Minneapolis, MN 55408

Free, but $5 requested to pay for lunch


See you all there!

Drupal Community of Practice


Although I've been meaning to do so for some time, I finally participated today in the NTEN Drupal Community of Practice conference call. I found this a great experience as someone who is interested in using Drupal in nonprofit settings. The discussions are informal, and involve people with a really wide range of Drupal expertise.



This is a descrioption of a long-term project we are undertaking at Cruiskeen Consulting and CMS Farm. We are in general interested in  community building in Wisconsin and building tools to promote community building. For nearly a year the idea has been kicking around of building a community communications platform that would allow different groups in Wisconsin to set up their own discussion platform and web page.

Upgrades All Around!

Topic freestyle: 


We're in the process of upgrading our newer servers.  They're currently running CentOS 6.4, and we are upgrading them all to 6.5.  At the moment we're upgrading all of our virtual machines, but  since we've not rebooted the base hardware for a while, it's time to do some serious security upgrades on the base servers.  Because of that need, we will be doing some full reboots on all of our servers next week to make sure they stay secure.  More details toward the end of next week.  Watch This Space!

Reseller Accounts


We now sell a standard reseller account that can be used by web developers and others who re-sell web hosting. The package includes


  • 100 Gbytes Disk Quota
  • Unlimited Bandwidth
  • Unlimited Mailboxes
  • Up to 20 Virtual top-level Servers
  • Reseller Control Panel

Talk to us about how you can host your clients with us, save some money, and get real performance web hosting for CMS systems.  We're local, we're hands-on, and we're willing to work with you to build a custom hosting environment to meet your needs.

    Drupal Camps


    Summer Time is DrupalCamp Time.  We're sponsoring two local Drupal Camps this year.  We are a silver sponsor for both DrupalCamp Twin Cities and DrupalCamp Wisconsin. We will have a booth at the Twin Cities camp, so come visit!  And I'm pretty sure I will be presenting at the Wisconsin event in Madison, so drop by.  For more info on both camps just click on the block on the right and find out more. We will be giving out some DANDY door prizes to people who leave  us their business card at both events, including a free month of BuildAModule online training.

    Drupalcon 2013

    Topic freestyle: 


    Drupalcon 2013 is next week.   A couple of us will be heading out to Drupalcon, and hope to get a lot of great new ideas on building better Drupal web sites, as well as networking with business partners and the Drupalista world in general. This is always an exciting time, and I personally haven't had a chance to go for a couple of years. Please follow the twitter tag #drupalcon if you're interested in hearing about what is going on out in Portland. We'll undoubtedly have some good stuff to relate after we get back.

    Daily Planet Re-theme

    Topic freestyle: 


    Today is an exciting day at the office as we launch the new interior theming for the Twin Cities Daily Planet.   Bigger pictures, less clutter, lots of colorbox image popups - and real soon now, slideshows.  This has been in the works for a while now, and puts the site in a much better position for an upgrade to Drupal 7.  The new theme is a good deal less quirky, and let us incorporate a lot of new features, including using Display Suite for more flexibility in managing the look of the site.


    Subscribe to Cruiskeen Consulting LLC RSS