by Elliot Christenson on February 25, 2016 - 12:56pm
Yesterday was February 24th, 2016!
If you are reading this, you probably already know what that signifies. It is the official End-Of-Life for Drupal 6. The world didn't end!
This week, myDropWizard is working to onboard dozens of Drupal 6 websites that need to maintain uptime, security, and are not yet updated. How is this even possible? Wasn’t Drupal 6.0 released back on February 13th of 2008? That was EIGHT years ago! It was unleashed to a world mostly absent of smartphones - only coming a few months after the release of the original iPhone.
It’s possible because Drupal 6 was a great platform.
When you think about the growth of the Drupal community, Drupal 6 was one of those crucial inflection points. Lots of things came together at once to help make Drupal what it is today in 2016. The explosion of modules, the constant updates for security measures, and the cultivation of people in the Drupal community allowed for something really sophisticated, secure, and exciting. Hundreds of thousands of websites were built using Drupal 6. This is no small success.
In fact, there are still over 100,000 active websites running Drupal 6 TODAY!
This look forward is accompanied by a cautious look forward. The End-Of-Life status isn’t going to result in a "fiery, apocalyptic end for Drupal 6” - a quote often used by myDropWizard founder David Snopek. It’s not like the “Y2K” bug. It’s not even like the end of support for Microsoft Windows XP.
It’s one step in a process:
- For many, this signals the beginning of a timeline to dedicate resources to move to Drupal 8.
- For others, they can put the remaining pieces into a Drupal 7 deployment.
- Many need to keep their Drupal 6 website running: That’s OK!
We think it’s so OK that we have dedicated our business to this task.
Aside from contracting with a company like myDropWizard for long-term support, you should continue following strong security practices - and maybe add some new ones.
Here is a basic checklist:
- archive the site - Use the 3-2-1 system for backups.
- perform all updates - Drupal is a piece of this but also PHP, MySQL, Apache, Linux - for instance, be aware of your exposure to the glibc security flaw! Do you have Drupal 6.38 (which came out today) installed?
- double check daily backups - if possible, even do a “restore drill” to make sure that you can get fully operational
- be prepared for a possible hacking
- have a way of detecting or monitoring basic attacks
- have a plan for what you will do in a hacking event
- isolate your site in a VM/server
Obviously, we would like for many of you to become myDropWizard clients. That said, a safer world of well-protected Drupal 6 websites is better for all of us, so please think about how you can fortify your current website today!