Hacking Drupal Core: a Crime with Casualties!
Development, Drupal Development, Security,

Hacking Drupal Core: a Crime with Casualties!

3 m read
QArea Team
QArea Team
November 23, 2015
Share on
Reading Time: 3 minutes

Your site’s explosion just demolished South Korea? You probably hacked the Drupal core yesterday, haven’t you? Despite all possible temptation and promising benefits, you should never ever hack the core. The activity will not turn out the way you expect it to.

Never!

The one trap that caught us all!

You have probably heard it already. We shouldn’t hack the core. Ok-ok, we get it! Or do we? Countless people fall in the same trap over and over again. We are stubborn enough to repeatedly shoot ourselves in the same leg before the wound even gets the chance to heal.

Every single Drupal developer has tried to hack the core at least once.

Each of us failed.

It was painful.

Have we learned from the experience? No, we have not. OK, that’s not entirely true. Some of us have. We, at QArea, never even think of something as gruesome and devilish. But we’ve had 14+ years of experience at our disposal to learn the lesson the hard way. That is something I am willing to share with hopes that some of you, my fellow readers, will finally follow the smartest advice of all: Never hack the core.

Is there anything more tempting than the forbidden?

Why do developers keep hacking the core if it’s really that bad and everyone knows it? That’s simple. People love to take the easy path. People are lazy. People are arrogant. Developers are people.

Hacking the core may seem like the simplest, fastest solution to many challenges. The force in a poor choice is strong. The dark side is tempting. It tricks young, inexperienced minds into considering answers to the following questions:

  • Hacking the core seems so easy. Shouldn’t we, as developers prefer the simplest route over more complex ones?
  • Sure, it may be bad for the site owners. Why should I care?
  • Is not being able to get upgraded that bad?
  • This issue can only be resolved by hacking the core, can’t it?

Such thoughts have come to the minds of even the best of us. However, I’ll not even bother explaining why this mindset is horrific and terrifying. It is obviously unacceptable in any society. Especially in the one that is oriented on results and quality – like the Drupal community.

Why is hacking the core not different from killing kittens?

When you develop a website on Drupal website owners, as well as users are your responsibility by default. They trust you with either their money or product in one case or their personal data and credentials in the other. Will you have the heart to just cheat on them by choosing a simple path? A road that’s good for you, yet puts all of them at risk?

I don’t believe you are that kind of a person.

And neither do you.

By the way, it’s time to finally get to the point (I have several of them, in fact). Why are we, at QArea, never hacking the core? Why’s it so bad?

  • We all realize the importance of bug and security fixes. After the core is hacked you will never install them again. One might say that it will be difficult, but not impossible. Trust my experience – such a level of difficulty is intolerable. Sure, after endless hours of agony you will come up with a solution that is slightly less broken than all other ones, but its realization will be more challenging and resource-consuming than rebuilding the entire project from scratch. Hacking the core is just NOT WORTH IT!
  • You will hang a bright, seductive neon “welcome” sign for all the hackers out there. You will offer them an irresistible treat. And I’m pretty sure stakeholders won’t appreciate the gesture.
  • By hacking the core you give other people headaches. Literally. There will be a team responsible for website maintenance some ways down the road. People who will have to deal with circumstances of your “creative thinking” and “issue solving” (aka laziness). Each developer who hacks the core is mean to his other colleagues by default. That’s bad karma.
  • And, in the end, right after you hack the core – you are suddenly all alone. The only person in the whole wide world who can detect and fix issues and bugs, popping up in your site. You will lose the community, as none of the members is aware of the changes you’ve made and the effects they’ve caused.

At the end of the day, there are no unresolvable issues. All that, which seems like a valued reason to hack the core is not what it seems and can be resolved otherwise. With smarter methods. So, before you proceed towards you little malicious scheme, please be kind enough to consider all, that was written above. And then ask yourself a question:

Is it worth it?

We know it’s not. We are professionals who value both our colleagues and clients. We care about the quality of our development solutions. We love our job and we love Drupal. So should you!

Categories

Recent Posts

  • Go Community: The Best Golang conferences of 2018 (and a few to look out for in 2019)

    Read more
  • From Gaming Videos to Redefining Instant Messaging: Quinn Hu's Long Path to Serial Entrepreneurship

    Read more
  • 7 Reasons to Truly Love Microservices

    Read more
  • The Best Languages for Microservices

    Read more
  • QArea's Year: Summing Up 2018

    Read more
  • What's New in Golang 1.11: Release Notes Overview

    Read more
  • Why You Should Start Learning Dart and Flutter Right Now

    Read more
  • Golang Vs Python: Which Language Is Best for AI Programming

    Read more

Subscribe

Yes

Tags
Share on
Close icon
Privacy Preference Center