On March 28, the Drupal Security Team released the first “highly critical” security patch for Drupal core since 2016, which requires all sites running Drupal (versions 7 and 8) to apply immediately to avoid potential exploits. More information is available at

Fionta’s digital services team took a proactive approach – once we learned of the impending update, we immediately reached out to our Drupal clients and scheduled emergency maintenance windows.

Here are some numbers as of this writing:

  • Production sites updated: 16
  • Client coordination/notification emails: 185

Here’s our support manager Katie Lou staying on top of client communications…

  • Hosting providers involved: 11
  • Cups of coffee consumed: approx 50-60

All joking aside, Fionta strongly advocates for proactive, regular maintenance for all organizations’ websites. When a critical security patch for an open-source system is released, your organization’s site needs to be able to incorporate it immediately. With this recent update, we saw a strong dichotomy between sites that received regular updates, and others who had fallen behind – the former were much easier and faster when it came to applying the security patch.

If you know (or suspect that) your organization’s open-source web CMS needs a maintenance plan, please contact us. Although a healthy monthly allocation for maintenance is best, we can accommodate most nonprofit and association budgets – even quarterly maintenance is better than falling behind! Fill out the form below for a free initial consultation today and sleep well knowing that your organization’s website is in good hands.