Primary tabs
Useful Drupal modules
Click on the module name for notes, comments, patches.
Recommendations (for and against) are my personal opinion only and may be out of date. Feel free to email with corrections/suggestions.
Why doesn't the table mention Drupal 9 or 10?
1. Nowadays, I try and use Drupal as little as possible. Specifically I do not recommend it for a new website. I'd also strongly caution you against choosing Drupal if you're at the beginning of your career and trying to learn web development (front / back / full stack) or just want to manage/maintain a website. More details why by email on request.
2. By February 2022 I'd updated all the sites I look after to Drupal 9 (experience: mixed). As of March 2023, a year later, none of them were fully ready for Drupal 10 (waiting on support for various modules). By 13 Nov 2023 (a week or two after D9 lost support) I had updated a couple of them.
Q: What's the Drupal 9 to 10 upgrade experience like? A: it's what I'd describe as "just bearable", slightly better than D8 to D9, though with plenty of things to still trip you up. There is still deprecated code that needs fixing in D10 modules, and policy changes mean odd things will break (be prepared to turn off Aggregate CSS/JS files if your themes stop working, and note that Drush launcher doesn't work with Drush 12...)
Admittedly the upgrade_status module is the best solution they could have come up with for tracking compatibility. Also watch out for a nasty session headers bug with redirect_after_login.
What about sites still running Drupal 7? In short I still recommend leaving them on Drupal 7 or moving to another platform entirely. My prediction was that Drupal will extend D7 support year after year (note that drupal.org itself is still running D7). It's now been confirmed as 5 Jan 2025. There will have to be some sort of third-party long term support, because of the sheer volume of sites that are not being upgraded.
Your decision is really what specifically you think you will gain from Drupal 8/9/10 - often the answer will be not enough, and one of the main hassles - apart from converting each content type one at a time, and setting up a new theme, will be recreating all your views by hand, as views can't be automatically upgraded.
(134 modules in list)| Name | D8 | Personally Tested | Last Updated Sort descending |
|---|---|---|---|
| CSS Editor (css_editor) | ✔ | ✔ | |
|
"Essential" If you only need a small amount of CSS, or want users to be able to directly edit it through the admin UI rather than creating a theme or module. Caveat: doesn't work for admin themes (at least on D7) |
|||
| Save edit (save_edit) | ✔ | ✔ | |
|
"Essential" Add a save and edit button
|
|||
| Ngrok for drupal (ngrok_drupal) | ✔ | ✔ | |
|
Sets the cookie domain correctly if you're using ngrok. Use this if you have an Ngrok secure tunnel - e.g. if you are testing a Stripe Apple Pay integration (needs to run with a valid, publicly accessible SSH domain) |
|||
| Field group (field_group) | ✔ | ✔ | |
|
"Essential" Add group' button to /admin/config/people/accounts/form-display (or any other form), can then group fields inside fieldset/other HTML wrappers.
Types of groups:
In theory can use this to add <div>s with css styles such as flexbox, like webform uses, but CSS to support that needs to be present on the page. |
|||
| Twig VarDumper (twig_vardumper) | ✔ | ✔ | |
|
"Essential" Much faster than using kint, with colour coding, and still works nicely within narrow DOM elements. Enabling twig debugging in the first place: Also make sure you've activated twig debugging properly (including enabling the settings.local.php file in settings.php, and adding the debug setting to development.services.yml) Usage Tip: - Hover over the keys and you get a tooltip that says 'Public method','Protected property' etc. |
|||
| Menu position (menu_position) | ✔ | ✔ | |
|
"Essential" Assign various pages (by content type, URL, role etc.) to certain menu entries - so the 'active' status of the menu is set correctly (i.e. they appear within the sections you want). - patch: Add enabled checkbox to edit form + enable new rules by default
|
|||
| Webform (webform) | ✔ | ✔ | |
|
"Essential" One of the best maintained contrib modules. Main benefits: nicely presented forms with powerful conditional logic, YAML configuration, flexible user permissions, very clean data storage, secure. Codebase is also very much written "the Drupal way". I'm currently using this patch to avoid AJAX errors - it's only necessary where you've both enabled Automatically save as draft when paging, previewing, and when there are validation errors, and are using a confirmation type like inline, that still uses AJAX to submit the form when there are no validation errors. Troubleshooting install of webform external libraries: (Jan 2020) Follow these instructions: https://www.drupal.org/node/3003140 If you get a composer SSL error, follow these instructions. (specifically, you need to set |
|||
| reCAPTCHA (recaptcha) | ✔ | ✔ | |
|
"Essential" Use in conjunction with the Captcha module to prevent spam on forms. Tested with D7 and D8. Patch needed for AJAX forms (e.g. Webforms with AJAX support turned on) to stop the ReCAPTCHA UI disappearing when page is reloaded. |
|||
| Twig Extensions (twig_extensions) | ✔ | ✖ | |
|
Text filters, array and date manipulation. (haven't tried this yet) |
|||
| Rabbit hole (rabbit_hole) | ✔ | ✔ | |
|
Lets you set display, access denied, redirect or programmatic accessing for direct access to nodes. However, note that includes both /node/xxx and the node alias, i.e. you can't just use it to restrict numeric URLs, the human friendly ones will get blocked too - so restrict_node_page_view might be more appropriate. There's a series of submodules (such as rh_node) and without enabling them you won't see any options in the UI. |
|||
| Honeypot (honeypot) | ✔ | ✔ | |
|
"Essential" Adds spam prevention to forms (you can select which, including user registration and contact). Recommended settings: - turn logging on (look for entries of type = honeypot in /admin/reports/dblog |
|||
| Devel (devel) | ✔ | ✔ | |
|
"Essential" Key features:
|
|||
| Resave nodes (resave_nodes) | ✖ | ✔ | |
|
"Essential" If you want to manually refresh a series of nodes. You can choose the node type. |
|||
| Table trash (table_trash) | ✖ | ✔ | |
|
Add extra tables JS support for views (and many other pages) - e.g. search box, dynamic column sorting, rearranging columns, exporting to clipboard etc. If you get "TypeError: tables.DataTable is not a function" when using datatables module, first, try going to /admin/config/content/table_trash/global_settings and saving the existing settings. |
|||
| Coffee (coffee) | ✔ | ✔ | |
|
"Essential" Keyboard shortcuts. A bit like Spotlight/Alfred/Launchbar. Alt+D to launch (memonic: alt + D = coffee!) Handy as it doesn't clash with browser keyboard-shortcut extensions such as Vimium. Tips:
|
|||
| Upgrade Status (for Drupal 9) (upgrade_status) | ✔ | ✔ | |
|
"Essential" Very useful module for scanning installed modules (including your own custom code) for compatibility issues - gives a detailed report of necessary fixes. NB: scanning using the UI (rather than Drush) won't work on a dev server without a valid SSL certificate. |
|||
| Username policy (username_policy) | ✔ | ✔ | |
|
This gives you a single box where you can enter tokens to form the default username. It seems to work, but in D7 the patterns section ("Only use the below pattern elements") was empty. This is supposedly because there's a dependency on the 'profile' module, except profile doesn't exist in D7 (I tried profile2 instead but it made no difference) and profile2 doesn't exist in D8. auto_username displays tokens OK and is more powerful / has more settings including customise at what point names are truncated, etc. |
|||
| Node Page Disable (node_page_disable) | ✖ | ✔ | |
|
"Essential" Adds an checkbox labelled 'Retain /node as an active url?' to /admin/config/system/site-information This lets you disable the /node page which would otherwise list all published content. Note it doesn't let you individual disable /node/xxx access by content type - see restrict_node_page_view or rabbit_hole for that. This is for D7 only - in D8 you go to /admin/structure/views and disable /node there. |
|||
| Twig Tweak (twig_tweak) | ✔ | ✖ | |
|
Adds Twig syntax to insert views, view results, regions, entities (e.g. nodes, blocks, webforms), menus, images, image styles, tokens, breadcrumbs, messages, contextual links and more. |
|||
| Responsive and off-canvas menu (responsive_menu) | ✔ | ✔ | |
|
This uses a JS library and works without a second copy of the menu in the HTML, and you don't need to make any changes to your existing navigation menu. Look at the README file for instructions. Note you're forced with the mobile version of the menu to have it expand to full depth (although the hack/workaround, if you want a top-level menu only, is to hide the lower elements in CSS) For hand-crated CSS / minimal javascript solutions, see https://css-tricks.com/responsive-menu-concepts/ |
|||
| Views Contextual Filters OR (views_contextual_filters_or) | ✔ | ✔ | |
|
"Essential" By default if you add multiple contextual filters to a view, they must all pass (AND). |
|||
| Rules (rules) | ✔ | ✔ | |
|
Patch needed (the pages and roles tabs are missing on block editing form otherwise): |
|||
| Metatag (metatag) | ✔ | ✔ | |
|
"Essential" This comes with a whole series of modules, including metatag_verification that will allow you to insert a google-site-verification tab. Instructions How to add it to a content type/bundle:
|
|||
| Views Aggregator Plus (views_aggregator) | ✖ | ✔ | |
|
Provides extra options for aggregating data in tables - e.g. grouping sets of rows together and summing the values of particular fields. Has a hook - hook_views_aggregation_functions_info() - which lets you add your own options to the table aggregation settings - e.g. supposing you have a limit for something (number of tickets, nights of accommodation) and want to decrement it - you can write a method to sum the matching rows and then do a calculation on the total. Also supports 'add column function' - adds a grand total (or other summary field) at the very bottom of the table. Caution - this module breaks hook_views_pre_render() - you can write your own pre_render method to remove or shuffle entire rows, but any chances to values will be overwritten (discovered this by looking through the source and looking for the use of that hook). The workaround is to try and do what you need to by using hook_views_aggregation_functions_info() instead. |
|||
| Conditional Fields (conditional_fields) | ✔ | ✔ | |
|
Adds a 'Manage dependencies' tab to the admin page for content types. This lets you set a 'target field' whose visibility is set according to a 'control field' and whether the latter is full/empty/checked/unchecked/has a specific value. Another useful feature is you can prefill/pre-tick etc. the target field (including with a custom text value, for example). To detect quickly if it's in use anywhere (I needed to do this before being sure I could uninstall the module on a site), export your site config and grep the /config/sync directory for 'conditional_fields' - it's stored in the 'third_party_settings' key in core.entity_form_display.node.[content type].default.yml |
|||
| AudioField (audiofield) | ✔ | ✔ | |
|
"Essential" This is a formatter, available on node display or in views. It turns a uploaded file or an external URL into an HTML5 audio player. Also supports various other JS player libraries which you can download. You can turn lazy-loading of the file on or off. Note: there is a default label added below the player, which is either the URL field description or actual address, if the former is missing. Override the audioplayer.html.twig template to remove this. |
|||
| Redirect after login (redirect_after_login) | ✔ | ✔ | |
|
"Essential" Sends users (depending on their role) to another page, rather than their profile, immediately after logging in. There's a bug (patch available, fortunately) with this which will break session cookies in Drupal 9, and upgrade_status doesn't warn you about it. |
|||
| Role Watchdog (role_watchdog) | ✔ | ✔ | |
|
"Essential" Logs every time a role is changed. Users get a Role History tab and there's a notification feature. Should now work fine on D8, not personally tested it (earlier: 15 Sep 2018 - there's a dev branch, but when you install it complains about missing role entity, and drush updb does nothing) |
|||
| Node access user reference (nodeaccess_userreference) | ✖ | ✔ | |
|
"Essential" Allows you to use an entity reference field on a node to allow (or deny) access to that node to the users you have selected. Extremely useful for giving selected people access. This isn't available in D8 or above (though it ought to be) - there's a note in the issue queue about it. #2655426 |
|||
| Double Field (double_field) | ✔ | ✔ | |
|
"Essential" Store a pair of fields together (numbers and text, boolean, email, telephone, Url). As normal you can specify the quantity of double fields per entity, or allow an unlimited number. Note: D7 version doesn't support 'date'. Don't use it for:
|
|||
| Custom Add Another (custom_add_another) | ✔ | ✔ | |
|
"Essential" The default button text for 'unlimited' fields where you can add multiple items is "Add another item". You might want to change this. This module lets you do it per field bundle - there are a couple of text options (for add and remove) added to the field edit screen. NB: this is not the 'Save and add another' button for an entire content type, just the one that handles the javascript for individual fields with multiple entries. |
|||
| Google Authenticator login (ga_login) | ✔ | ✔ | |
|
"Essential" Use in conjunction with tfa to support OATH based HOTP/TOTP systems. Nov 2022: No longer needed (i.e. uninstall it) when you upgrade to tfa 2.x for Drupal 9 and 10. |
|||
| Views PHP (views_php) | ✖ | ✔ | |
|
Allows you to insert a Global PHP field in a view in D7, so you can have conditionals etc. Note there's a bug in 7.x-1.1 (Jan 2022) - you need this patch. (Not available in D8, you should use Twig instead). |
|||
| Required by role (required_by_role) | ✔ | ✔ | |
|
"Essential" Set required fields more precisely. How to verify it it's in use on any fields (so you can remove it if desired) I wanted to upgrade a site to D10 and there was a dependency from required_by_role on required_api, which was not yet D10 compatible. I wasn't sure if I was even using required_by_role on any fields - turns out I wasn't. There's no admin UI page overview which shows it's use, but you can just run a simple SQL query:select * from config where data like "%required_by_role%"; (the config table is where all your field settings are stored). |
|||