Coding articles and tutorials ranging from JavaScript to PHP and Content Management Systems.
I was recently notified that one of the sites I support was getting a ‘C’ rating on SSL Labs. It turned out that there were three main issues that needed to be resolved. Two out of the three were relatively easy to find via the SSL Labs documentation, which required simple fixes to the ssl.conf file. This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to...
Because of erroneous PHP and Java extensions, I’ve switched from Atom to Microsoft’s VSCode aka Visual Code Editor for writing applications. VSCode is a powerful editor. With the help of some extensions, you can use VSCode as a replacement for RAM hogging Integrated Development Environments. If you’ve just installed VScode and you’re searching for extensions that will...
As a developer, knowledge of web application security vulnerabilities is essential in order to build software that is both resilient to attacks and protected through a layered approach of defense. The cybersecurity landscape is constantly shifting, however a good understanding of the most common vulnerabilities is a great place to get started with security. Before reviewing the articles below, be...
You’ve decided it’s time to start solidifying ideas for your ideal website. You have no doubt spent countless hours in the planning phase identifying your target audience, design considerations, and of course you have a solid idea of your overall content strategy. If you haven’t, then do yourself a favor and take a look at The Complete Guide to Building Your Personal Brand, What...
Fundamental to all modern web development is a strong foundational knowledge of version control. In recent years Git has emerged as the go-to choice for many developers and continues to gain popularity. Github is a platform that uses Git for source control. It provides an environment that encourages and fosters community open source development. It is a great platform to publish and use for...
The HTML5 and CSS learning resources provided here supplement classroom materials for my CMST 386 class taught at the University of Maryland University College. Please report any broken links in the LEO classroom. If you have any suggestions for additional resources that could be added here, let me know. To access some of these resources you will need to sign up for a free account, which I...
Like other top web servers, Nginx lets webmasters enable Gzip compression for their websites. It can compress scripts and stylesheets in a web page on the fly. The Gzip file’s size is significantly lower than the original file. Nginx supports 9 Gzip compression levels.1 is the lowest and 9 is the highest. To gzip a file, Nginx will use invoke a function and the function will use system...
After Googleweblight, AMP aka Accelerated Mobile Pages is the new initiative from the search engine giant Google to make the web fast. As of today, over 900K sites are powered by AMP. I’ve used AMP on my site for a month. Below, I’ve shared the Pros and Cons of Google AMP. Pros of Google AMP (Advantages) Easy to implement Google has published a detailed documentation which covers the...
Over the last few months my team has been developing microsites to accompany our main website. The requirements for these sites included having their own domain, theme and separate content. After reviewing options in Drupal 7, I decided the best approach given our situation was to use the Domain Access Module. The Domain Access Module provides a very solid and powerful framework for developing...
Yesterday, I was checking the performance of one of my sites with GTmetrix and Pingdom tools. Although my site takes about 1 second to open in any browser, the tools were reporting remove query strings from static resources warning. Anything that follows after the question mark i.e “?” is called a query string. You’ll find URLs with query strings on dynamic sites. If the site...
As mentioned in my earlier blog post, I am using LetsEncrypt free SSL certificate on one of my sites. The certificate was due to expire in few weeks. The CertBot dispatched an alert message for the same on my official email address. As I’m using SSL for the first time and having several doubts in mind, I decided to renew LetsEncrypt certificate immediately. I fired the...
After Google declared HTTPS as a ranking signal, thousands of sites have switched to HTTPS from HTTP. To secure your site with HTTPS, you must install an SSL certificate on the server and configure the web server to redirect HTTP traffic to HTTPS. Before Let’s Encrypt Certificate Authority was launched in 2016, companies used to charge a hefty amount for providing SSL certificates. Now, you...
If your app is appending the errors and website visitor’s IP address, browser data, etc to a log file, you should manually archive old log files or use Logrotate. If you don’t do so, the server will run out of storage memory and your application may crash. Logrotate is a powerful program that archives and removes old log files. It saves heaps of storage memory by automatically...
According to Google, HTTPS is a ranking signal. If you make your website secure by configuring the web server to deliver HTTPS pages, your site may rank higher than an HTTP only portal. More importantly, web browsers have begun to warn their users of non-secure web pages. The Google Chrome browser (version 56) marks non-https website pages as insecure when they have an HTML field for...
Setting a preferred domain is one of the most important things to do after launching a new site. It takes few seconds to set a PD. Before setting a preferred domain, you should make sure that Google indexes only the URLS which you want to appear in search results. To do so, you must set up a 301 redirect. A 301 redirect will prevent duplicate content issues. It will tell search engines that they...
Nginx is one of the world’s most powerful web servers. It has a robust caching system which eliminates the need for optimizing websites with third-party caching solutions. While managing your website, you may come across the strange error called No Space Left on Device while reading upstream. You won’t know that Nginx is throwing the “No Space Left error” until you check...
HTTPS protocol makes your website secure. Google had declared HTTPS as a ranking signal last year which means that secure sites can have higher organic visibility than nonsecure websites. If your site is selling products online, you’ll see a boost in conversion because the browsers will mark your website as safe. Before you go ahead and enable HTTPS on your website, you must learn the...
This is post 5 of 10 in the series “Intrusion Detection” TCP Congestion Control Installing Wireshark on Mac OS X (Yosemite) What are Rogue Access Points? Two Common Router Security Threats Modern Application Frameworks, Legacy Browsers and Security Implications What are Covert Channels? Mobile Considerations in Network Security Architecture Common Bluetooth Vulnerabilities to be Aware...
Web hosting is the backbone of a website. It is crucial to the success of a blogger, business, and the website. A poor web hosting firm will have big downtimes. Because of poor infrastructure, the network latency will be high and your site will rank below faster websites in the search engines. Web hosting services are of three types, shared, VPS, dedicated, and cloud. The shared hosting plans are...
I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment.