Whilst many people were looking at the Brit awards last night, a different top list has also been released. Instead of counting up the awards for artists, it was counting up the risk and impact of common development errors
The top 5 include
- Cross site scripting
- SQL Injection
- Buffer overflow
- Cross site request forgery
- Improper access control
All of these issues have been known about and well understood for some time, however developers are still regularly making mistakes in these and the other top 20 areas.
Click here to read more.. »
February 17th 2010 Uncategorized
Today I have been reminded about the importance of having no single point of failure in your systems.
With news that one hosting company providing both dedicated servers and Virtual Private Servers (VPS) has now been offline for 5 days, you need to consider what would happen to your systems if you were solely reliant on a company that also had such an outage.
HostV are not the only people to suffer from outages with several major UK datacentres going offline for shorter periods at some time of another over the past 10 years, it is only prudent to ensure you do not rely on any single company or site for all your hosting.
Commonly called disaster recovery, you plan and prepare for the worst. Ensuring that if it happens, it is no longer a disaster but a just an inconvenience to implement your prepared plan.
To take a worst case scenario, if terrorists blew up a datacentre with the complete irrecoverable loss of all hardware and data on site, could you keep going?
Most importantly take offsite backups and test them. Offsite backups can at least enable you to restore your data to a new server if all else fails. Just make sure that you have regularly tested that your backups are usable and that they contain all the data that you think they do. There is nothing worse than finding out your backups were corrupted or did not contain some vital bit of data at a time you need to use them due to a failure.
Ensure that you have a backup or disaster recovery server in place and online at a different facility preferably in a different country so no single fibre or backbone outage can affect both. This server does not need to be as powerful or as highly redundant as your main servers, it just needs to be able to carry on critical functions during an outage of your main live systems.
Keep the disaster recovery server synchronised with your main live server, you can use systems like rsync and database replication to ensure file and databases are maintained in sync and ready to go at a moments notice.
Click here to read more.. »
February 10th 2010 Infrastructure
Today is European Safer Internet Day 2010. If this fact has passed you by, then you are not alone as it does not seem to have been publicised much at all.
The stated aim is to encourage safe and responsible use of online technology and using mobile phones, which is an aim I can certainly agree with, having a young child who is currently learning about email in school.
The theme this year is “Think Before You Post” and I am sure that there are many more experienced folks as well as the children and young people who the day is most aimed at, who have forgotten to do this now and again. I personally have made the mistake of forgetting to remove an address from the CC field of a less than complimentary email I intended for internal eyes but unintentially delivered to the people who had contracted the services of the company discussed in the email.
So if you are a seasoned internet hand, or someone new to the internet and mobile technologies, take a minute to “Think before you post”.
www.saferinternetday.org has all the details.
February 9th 2010 Uncategorized
The Apache Software Foundation has announced that this is the final release of the 1.3 branch and only critical security fixes will be available from now on.
Apache 1.3 was first released in June 1998 back before Microsoft Windows 98 came out. The Apache 2 branch has now been out for 10 years and had many benefits over 1.3 on release.
Even with the benefits and stability offered by the Apache 2 branch, 1.3 has still been heavily used over the past 10 years despite the case for preferring it to version 2 getting progressively weaker. With this announcement we may see more people finally take the step of transferring to the Apache 2 branch, a change that is normally pain free and see some volunteer time freed up from supporting and maintaining what had essentially become a legacy version of the web server, giving them more time to spend on newer and more interesting stuff.
WordPress is great, but I am sure most people would agree that it can be a bit sluggish at showing pages. There is a lot going on behind the scenes to generate all your dynamic blog goodness, however most of it does not need to happen for every single visit to your site.
There are lots of ways to speed up performance of websites, especially dynamically generated ones. One good one for most occasions is to use caching to save on the time required to create pages dynamically. Whilst revisiting an old post on a friends blog earlier, I saw him mention the wp-super-cache plugin. I have had a look at it and have to admit to becoming an overnight fan.
Click here to read more.. »
Incoming search terms:
February 5th 2010 Applications
