Articles > Security

Essential server security for web developers

Not everyone relies on shared web hosting for the sites they work on. Many developers have turned to dedicated hosting, virtual private servers (VPS), colocation hosting and other methods that give them greater freedom to work and allow for more control over the environments where they host sites for their clients or business. While these hosting environments offer a developer much more flexibility, they do put the responsibility of securing that server in the hands of the developer. This can pose...

Moving your website to HTTPS, is it worth it?

HTTP versus HTTPS: How much of a difference can one additional letter make? As it happens, quite a lot. Ever since Google confirmed that it considers whether a site uses HTTP or HTTPS as a ranking factor, there’s been a lot of debate about the merits of making the switch. I don’t know about you, but I’m the type of person who likes to play it safe; if Google recommends something, I’m all for it. Still, while switching to HTTPS makes sense for most websites, it’s not always worth it. Is it time to switch?...

Essential steps to secure your website

In the web development world, the most popular open source platforms for creating websites include WordPress, Joomla and Drupal. But what is open source exactly? It refers to software and platforms that are free and publicly accessible. They usually have a large community of contributors that help update the software, create plugins and provide support through online forums. Open source platforms are a great way for beginners to create a no-hassle website, and are great for advanced web developers...
CSS

GitHub Plug-in for WordPress

For the last few years I've run my own Subversion (SVN) server on either a spare box and more recently with a paid for server. This was mainly because my work was private and I was familiar with SVN, and I found that the TortoiseSVN client was excellent and easy to use. My needs have changed and evolved over the years, particularly in the last few months since I started these tutorials. So I have decided to start moving new projects and some of my tutorials to GitHub. I've been watching GitHub progress over the...
CSS

OAuth2 and the Twitter API – A WordPress plugin

Building on the last few WordPress related tutorials, this week we'll being using the Twitter API to display a users most recent tweets using a shortcode. Several of the existing tutorials and code examples out there use the old version of the API or the search API that do not require authentication. This API has been deprecated and been replaced with version 1.1. Although it still works, Twitter can disable it at any time. One of the main changes to the API with the introduction of the 1.1 API was the implementation...

Adding a simple authentication using PHP require and includes

Please note that this tutorial has now been superseded by a later, more in-depth tutorial available here Continuing on with our to-do application, in this weeks snippet we're going to be using PHP's require_once function. The require_once function is similar to the require function, in that it will execute and include any php code with the calling file but with one vital difference. It will only execute once. This is important for us in this tutorial as we are going to use it to validate our user. There...

A Simple Way to Stop Bandwidth Theft from Your Website

Boosting online traffic is one of the main goals for virtually every website on the Internet. A conscientious site owner, seeking to optimize performance, will regularly check detailed traffic logs available through their hosting account or a third-party service, like Google Analytics. One very big potential problem that can be quickly detected involves the unauthorized use of files from your website by another Internet property. You must be watchful for this practice, especially if your site...

Scan for Website Vulnerabilities with WebScarab

By
Web applications remain the largest security risk for any company. The reason is two-fold. First, most software services have moved to a web based environment giving malicious hackers a much larger landscape to attack. Second, most organizations put a majority of their resources, i.e. dollars and manpower, into network and perimeter security leaving the web unguarded. In most cases, it is up to the web developer to secure sites as best they can. Those who know how to patch known vulnerabilities in...
Load more
Home CSS Deals HTML HTML5 Java JavaScript jQuery Miscellaneous Mobile MySQL News PHP Resources Security Snippet Tools Tutorial Web Development Web Services WordPress