News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Securing Your Server Login
October 22, 2014 @ 10:43:27

While PHP developers usually pay more attention to the code level of things, it's good to know something about managing the servers their applications live on too. In this most recent tutorial from NetTuts.com they introduce you to some of the basic things you can do to help secure your server against potential attacks, more specifically around the logins.

Thanks to the growing abundance of useful self-hosted apps such as WordPress and the affordable growth of cloud hosting providers, running your own server is becoming increasingly compelling to a broader audience. But securing these servers properly requires a fairly broad knowledge of Linux system administration; this task is not always suitable for newbies.

They provide a list of seven things to look at (not a comprehensive list, but good none the less) to protect your system logins:

  • Update Your System Components
  • Change Your SSH Port From the Default
  • Activate a Firewall
  • Change Your Root Login Name
  • Activate Google Two-Factor Authentication
  • Switch to Using SSH Keys for Login
  • Manage Your Application Security

Each item includes a summary of the "why" and commands or links to other resources with more information.

0 comments voice your opinion now!
server login security top7 list tips hosting

Link: http://code.tutsplus.com/tutorials/securing-your-server-login--cms-22001

Ben Ramsey:
Learning a New Codebase
September 18, 2014 @ 09:38:51

In a new post to his site Ben Ramsey shares a few suggestions around things to ask and do to learn a new codebase (whether that means in a new job or coming into a new open source project).

A few days ago, my friend Ed Finkler started a new job. Earlier this week, he posted on Twitter: "First days humble us all." Having begun a new job myself, I shared Ed's sentiment. Last weekend, while at the Madison PHP Conference, we were discussing what developers can do during the interview process to get an idea of the kind of codebase a company has.

He includes a few questions for developers to ask, either during the interview or once hired, about the codebase itself including:

  • what coding standards the company follows
  • how much of the code is covered by tests
  • have the company's deployment process described

He also recommends learning the codebase by diving in and either writing tests for untested areas or work through bug reports and fix (then test) them.

0 comments voice your opinion now!
learn new codebase tips questions bugfix unittest

Link: http://benramsey.com/blog/2014/09/learning-a-new-codebase/

Matthew Weier O'Phinney:
Deployment with Zend Server (Part 6 of 8) - Page Caching
September 11, 2014 @ 14:57:08

Matthew Weier O'Phinney has posted his sixth part (of eight) in his "deployment with Zend Server" tips and tricks. In this latest post he talks about page caching.

This is the sixth in a series of eight posts detailing tips on deploying to Zend Server. The previous post in the series detailed setting job script status codes. Today, I'm sharing some tips around setting up page caching, and jobs for clearing the Zend Server page cache.

He starts off describing what Zend Server offers in the way of page caching and provides an example (with screenshots) of how he sets his up to work with multiple subdomains. He then shows how to set what variable the caching looks at to tell the difference between pages and how to clear the cache on deploy. He includes a simple script to help with that, running through a list of paths and calling the flush on each.

0 comments voice your opinion now!
zendserver deployment tips series part6 page caching

Link: https://mwop.net/blog/2014-09-11-zend-server-deployment-part-6.html

Matthew Weier O'Phinney:
Deployment with Zend Server (Part 5 of 8)
September 10, 2014 @ 13:40:49

Matthew Weier O'Phinney has posted the latest in his "deployment with Zend Server" tips today, part five of eight. In this latest post he talks about setting the status of a job.

This is the fifth in a series of eight posts detailing tips on deploying to Zend Server. The previous post in the series detailed how to secure your Job Queue job scripts. Today, I'm sharing some best practices around writing job scripts, particularly around how to indicate execution status.

When he talks about the "status" of a job he's referencing the return code that's provided back to the executing script sharing the pass/fail status of its execution. He shows how to use the ZendJobQueue object and the setCurrentJobStatus to return a constant, either "FAILED" or "OK". He shows how to use it in an isolated example, outputting the results back as a plain text message that can be found in the "Output" tab of the job.

0 comments voice your opinion now!
zendserver deployment tips series part5 return status failed ok

Link: https://mwop.net/blog/2014-09-09-zend-server-deployment-part-5.html

VitalFlux.com:
Top 10 PHP Code Review Tips
September 10, 2014 @ 11:15:31

On the VitalFlux site there's a recent post sharing a few tips (a Top 10 list) of things to think about when doing code reviews.

This article represents top 10 areas to consider while you are taking up the task to do the code review of a PHP project. The other day, I had a discussion with one of the PHP senior developers who asked me about where to start on the task related with reviewing a PHP web application and, we brainstormed and came up with the list. Interestingly, apart from few, most of them can be pretty much applied to applications written with other programming languages as well.

Their top ten list of things to look for during code reviews extend beyond just the syntax of the code and good coding practices. They also suggest things like:

  • Adherence to Business Functionality
  • Object-Oriented Principles
  • Security
  • Integration Patterns/Protocols

Code reviews, if done effectively and efficiently, can be a major benefit for producing quality code that not only adheres to standards but also follows good practices and principles (like SOLID).

0 comments voice your opinion now!
code review tips top10 list syntax bestpractice business

Link: http://vitalflux.com/top-10-php-code-review-tips/

Matthew Weier O'Phinney:
Deployment with Zend Server (Part 4 of 8)
September 05, 2014 @ 09:22:38

Matthew Weier O'Phinney has posted the latest tip in his Zend Server deployment series, part 4 related to securing the scripts you use for your jobs (like cron, but run through Zend Server).

This is the fourth in a series of eight posts detailing tips on deploying to Zend Server. The previous post in the series detailed a trick I learned about when to execute a chmod statement during deployment. Today, I'm sharing a tip about securing your Job Queue job scripts.

He talks about the security concerns around the scripts you use for your jobs and how to protect them since they're exposed to the world as public scripts (if their URL can be tracked down, that is). He shares a few lines of code that can help prevent that, though - a check to see if it's running as a job (via getCurrentJobId) and returning a "403 Forbidden" if not.

0 comments voice your opinion now!
zendserver deployment tips series part3 security jobid

Link: https://mwop.net/blog/2014-09-04-zend-server-deployment-part-4.html

Matthew Weier O'Phinney:
Deployment with Zend Server (Part 3 of 8)
September 03, 2014 @ 09:34:51

Matthew Weier O'Phinney has posted the third article in his "Deploying Zend Server Tips" series today. In this tip he talks about file permissions and execution of shell commands.

In the first tip, I detailed writing deployment scripts. One of the snippets I shared was a chmod routine. [...] The code is fine; what I did not share is where in the deployment script you should invoke it. As I discovered from experience, this is key.

He points out that the deployment is run under a different user than the web server user. Future writes to those files by the web server could fail because of it, so he recommends running the permission change as the last step of the deployment script. If this ti was interesting and you'd like to check out more, you can find them in the first and second parts of the series.

0 comments voice your opinion now!
zendserver deployment tips series part3 chmod script

Link: https://mwop.net/blog/2014-09-02-zend-server-deployment-part-3.html

Matthew Weier O'Phinney:
Deployment with Zend Server (Part 1 of 8)
August 27, 2014 @ 10:41:33

Matthew Weier O'Phinney has posted the first part of an eight part series he's writing about deploying applications with Zend Server. Zend Server is a product of Zend that provides an integrated platform for PHP-based applications, a self-contained environment making things easier to manage and enhance performance.

I manage a number of websites running on Zend Server, Zend's PHP application platform. I've started accumulating a number of patterns and tricks that make the deployments more successful, and which also allow me to do more advanced things such as setting up recurring jobs for the application, clearing page caches, and more.

His examples can be used with any of the Zend Server versions available, including the Development Edition that can be used for trial purposes. The remainder of the post is his first tip: using the zf-deploy tool to make deployment of your application simpler. He includes an example of a script he uses for the deployment (written in PHP) to ensure the environment is set up correctly.

0 comments voice your opinion now!
zendserver deployment tips series part1

Link: http://mwop.net/blog/2014-08-11-zend-server-deployment-part-1.html

AboutPerformance Blog:
How to Spruce up your Evolved PHP Application - Part 2
August 08, 2014 @ 10:57:51

On the About:Performance site today there's a new post (part two in the series, part one is here) about increasing the performance in your PHP application. In this new post he talks about a few other updates that can be made to make your app fly.

In the first part of my blog I covered the data side of the tuning process on my homegrown PHP application Spelix: database issues, caching on both the server and the client. [...] In this part, I will concentrate more on technical topics: network traffic, code caching and session handling.

The post shares helpful tips and code examples showing how to:

  • Reduce Network Traffic
  • Leverage Browser / CDN cache
  • Use Conditional and Non-Conditional Caching
  • Using the HTML5 Application Cache
  • Optimize Session Handling

He does suggest the use of a commercial tool for a more in-depth analysis, but there's nothing here that it's required for. A little poking around in your browser can yield most of the same results.

0 comments voice your opinion now!
application performance tips traffic cdn cache session optimize

Link: http://apmblog.compuware.com/2014/08/06/spruce-evolved-php-application-part-2/

Inviqa techPortal:
"Your code sucks" - Tips on giving feedback
July 25, 2014 @ 12:15:21

If you're a part of a development team anywhere, chances are at one point or another you've asked for someone else to take a look at your code and give their opinions. Maybe it was you looking over a coworker's latest addition and it was...somewhat lacking. How can you say it in a constructive and nice way? The Inviqa techPortal has some suggestions.

Feedback on performance matters. It not only maintains quality, refines and hones performance, but it can also improve morale and trust, and build relationships. It can stop minor problems from escalating into major capability issues. It's something that every people manager or team leader should be doing as standard, and yet it's so hard to get right. For some people, giving good feedback is easy. [...] Delivering negative feedback can be a tricky process so how do you give negative feedback, or (as the much hackneyed phrase would have it) "constructive" feedback?

The post includes a list of six things to think about as you provide feedback to other developers (and even as a manager to your employees). The list suggests things like making it timely, listening to their side of things and setting a plan for resolving the issue.

0 comments voice your opinion now!
feedback tips code positive negative

Link: http://techportal.inviqa.com/2014/07/23/your-code-sucks-tips-on-giving-feedback-2/


Community Events





Don't see your event here?
Let us know!


symfony api laravel series release library zendserver list podcast package language tips opinion community framework introduction interview install update deployment

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework