While Plone is quite fortunate to be built on top of the very safe and secure Zope 2 application server, there is always more we can do to make sure our site is running as safely and securely as possible.
Because security is such a big topic, there are many areas where we can perform audits and make improvements such as operating system (OS), flesystem (FS), through the web (TTW), and so on.
Lastly, there are some miscellaneous tasks that fall under the security umbrella; we can take this opportunity to learn them.
So let's get to it.
In this article by Alex Clark, author of Plone 3.3 Site Administration you will learn:
- Restricting TCP/IP access to localhost or LAN host
- Managing IP addresses and ports effectively
- Configuring the Zope 2 effective user dynamically
- Installing Cassandra to audit through the web (TTW) security
- Applying security and bug fixes to Plone
In this article by Jacob Gube, we will look at:
- The $() and $$() function
- Selecting HTML elements with pseudo-class selectors
- Selecting HTML elements based on their attributes
So let’s get on with it...Read Selecting DOM Elements using MooTools 1.2: Part 1 in full
Traditionally, web hosts have had a difficult time offering efficient, highly secure web space for a multitude of customers. Generally, a host will provide cheap accounts on a shared server and offer virtual machines as a more expensive option for the more security-conscious site owners. In this article, Joshua Kramer will explain how to provide highly secure hosting for Python-based web applications in an efficient manner. With the popularity of applications such as Trac, Django, and TurboGears, Python-based web applications will become more prevalent in the future, and the concepts presented in this article will become more valuable.Read SELinux - Highly Secured Web Hosting for Python-based Web Applications in full
This article covers every aspect of a form, including the different form fields offered by Sencha Touch, configuring each one of them for the user in a form, and configuring ways by which a typical form validation can be done. Fields such as Search, E-mail, DatePicker, Select, Slider, Checkbox, TextArea, FieldSet, and so on are covered in this article along with their detailed usage.
In this article by Ajit Kumar, author of Sencha Touch Cookbook, we will cover:
- Getting your form ready with FormPanel
- Working with search
- Putting custom validation in the e-mail field
- Working with dates using DatePicker
- Making a field hidden
- Working with the select field
- Changing the value using Slider
- Spinning the number wheel using Spinner
- Toggling between your two choices
- Checkbox and checkbox group
- Text and TextArea
- Grouping fields with FieldSet
- Validating your form
Specifically, we will cover the following points:
- The base component class
- Layouts revisited
In order to make our site successful, we need to attract and retain site visitors. SEO is a method of site analysis and best practices for building web pages that are easily discovered and indexed by search engines. SEO is used to make our content more relevant and easily read by search engines and their crawling and indexing software. Successful SEO makes it easier for both existing and potential customers to find your website. Fundamentally, SEO is about having your URL added to a search provider's database and appearing favorably in their search results. Well executed SEO is a process of making reasonable ongoing assumptions, following consistent practices, and includes continual site review and changes. SEO is constantly evolving and best practices are a big part. In this article by Thom Robbins, author of Kentico CMS 5 Website Development, let's look at some of the best practices that you can use when managing your site.Read SEO with Kentico CMS 5 in full
The main tunable settings for PostgreSQL are in a plain text file named postgresql.conf that's located at the base of the database directory structure. This will often be where $PGDATA is set to on UNIX-like systems, making the file $PGDATA/postgresql.conf on those platforms.
This article by Gregory Smith, author of PostgreSQL 9.0 High Performance, mirrors the general format of the official documentation's look at these parameters at http://www.postgresql.org/docs/current/static/runtime-config.html. However, it is more focused on guidelines for setting the most important values, from the perspective of someone interested in performance tuning, rather than describing the meaning of every parameter. This should be considered a supplement to rather than a complete replacement for the extensive material in the manual.Read Server Configuration Tuning in PostgreSQL in full
Many of you as (Java) programmers generate business purpose code, like "confirming an order" or "find available products". At times, you may also want to connect to external systems and services, since your application in isolation alone will not provide you the required functionality. When the number of such connections increases, you would be generating more and more of "integration code", mixed along with your business code.
In this short article, Binildas A. Christudas introduces the Java Business Integration (JBI) specification and discusses how it is covered in his new book, Service Oriented Java Business IntegrationRead Service Oriented Java Business Integration - What's & Why's in full
We will cover the following in this article by Binildas A. Christudas, author of Service Oriented Java Business Integration:
- Proxy design pattern in general
- Proxy support in Java SDK with examples
- ServiceMix JBI Proxy
- A few samples of defining and exposing proxies to services in the JBI bus
In this article by Binildas C. A., author of Service Oriented Java Business Integration, we will cover practical use of JBI Proxy—to proxy external web services in the JBI bus.Read Service Oriented JBI: Invoking External Web Services from ServiceMix in full
SOA governance is the combination of people, policies, and processes within your organization that will ensure that the desired behaviors of your strategic SOA initiative are achieved.It includes the traditional areas associated with IT Governance, which is the selection and funding of IT projects. These projects define the initial scope for technology utilization and can either help or hinder the SOA effort, based upon the scope chosen. In this article by Todd Biske we will see that the SOA effort only gets executed through projects, and if the execution is poor, the SOA effort will be poor. Therefore, the project governance activities of an organization must be adjusted to include policies associated with achieving the desired behaviors associated with SOA adoption.
Advasco had initial success with their Customer Information Service and then opened the flood gates for development by the rest of the organization. These efforts were successfully reigned in by the newly formed Center of Excellence. Now, the team at Advasco faces a new challenge: modifying an existing service to handle the needs of a new consumer. This article will go over the challenges faced by the team and then present guidance for handling this situation within your own organization.Read Service Versioning in SOA in full
In this article, by Martin Brampton author of PHP 5 CMS Framework Development, we get into the detailed questions involved in providing continuity for people using our websites. Almost any framework to support web content needs to handle this issue robustly, and efficiently. In this article, we will look at the need for sessions, and the PHP mechanism that makes them work. There are security issues to be handled, as sessions are a well known source of vulnerabilities. Search engine bots can take an alarmingly large portion of your site bandwidth, and special techniques can be used to minimize their impact on session handling. Actual mechanisms for handling sessions are provided. Session data has to be stored somewhere, and it is better to take charge of this task rather than leave it to PHP. A simple but fully effective session data handler is developed using database storage.Read Sessions and Users in PHP 5 CMS in full
In this article series by Derrin Michael Kent, author of Mahara 1.2 ePortfolios Beginner's Guide, we will look at creating our own profile page and using the Mahara text editor.Read Set up your own Profile in Mahara: Part 1 in full
In this article series by Derrin Michael Kent, author of Mahara 1.2 ePortfolios Beginner's Guide, we will look at creating our own profile page and using the Mahara text editor. Read Set up your own Profile in Mahara: Part 1Read Set up your own Profile in Mahara: Part 2 in full
Enabling a store to accept credit cards online and other alternative payment methods for customers is vital for high availability of an online store.
In this article by Murat Yilmaz, author of OpenCart 1.4 Beginner's Guide, we shall learn:
- The basics of online credit card processing
- Merchant account
- Payment gateway
- PayPal as a payment method
- The differences between several PayPal services
- Bank Transfer, Cheque or Money Order, Cash on Delivery payment options
We should clearly understand the three core elements of accepting credit card payments for an online store before starting on the details of online credit card processing.Read Setting Payment Model in OpenCart in full
This article by Andries L Pretorius, author of Compiere 3 Implementation Guide, gives you an overview of the Compiere Workflow processes, and illustrates how this is set up.Read Setting Up a Basic Document Workflow in Compiere 3 in full
BizTalk enables the integration and managment of automated business processes within or across organizational boundaries. To build a solid BizTalk solution, deploy a robust environment, and keep it running smoothly you sometimes need to broaden your spectrum, explore all possibilities, and choose the best solution for your purpose. In this article by Steef-Jan Wiggers, author of BizTalk Server 2010 Cookbook, we will cover:
- Gathering requirements by asking the right questions
- Analyzing requirements and creating a design
- Installing and using the BizTak Best Practices Analyzer
- Validating BizTalk installation with the BizTalk Benchmark Wizard tool
- Automating performance analysis by using the PAL tool
In order to demonstrate Django's rapid development potential, we will begin by constructing a simple, but fully-featured, e-commerce store. The goal is to be up and running with a product catalog and products for sale, including a simple payment processing interface, in about half-an-hour. If this seems ambitious, remember that Django offers a lot of built-in shortcuts for the most common web-related development tasks. We will be taking full advantage of these and there will be side discussions of their general use.
In addition to building our starter storefront, this article aims to demonstrate some other Django tools and techniques. In this article by Jesse Legg, author of Django 1.2 e-commerce, we will:
- Create our Django Product model to take advantage of the automatic admin tool
- Build a flexible but easy to use categorization system, to better organize our catalog of products
- Utilize Django's generic view framework to expose a quick set of views on our catalog data
- Finally, create a simple template for selling products through the Google Checkout API
This article will take you through all the recipes that you require to build your very own development environment. This will be done in a step-by-step manner, via the suggested best practice of using a Windows Server 2008 R2 server as the base operating system running on a virtual machine.
In this article by Ed Musters, author of Microsoft SharePoint 2010 Development Cookbook, we will cover the following concepts:
- Selecting your virtual environment
- Installing and configuring Windows Server 2008 R2
- Installing and configuring SQL Server 2008 R2
- Installing Microsoft SharePoint Server 2010
- Installing Microsoft Office 2010 Professional