While Plone is quite fortunate to be built on top of the very safe and secure Zope 2 application server, there is always more we can do to make sure our site is running as safely and securely as possible.
Because security is such a big topic, there are many areas where we can perform audits and make improvements such as operating system (OS), flesystem (FS), through the web (TTW), and so on.
Lastly, there are some miscellaneous tasks that fall under the security umbrella; we can take this opportunity to learn them.
So let's get to it.
In this article by Alex Clark, author of Plone 3.3 Site Administration you will learn:
- Restricting TCP/IP access to localhost or LAN host
- Managing IP addresses and ports effectively
- Configuring the Zope 2 effective user dynamically
- Installing Cassandra to audit through the web (TTW) security
- Applying security and bug fixes to Plone
This article by Aurelio De Rosa the author of Instant JQuery Selectors, describes how many and what are the selectors to collect elements by their attributes.
In this article, we'll see how to select elements by their attributes paying attention to some quirks that can lead to an unexpected behavior.Read Selecting by attributes (Should know) in full
In this article by Jacob Gube, we will look at:
- The $() and $$() function
- Selecting HTML elements with pseudo-class selectors
- Selecting HTML elements based on their attributes
So let’s get on with it...Read Selecting DOM Elements using MooTools 1.2: Part 1 in full
In this article by Jonathan Chaffer and Karl Swedberg, the authors of Learning jQuery Fourth Edition, we will cover the structure of the elements on a web page, how to use CSS selectors to find elements on the page, and custom jQuery extensions to the standard set of CSS selectors. The jQuery library harnesses the power of Cascading Style Sheets (CSS) selectors to let us quickly and easily access elements or groups of elements in Document Object Model (DOM).Read Selecting Elements in full
This article created by Simon Lidberg the author of Getting Started with SQL Server 2012 Cube Development, serves as an introduction to Business Intelligence solutions and specifically self-service solutions.Read Self-service Business Intelligence, Creating Value from Data in full
In this article by James Serra and Bill Anton, authors of Reporting with Microsoft SQL Server 2012, we will look into what self-service reporting is and talks about how Power View solves self-service reporting needs, covering its main features and functionalities.Read Self-service reporting in full
Traditionally, web hosts have had a difficult time offering efficient, highly secure web space for a multitude of customers. Generally, a host will provide cheap accounts on a shared server and offer virtual machines as a more expensive option for the more security-conscious site owners. In this article, Joshua Kramer will explain how to provide highly secure hosting for Python-based web applications in an efficient manner. With the popularity of applications such as Trac, Django, and TurboGears, Python-based web applications will become more prevalent in the future, and the concepts presented in this article will become more valuable.Read SELinux - Highly Secured Web Hosting for Python-based Web Applications in full
This article covers every aspect of a form, including the different form fields offered by Sencha Touch, configuring each one of them for the user in a form, and configuring ways by which a typical form validation can be done. Fields such as Search, E-mail, DatePicker, Select, Slider, Checkbox, TextArea, FieldSet, and so on are covered in this article along with their detailed usage.
In this article by Ajit Kumar, author of Sencha Touch Cookbook, we will cover:
- Getting your form ready with FormPanel
- Working with search
- Putting custom validation in the e-mail field
- Working with dates using DatePicker
- Making a field hidden
- Working with the select field
- Changing the value using Slider
- Spinning the number wheel using Spinner
- Toggling between your two choices
- Checkbox and checkbox group
- Text and TextArea
- Grouping fields with FieldSet
- Validating your form
Specifically, we will cover the following points:
- The base component class
- Layouts revisited
In order to make our site successful, we need to attract and retain site visitors. SEO is a method of site analysis and best practices for building web pages that are easily discovered and indexed by search engines. SEO is used to make our content more relevant and easily read by search engines and their crawling and indexing software. Successful SEO makes it easier for both existing and potential customers to find your website. Fundamentally, SEO is about having your URL added to a search provider's database and appearing favorably in their search results. Well executed SEO is a process of making reasonable ongoing assumptions, following consistent practices, and includes continual site review and changes. SEO is constantly evolving and best practices are a big part. In this article by Thom Robbins, author of Kentico CMS 5 Website Development, let's look at some of the best practices that you can use when managing your site.Read SEO with Kentico CMS 5 in full
The main tunable settings for PostgreSQL are in a plain text file named postgresql.conf that's located at the base of the database directory structure. This will often be where $PGDATA is set to on UNIX-like systems, making the file $PGDATA/postgresql.conf on those platforms.
This article by Gregory Smith, author of PostgreSQL 9.0 High Performance, mirrors the general format of the official documentation's look at these parameters at http://www.postgresql.org/docs/current/static/runtime-config.html. However, it is more focused on guidelines for setting the most important values, from the perspective of someone interested in performance tuning, rather than describing the meaning of every parameter. This should be considered a supplement to rather than a complete replacement for the extensive material in the manual.Read Server Configuration Tuning in PostgreSQL in full
In this article by Hussein Nasser, author of Administering ArcGIS for Server, we will learn how to read logfiles and understand them in order to extract useful information that can help solving problems that might occurRead Server Logs in full
This article by Prabath Siriwardena, the author of Enterprise Integration with WSO2 ESB, helps you gain knowledge about Service Chaining. The Enterprise Service Bus(ESB) today serves as a key component in most of the enterprise grade deployments. In most cases the ESB removes point-to-point dependencies in your system to build a highly scalable and loosely coupled solution. But that does not necessarily mean ESB means SOA. ESB is a key ingredient to build an SOA infrastructure, but it's not a must. Even with an ESB if not followed industry best practices and patterns you will end up with a mess.Read Service Chaining in full
Many of you as (Java) programmers generate business purpose code, like "confirming an order" or "find available products". At times, you may also want to connect to external systems and services, since your application in isolation alone will not provide you the required functionality. When the number of such connections increases, you would be generating more and more of "integration code", mixed along with your business code.
In this short article, Binildas A. Christudas introduces the Java Business Integration (JBI) specification and discusses how it is covered in his new book, Service Oriented Java Business IntegrationRead Service Oriented Java Business Integration - What's & Why's in full
We will cover the following in this article by Binildas A. Christudas, author of Service Oriented Java Business Integration:
- Proxy design pattern in general
- Proxy support in Java SDK with examples
- ServiceMix JBI Proxy
- A few samples of defining and exposing proxies to services in the JBI bus
In this article by Binildas C. A., author of Service Oriented Java Business Integration, we will cover practical use of JBI Proxy—to proxy external web services in the JBI bus.Read Service Oriented JBI: Invoking External Web Services from ServiceMix in full
SOA governance is the combination of people, policies, and processes within your organization that will ensure that the desired behaviors of your strategic SOA initiative are achieved.It includes the traditional areas associated with IT Governance, which is the selection and funding of IT projects. These projects define the initial scope for technology utilization and can either help or hinder the SOA effort, based upon the scope chosen. In this article by Todd Biske we will see that the SOA effort only gets executed through projects, and if the execution is poor, the SOA effort will be poor. Therefore, the project governance activities of an organization must be adjusted to include policies associated with achieving the desired behaviors associated with SOA adoption.
Advasco had initial success with their Customer Information Service and then opened the flood gates for development by the rest of the organization. These efforts were successfully reigned in by the newly formed Center of Excellence. Now, the team at Advasco faces a new challenge: modifying an existing service to handle the needs of a new consumer. This article will go over the challenges faced by the team and then present guidance for handling this situation within your own organization.Read Service Versioning in SOA in full
In this article by Sébastien Armand, the author of the book Extending Symfony2 Web Application Framework, has discussed about the basics of services in the Symfony2 framework. A service is an essential and core concept in Symfony2. In fact, most of the framework itself is just a big set of predefined services that are ready to use. As an example, if you just set up a new installation of Symfony2, from your project root, you can type php app/console container:debug to see the full list of services currently defined in your application. As you can see, even before we start writing anything for our application, we already have almost 200 services defined. The php app/console container:debug <service_name> command will provide information about a specific service and will be a useful command to refer to throughout the article.Read Services in full
In this article, by Martin Brampton author of PHP 5 CMS Framework Development, we get into the detailed questions involved in providing continuity for people using our websites. Almost any framework to support web content needs to handle this issue robustly, and efficiently. In this article, we will look at the need for sessions, and the PHP mechanism that makes them work. There are security issues to be handled, as sessions are a well known source of vulnerabilities. Search engine bots can take an alarmingly large portion of your site bandwidth, and special techniques can be used to minimize their impact on session handling. Actual mechanisms for handling sessions are provided. Session data has to be stored somewhere, and it is better to take charge of this task rather than leave it to PHP. A simple but fully effective session data handler is developed using database storage.Read Sessions and Users in PHP 5 CMS in full