Monthly Archives: March 2013

Windows vs Linux for Web Hosting

Purchasing web hosting for the first time can be a confusing proposition. There are so many different packages to choose from – do you want a dedicated server, a VPS or a shared host? Is Windows better than Linux? Deflate64 will enplane.
Well, the answer to the first question depends on the size and number of websites you want to host. The answer to the second question is also “It depends”.

Your Personal OS Choice is Not Important

Some people assume that they should use the same OS on their web host as they are on their PC. This is not necessary. Your web host is separate from your PC. You connect to your host using an FTP client, and a Windows computer can connect to a Linux host (or vice-versa) without any issues.

Your CMS Choice is Important

If you plan to create your website from scratch yourself then you should choose whichever OS you are most comfortable with and that supports the programming language and server technologies you wish to use.
However, if you are planning on installing a CMS such as WordPress, Magento, or Joomla, you should look for a host that offers good support for those.
In general, Linux based web hosts that use Apache, PHP and MySQL are better supported in terms of community scripts than Windows hosts. Usually, Linux hosting is cheaper too – especially when it comes to more powerful servers.
If you plan on running game servers rather than just simple websites, then Windows hosting may offer better compatibility.

Security and Speed

Both Linux and Windows hosting offer good security, speed and reliability, as long as they are configured correctly. If you aren’t confident in your abilities to maintain a server yourself choose a shared host or a managed VPS so that the web hosting company takes care of the heavy duty maintenance for you.

Common Attacks Web Developers Should Protect Their Sites Against

Web applications and software are becoming increasingly complex, and are starting to tie in to more and more platforms – such as Twitter, Facebook, OAuth and other similar services. As this happens, protecting your customer’s data becomes increasingly important.
Web developers must work hard to make sure that their servers are robust, stable, and resistant to attacks. Common attack vectors include:

Denial Of Service

Denial of Service (DOS) attacks are the most common attack used by unskilled or “script kiddie” attackers. This attack involves sending a high volume of requests (often from bots or computers infected with malware) to your computer. You can lessen the impact of these attacks via temporary IP blocking, and the use of a CDN (Content Delivery Network) and caching to reduce bandwidth and CPU useage.

SQL Injection

SQL Injection involves attempting to “break” web forms to fool the server into executing SQL commands send by a web browser. If you do not sanitize the input of your web forms to remove or escape special characters, then your site may be vulnerable to SQL injection attacks. If the attacker can access your database they can edit the content of your site, or query the database to access user’s login details and other data.

Cross Site Scripting

Cross Site Scripting, or XSS, is another popular attack. This attack involves embedding a link to a malicious script into a comment or forum post made by the attacker. When other users view this post, their browser will run the script because they believe it is coming from a trusted site. Cross site scripting can be used to do “drive by” installations of malware, steal cookies, or redirect the viewer to another malicious site.
There are other ways to attack websites, but the above are three of the most common. Protecting yourself against these attacks will do a lot to reduce the likelihood of your website being compromised.

Tips for Web Application Development

Web application development is a rather different system today to what it was even just a few years ago. Now, web developers have to understand OOP practices, master multiple scripting languages, and learn to work with several different APIs. The days of throwing together a site with PHP and MySQL and letting it stand in isolation are long gone.

Open Source Development

One of the best ways for developers to get started these days is to work with or on open source projects. Open source development is a great way to network, meet new developers and learn new skills. Whether you volunteer for Magento, Mozilla or Ubuntu doesn’t really matter – pick something that matches your skills and interests, and work on it.

Pick Simple Problems and Solve Them

Don’t try and reinvent the wheel – there’s no point working on an all-singing, all dancing blogging platform as your first project when WordPress already exists. Why try to build a new ecommerce platform when Magento and OSCommerce already do the job perfectly well? Instead of trying to take on such a huge project to begin with, stick to solving smaller problems with elegant hacks. Build up a portfolio of smaller, finished projects and work on your mega-project once you have a following.

Share Your Code

Post your code to GitHub, sorceforge and other similar websites. Treat GitHub as a super LinkedIN page or resume. Showing your programming code is a good way to learn, get advice, and promote yourself. If there’s something wrong with your code, people will tell you. If your code is good, people will appreciate it – you’re helping others and could get a job out of it.
Of course, before you post any code you should make sure that it’s worth posting. Learn how to comment your code, how to structure it well, and how to optimize it. Only post code you’d be willing to show a prospective employer.

Short Definition of the Deflate64

Enhanced Deflate is also the other definition of the Deflate64™.
The Deflate64 is algorithm for compression and actually is a version of the same Deflate algorithm which uses sliding window 64K in opposite to the 32K window. The difference serves to compress sub-sequence of bits.

Deflate64 vs Deflate Compression

Deflate64, or “expanded deflate”, or “enhanced deflate”, is an improved version of the Deflate compression algorithm. The original Deflate algorithm was introduced by PKWare almost 30 years ago, with the release of PKZip 2.04g. This algorithm was quite groundbreaking – it was fast and still achieved moderately good compression. It was a lossless algorithm, and was patented in the USA under patent number 5051745.
Deflate was the most widely used compression algorithm for many years, but the compression it offered was insufficient for very large files. In 2001, PKWare released PKZip 4.5, and with it they introduced Deflate64. This compression algorithm is almost as fast as Deflate, but offers much better compression.

How Does Deflate64 Work?

The main difference between Deflate and Deflate64 is that Deflate53 uses a 64K sliding window, rather than a 32K sliding window, when performing Lempel-Ziv compression. This means that it is not backwards compatible with Deflate, however on supported machines it offers much better compression.
The final length code has been expanded by 16 extra bits, and the distance codes have also been expanded to address a 64K range. These codes were unused in Standard Deflate. Compression is achieved in a two-step process of duplicate string elimination followed by bit reduction.

Availability in Programming Libraries

Implementations of Deflate are available in several languages through the zlib and gzip libraries. Most C programs use zlib, while Pascal developers can use paszlib. In Java, developers (I know Magento programmers who know that too) can make use of the implementation found in Java.Lib.Zip.
PKWare has trademarked Deflate64, and it is considered to be a proprietary implementation. Deflate64 is not supported in zlib because of its proprietary nature, and the marginal performance difference when compared to Deflate. Deflate is also used in several hardware encoders. Comtech has produced a PCI-X card which can compress streams at a rate of 3Gbit/Sec, however this uses standard Deflate rather than Deflate64.

Marketing Your Magento Extension

One of the best things about Magento is that it is extensible – anyone can create a Magento extension and share it or sell it to other Magento users. The ease with which you can create extensions has some downsides, however. There are a lot of extensions on the market.

Discoverability

One of the biggest problems with online app/extension stores – such as Magento Connect – is discoverability. When there are thousands of extensions to choose from, why should a user pick your extension over another one that is free, was made by more well-known web developers, or has been around longer.
You can drive attention to your profile through marketing – promoting your extension via social media, reaching out to web design bloggers, and taking out ads on popular web design sites. However, all this does is drive eyeballs to your profile. There’s more to building a user base than simply getting people to look at your extension.

The Issue of Trust

Few web developers are willing to run unknown code on a production website. To persuade people to install your plugin, you need to get them to trust you. One way to do this is to fill out your Magento Connect profile properly.
Take the time to upload a logo, fill out detailed contact information for your business, and link to your support page. In addition, create a professional looking logo for your extension, and fill out the details page properly. If it looks like you’ve put effort into your profile, people are more likely to believe that you’ve put effort into your extension too.
Encourage people to rate your extension after they’ve used it, and respond to comments and questions so that people know you care about your users. In a saturated market, a simple, working product produced by a developer that cares is far more likely to do well than a sophisticated extension from an unknown, unresponsive developer.