Weblinks
Notes
-
3rd
Feb
2014
AWS Tips I Wish I'd Known Before I Started
A collection of random tips for Amazon Web Services (AWS) that I wish I'd been told a few years ago, based on what I've learned by building and deploying various applications on AWS.
-
8th
Apr
2013
Protecting Yourself Against Insecure Websites
Advice for protecting your online accounts when having to use websites which don't store your passwords securely.
-
17th
Jun
2012
Fix Graphics in Ubuntu 10.04 Lucid Lynx on a Toshiba Portégé
A quick guide on how to get graphics working on a Toshiba Portégé laptop when running Ubuntu 10.04 Lucid Lynx.
-
6th
Mar
2012
Fix Networking in Ubuntu 10.04 Lucid Lynx on a Toshiba Portégé
A quick guide on how to get networking working on a Toshiba Portégé laptop when running Ubuntu 10.04 Lucid Lynx.
-
6th
Feb
2011
Secure Session Management Tips
Eleven tips for securely managing sessions in web applications. Detailing the current best practices along with common security issues and how to protect against them.
-
4th
Jun
2010
Cross Site Request Forgery (CSRF/XSRF)
A look at what cross site request forgery is, and the techniques you can use to protect your site against it (including how not to protect against it). I also touch on the differences between POST and GET, and the conventions you should use.
-
9th
Feb
2010
Do we Really Need to Keep Typing www?
A look at whether we really need to type out the 'www.' before a domain. This information can usually be implied, yet some sites continue to fail if you attempt to visit the URL without those four characters, infuriating users and sending them to look elsewhere for business.
-
14th
Jan
2010
Creating a 'Database is Down' Page
Don't leave your users hanging when your database goes for a walk. Automatically detect the situation and give them something else to read instead.
-
12th
Dec
2009
Taking the Security out of Security Questions
Security questions are a great way for your users to access their account if they lose their password. They're also a great way for people to hack into your user's accounts. Don't negate a great password system by weakening it with poorly implemented security questions.
-
3rd
Nov
2009
Password Rules Don't Always Help
Password rules and restrictions are implemented almost everywhere with the intention of forcing complexity to make novice users pick passwords that are harder to crack. In reality they're adding predictability making them easier to crack, and restricting choice, infuriating users who actually do pick complex passwords.
-
15th
Aug
2009
text-transform - Content or Presentation?
Don't get caught out by the quirks of text-transform: capitalize. It might not behave exactly as you'd expect.
-
19th
Jul
2009
JavaScript is Good, But Should Not be Relied Upon
JavaScript is a great tool for making the experience of a website better for the user, but it can also turn away lots of users if you don't have a fallback. Always make sure things work without JavaScript too, otherwise you're going to lose visitors.
-
21st
Jun
2009
Storing Passwords - The Wrong, Better and Even Better Way
Many websites are still storing passwords in a way which compromises user security. Don't put your users at risk, learn how you should (salted hash with key stretching) and shouldn't (plaintext, plain hash, md5, your own algorithm) deal with passwords.
-
29th
Apr
2009
Always Include a Print Stylesheet
A print stylesheet helps to make sure your website still looks as great when printed as it does on the web. It also helps to save ink by not printing useless items. They're simple to make and can make a world of difference for your users.
-
7th
Aug
2008
Separation of Content and Presentation with HTML and CSS
It's important to separate the content of a website from it's presentation, just using CSS doesn't always mean this is the case. Here are some common pitfalls people are making in this area.
-
2nd
Mar
2007
Music Recommendation Project
I'm building a music recommendation engine for my Masters degree.