Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I'm making an app with a friend. I have a server which supports PHP and MySQL which my app is based on.
So we need to collaborate when making the app.
We are using Dreamweaver and NetBeans and apps on our phones...
The question is:
Is it secure to put the app we are developing on the web while its under development, and what should we use to protect it from the outside world?
Will Password Protected FTP be a good solution? or HTTP with a password protected folder?
I have seen there is a problem in HTTP protected folders. The login accepts a some other passwords too. Like if the password is helloworld123 and you login with helloworld it would accept and login?
SO I think HTTP will not be a good solution. And if it is then how should i make it more secure?
So what should I use? FTP or HTTP? thanks...
If you are developing an application, you should really be developing it locally.
You will rapidly tire of testing a change by uploading it to a remote server.
Additionally, what happens if your friend makes a change, how do you know that he has made that change? You will very quickly get collisions in code which totally ruin your collaboration.
So first of all, you should both install a LAMP/MAMP/WAMP stack locally. You should be testing everything locally, and you don't need to publish it to a server to test.
Then, you should be using some kind of version control in order to add any changes you make to a remote repository. This means that then you and your friend can work in isolation from each other, and then commit your own changes to a repository, and then you can merge the branches as you go.
When your application is then finished, you can then start to think about putting it into a production ready state by adding it to a server.
Sign up for an account at GitHub.com read as much as you can about how version control works, because if you intend to work together on anything you need to wrap your head around it.
If possible I'd always reccomend using localhost and syncing with Dropbox or any similar app. Otherwise you can try .htaccess to prevent anyone other than you and your friend from accessing your page.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Currently i am developing an student information system and i am using premium bootstrap template for my application development. But the problem is now my web app being extremely slow; at first i thought that all of the different css files and js are the main reason for the issue; so i have magnify both css and js than put it into the one single file.
which makes my application 10 second faster than previous one. But the problem is now my apps gets 30 sec to load a single page. Also i have put all of the models in the single file which is 69KB in size. and i have done same for my controller which is 178KB in size.
I have also tried to implement cache on my controller which make my app just load in 10 sec but the problem is when i do CRUD operation then the changed result is not showing insistently. So my question is how can i make the application load time much faster.
There can be many reasons how your application is slow.
Use Autoload only whenever required.
Keep the config files in cofig directory.
Filter all input before adding them to DB.
Use less of core PHP code if there is an CI alternative.
Use helper or library for frequently used functions.
Also,
- Enable GZIP compression if you are on a online server.
- make fewer HTTP requests.
- Config files there are alot of you can disable to speed up.
Although this is just my view. There are many ways to speed up and many reasons slowing your application. It is all onhe your study on how you have coded your application.
hope this helps a little. :)
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
It is unclear to me how cloudControl MySQLd addon works.
My understanding of MySQLd is that it is a MySQL server that can/will work with unlimited apps.
But since all addons are only app based, this could also mean that I cannot use the same MySQLd server on multiple apps.
Could anyone please help me understand if one MySQLd instance can be used with multiple apps hosted on cloudControl?
There are two concepts on the cloudControl PaaS. Applications and deployments. An application is basically just grouping developers and deployments together. Each deployment is a distinct running version of the app from a branch matching the deployment name. More details on this can be found in the Apps, Users and Deployments documentation.
All add-ons are always per deployment. We do this because this way we can provide all credentials as part of the runtime environment. This means you don't have to have credentials in version controlled files. Thich is a huge benefit when merging between branches, because you don't risk accidentally talking to e.g. the live database from a dev deployment. Also add-on credentials can change at any time at the add-on providers discretion.
For this reason separation between deployments makes a lot of sense. Usually your dev deployments also don't need the same database power as the production deployment for example. So you can easily use a smaller plan or even a shared database (e.g. MySQLs) for development. You can read more about how to use this feature inside your code in the Add-on documentation.
Also as explained earlier, add-on credentials are always provided as part of the runtime environment. Now credetials can change at any time at the add-on providers discretion. These changes are automatically provided in the environment and the app processes restarted. If you had hard coded the credentials as would be required for the second app, this would mean the app would probably experience downtime.
Last but not least, it's usually very bad practice to connect to the same database from two different code bases in different repositories, which would be the reason to have a second app. This causes all kinds of potential conflicts and dependencies that make code changes and database migrations extremely hard to maintain over time. The recommended way would be to have the data owned by one code base only and provide an API to access that data from the second code base.
All this being said, it is technically possible to connect multiple deployments or even apps to the same add-on (database or anything else) but highly advised against.
If you have a good reason to connect two apps/deployments to the same database I would suggest you manually launch an RDS instance at Amazon (MySQLd is based on RDS) and provide credentials for that through the custom config add-on to both of your apps/deployments.
I hope this answers your question and also explains the reasons.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 12 years ago.
Improve this question
I'm trying to write some javascript functions to integrate with the Facebook stream. However they only seem to work if you are developing them directly on the live server so that Facebook can access the xd_receiver.htm file that they ask me to place at www.mydomain.com/xd_receiver.htm. However you all can probably agree that it's really important not to develop on the live servers.
Here's what I've tried so far:
Placing xd_receiver.htm on the live server and running my scripts on my dev server hoping that the API Key would tell the Facebook server to look for xd_receiver.htm on my live server...no luck
Signing up for two API Keys with Facebook: a dev key pointing to 127.0.0.1 and a live one pointing to my live site. The theory here was that if xd_receiver.htm was only needed locally then it would find it via 127.0.0.1...no luck
Has anyone figured out a way to do this? They can't expect us to develop our Facebook Apps purely live without a dev sandbox.
Some background info for what it's worth: Using ASP.NET with VB but hoping to use purely Javascript.
It's definitely possible to use local xd_receiver.htm files. I'm a Facebook app developer by trade, and I have dozens of them set up.
You're closest to the correct answer with your #2 above. The way to do it is create two versions of your app. If I was making "MyApp", I might have two Canvas Page urls of "myapp" and "myapp-dev", and corresponding Canvas Callback URLs of "www.myapp.com" and "192.168.1.1". Each one is a separate Facebook app, with their own API key, etc.
apps.facebook.com/myapp would go to my live server, and apps.facebook.com/myapp-dev would go to my local development machine. You have to make sure Facebook can get to your development machine of course.
However, things should work just fine from there. You don't even need different versions of the xd_receiver.htm file, as the file contents are always the same for every app. AS long as your FB.XdComm.Server.init("/xd_receiver.htm"); line points to the right file, it should work.
I manage API keys and paths and such in a configuration file, and have one configuration file per application, whether it be a dev or production app. That makes it easy to output correct keys and paths on the app pages.
You can keep your development app in sandbox mode and do all the work on your local machine.
The simplest way is to configure local DNS in such a way that for your production callback url localhost address will be returned. In windows you can easily achieve it with following entry in \windows\system32\drivers\etc\hosts "127.0.0.1 your_production_xd_receiver_callback_url". Of course you need to run your server on port 80. In windows its simple task since there is no security concenrs :) in UNIX system you need to configure it since it is port belowed 1024.
This solution is tested and works for me.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I am tasked with moving quite a few web apps including the databases to new servers, they are ASP.NET. I was not the one to create and setup these originally so I must try to figure out what exactly I need to replicate in order to not break anything and so the customers have no idea that anything was moved.
Does anyone have any tips for this, or know any automated ways?
Is there any software that can help with this?
I know the web app sends emails, so I will need to setup SMTP and it connects to a database so that I also will need to move. I suppose I should do this at night and take down the servers so I can move the database at it's latest state...
Any tips or tricks?
This might help: IIS 6.0 Migration Tool
"The Internet Information Services 6.0
Migration Tool is a command line tool
that automates several of the steps
needed to move a Web application from
IIS 4.0, IIS 5.0 or IIS 6.0 to a clean
installation of Internet Information
Services (IIS) 6.0 and Windows Server
2003.
The tool transfers configuration data,
Web site content, and application
settings to a new IIS 6.0 server if
desired, or can move just application
settings using the copy functionality.
"
I don't think it will help with the database migration, though.
Here's a link to more detailed information about using the tool.
May I suggest setting up the new servers in a staging environment. Allow business users to verify the functionality in the staging environment before flipping the switch and going live. Once you are ready, then bring over a fresh copy of the data. As far as the emails go... you should be fine with ASP.NET but some classic ASP programs require COM components in order to send email.
The route I've taken in the past is to do a live/current copy (whatever that entails) of $CURRENT_SERVER to $NEW_SERVER. If the DB is not moving, just make sure $NEW_SERVER can reach $DB_SERVER, and that it will continue to run once copied.
Then update DNS to point to $NEW_SERVER.
After some period of time (2-3x the TTL for the DNS record), remove the old server.
We just went through the same thing--bought a new server and had to transfer ASP.NET sites + Databases to the new server. We experienced problems with the IIS Migration tool, so we followed a "staging environment" approach, as stated in Berkshire's answer and had much success. When all issues are cleared from the staging environment, you can make it "live" with much confidence.
One other thing to watch out for is that you'll have to skim the ASP & VB/C# code for any hard-keyed connection strings to the database. These will have to change to reference the new location of the database.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I was wondering what is the preferred method of licensing a web site?
I distribute precomplied versions of my web sites with editable APSX files, the code behind is complied into separate DLL's for each page.
I have thought of implementing some sort of text injection into each page, similar to what Telerik controls do, when using a trial version. This demo text would disappear if using a licensed version.
One way I would think is to have the web site contact a web service to determine the license status but this would be an issue if the web service is down for any reason.
Thanks
It's absolutely unacceptable to have your controls rely on an external web service to check the license. The only thing you're going to get out of that is pissed off customers and maintenance issues for yourself.
I strongly encourage you to go with the honor system, or a very simple licensing key file (that never expires). You're selling a web site, not video games. Unless you know for a fact that you are losing significant money because of piracy of your product, do not waste your time. Remember the first rule of optimization!
you could build some sort of license controlmechanism into your website. therefore you could use the URL of the site (typically you sell your asp.net app for one or two urls to somebody), and e.g. you could also build some hardware-key-references into your license mechanism, so that a copy of your software is not possible to run on a different machine.
but keep in mind, all restrictions you build in will result in more work for your paying clients, and there is always somebody who want to try to use your software without paying it!