Is Verizon SkyNet? Reroutes Entire Network After Typhoon Kills Cables
Sep 18th
Say you’re the CEO of a large internet provider based in Taiwan. A huge typhoon comes out of nowhere and wipes out ten of your largest cable lines, thus transforming the world wide web enjoyed by millions of customers into a worldwide disaster. What would you do?
In Verizon’s case, your system would have woke up, assessed the entire situation and rerouted itself so fast that the only way of knowing something was wrong would be to open the window and let Typhoon Morokat blow you to the other side of the planet. It’s a bit exaggerated, but since Verizon invested three-billion dollars into their network, near disasters such as this can be handled effortlessly and the entire network can reconfigure itself without any human contact. The concept itself is referred to as an advanced network mesh, and clearly Verizon is leading the way in how global systems are configured and maintained. With this sort of technology out of R&D and in wide-spread use already, maybe it’s time to revisit that save-the-world strategy to overcome a SkyNet clone whose only reason for human communication is when it tries to show the planet who’s boss.
Free WordPress Themes
Sep 18th
Where to Find Free WordPress Themes
There are literally hundreds of blogs out there that link to the same 30 or so free WP designs. Since we’re trying to be different, we’ve set out to create ten of our own free blog templates that are look great, and are easily customizable – even if you’ve never used CSS or HTML before!
We have a huge amount of work ahead of us, since our site is brand new, but you can expect these free themes to be released during Winter, 2009. This page will be updated as each theme progresses, so stay tuned.
Dedicated Servers
Sep 18th
Introduction: What is a Dedicated Server?
Larger websites, or those which serve a high amount of media, are best suited on a dedicated server. This sort of arrangement generally means you’re allowed to rent and use a server to its fullest capacity, provided your content and site are within the providers terms and service. Since you are essentially renting the entire computer for use as a web host, (or streaming media server, game server, ect) you are not usually subject to the limitations found in most VPS or shared hosting environment. In fact, the only real limits placed are bandwidth allotment, and the maximum power of the computers components.
How Much Does a Dedicated Server Cost?
Dedicated web servers are priced based on their configuration, and the amount of bandwidth supplied. General configurations may include 10mbps (megabits per second), and are billed on the 95th percentile; your monthly bill would be calculated by traffic spikes, in which case high-traffic sites could consider the alternative bandwidth cap of 5TB (terabytes) per month, which ensures the same fee, plus overage fees.
Why Would I Need One?
Justification of upgrading to a full server vary, however sites with increasing page views per month will benefit from the investment.
Dedicated Server Options – Operating System:
Windows and Linux are the two major operating systems provided. Both have thousands of monitoring applications and server enhancement tools available, and both bug fixes and security patches are released on a monthly (or sooner) basis. Linux distributions are usually offered at no extra cost, however Windows IIS environments come with a extra charge, which increases your monthly bill.
Windows Server 2003 and 2008 both server web content using Microsoft IIS, and execute scripts written in ASP, which is default on all Windows based server systems. IIS includes plugins (called snap-ins) which can execute PHP, and you can even run Apache on Windows. IIS provides a simple to use interface, while allowing for more advanced options to be used if needed. There are commercial training courses available which teach the very basic fundamentals, to the expert skills needed to deploy IIS based sites across a intranet, or the web.
Linux, on the other hand, is completely open-source and its core functionality can easily be customized on a level unavailable on Windows. For example, a Linux system which is intended to server static content, such as images or cached HTML and CSS stylesheets, can be tweaked to do so, such as removing all traces of any dynamic run-time components. On a purely subjective note, some security experts claim that a LAMP install is inherently more secure than Windows, and therefore the real exploitations to be considered lie within the scripts run on the site itself.
Things to Consider When Buying a Dedicated Server:
There are two main resource allotments to think about when comparing providers, the priority of which obviously dependent on situation.
Bandwidth allotment:
Unmetered bandwidth can prevent unwanted overage fees by capping the maximum output of bandwidth you’re allowed. Once this level is reached, visitors may experience longer loading times which accessing your webpage, or may see the 503 (service unavailable) HTTP message.
The 95th percentile billing option refers to your monthly bill being calculated per peak usage, rather than a set price for a set amount of transfer. This is useful for sites with known traffic patterns, but a high-traffic spike (such as getting linked from a popular site, like Digg or Yahoo) can increase the amount you have to pay at the end of the month, even if the spike lasted only a short time.
Total transfer calculates cost by adding both inbound and outbound transfer and billing for that amount.
Disk space:
For this explanation, disk space refers to both the amount of storage needed for the files stored on the hard drive, as well as the size of any databases created with MySQL or Postgres.
With the cost of hard disks being around $200 for a TB of storage, most providers are able to offer incredible amounts of storage for little price. However, the true cost in this regard is the amount of resources needed to store and serve media that you may embed within your site. Websites with lots of images and video may benefit from moving this content onto a CDN (content delivery network) to prevent bandwidth and hard drive storage overage fees.
Comparing Dedicated Server Providers and Choosing the Best Option
We have provided a quick checklist of twenty-five key points to use when choosing a dedicated host. If you’re in the market for a faster server, check out our quick dedicated server comparison review.
48 Creative, Unusual Business Card Designs and Concepts
Sep 17th
Slightly Adnormal, Regularly Shaped Business Card Designs
While these first seventeen business cards aren’t exactly normal in the traditional sense, they do contain properties of normal-sized cardstock, which lets your prospects store them in their wallets and rolodexes without much hassle. As an aside: does anyone actually use a rolodex, anymore?
Completely Different, Unusual and Obvious Card Concepts
Completely out of the ordinary, these twenty card concepts take branding one step further with unusual designs that use art to immediately convey the type of business they provide. From ticket stubs to the chest physician’s obvious lung-capacity testing balloon, try to figure out what each business does just by looking at their image.
Unique Card Holders that Grab Your Attention:
Like golf? How about Hello Kitty? While this section steers away from actual business card design, it shows a glimpse of how creative people can successfully grab the attention of business prospects by using unique, eye-catching card holding containers in their office or trade booth.
Creating a Useful Card that Serves a Secondary Purpose:
As mentioned above, the primary purpose of a business card is to brand yourself, and then possibly convert your networking skills into fruitful business relationships. These last four useful biz cards pull double-duty, providing utilities such as the Japanese bottle opener, or Kevin Mitnick’s lock-picking tools. To further prove the power of this type of branding, recall how many times you have saw the following business card being promoted on the web in the past two years:
7 Time Saving Tips for the Web Designer
Sep 16th
How much time do you spend on designing websites? For those of us who pay the bills through web-dev, or even the occasional freelancer looking to break into web design, these seven time-saving tools can allow you to spend less time on tedious, repetitive tasks so you can devote more time to writing content or marketing your services.
Using a Free Theme For Your Site Design
If you’re not keen on creating your own custom-coded site framework, you’re in luck: apps such as WordPress and Drupal offer thousands of great-looking, free themes that instantly tackle the most time-consuming part of designing a site; the theme process. If you haven’t looked at the official WordPress theme repository, it’s recently been updated with a better sorting algorithm, and the addition of premium themes. Likewise, the Drupal community is constantly creating new themes that rival those that could potentially cost a few hundred dollars when commissioned through a freelance site.
Creating a Theme Framework in PHP
Even if you’re not using WordPress or Drupal, you can save time by styling your site by using a theme framework, such as Smarty (which lets you cache parts of the design to even faster loading). Still think theming your site is too hard? We’ve got you covered in an upcoming post series that explains how to create a dead-simple, lighting-fast skin framework in PHP.
Screen and Video Capturing with Jing
If you’re still capturing screenshots using a combination of “Print Screen” and PhotoShop (or GIMP, even MS Paint) then the latest screen-casting software that is available will blow you away. Enter Jing, the free image and video capturing program from TechSmith. After loading, Jing places a ‘Sun’ icon on your desktop, which can be dragged to any edge, awaiting a single click which brings up a simple editing window. Enter text, place arrows and with one more click, your screenshot or video is sent on its way to the free image/video hosting site Screencast.com, or to a FTP server if you so choose. Jing offers a ton more options if you’re willing to configure it through an easy to use UI.
Using a Cross-Browser JavaScript Library
Remember the time when a simple AJAX function was a dozen lines of browser sniffing and error fallbacks within try/catch calls? Thankfully a plethora of JavaScript libraries have sprouted up that and are able to do cross-browser AJAX, animation, and DOM manipulation with a very minimal amount of code. Now you can replace document.getElementById(“formButton”).style=”display:none;” with $(“#formButton”).fadeOut(“fast”); to create a nice fade effect. As an added bonus, sites like Google even encourage you to use their hosted version of jQuery, which saves seconds on your sites loading time.
Sorting Out Your Tasks With a Todo List or Time Management Program
Your latest design spec may seem complete, but where do you begin? For newcomers and even the occasional freelancer, it may seem overwhelming. Everyone can benefit from a well thought out todo list, and sites like Unfuddled and Backpack allow you to simply input a list of tasks, sort them by priority, and then cross them off one by one as they’re completed. More advanced services provide deeper analytics, and display the amount of time spent on each specific task. This process can really speed up the time it takes to plan, develop and push your site live by allowing your creative process to focus on tasks at hand, rather than time management.
Testing Your Web Design in Multiple Browsers
While the top four browsers on the market are each finally able to render a standards-based site correctly, don’t forget about the millions of people still stuck with older software, such as Internet Explorer 6, Netscape, or older versions of FireFox and Opera (which don’t support AJAX and CSS as well). For any designer looking to serve as wide a audience as possible, cross-browser layout testing has become quick and painless, and as simple as entering your URL into a site such as BrowserShots. Gone are the days of installing a dozen out of date browsers just to see if your JavaScript menu behaves correctly.
Using a Free Stock Photo Site to Quickly Decorate Your Posts
When first visiting your site, the average readers attention span is around 8 seconds, and according to Akamai, the crucial first four seconds of page load will determine whether 75% of all visits will bounce off your site (presumably, back to Google or the referring page). This is why it is important to have a quickly loading site and to engage your readers quickly in order to grab their attention. The use of free stock photos can make or break a site for first-time visitors, and fortunately there are thousands of high-quality, free stock photos that you can use from sites such as the Stock Exchange (not to be confused with any financial market sites). Keep in mind that the images you use should allow embedding within your site, and are relevant to your content.
12 Vector Art Twitter Profiles for Design Inspiration
Sep 2nd
It may seem like our magazine’s main focus is a bit on the technical side, we know that webmasters and designers alike can always find inspiration in the creative designs produced by some imaginative artists on twitter. Check out these 12 designs, and let us know if your own profile (or someone you follow) has the flare and style as these incredible creations!
Do you know of any interesting twitter profiles with vector art? If so, let us know by leaving a comment or tweeting us @hostchecklist.
Welcome to WebHost Checklist Network!
Aug 18th
The finishing touches are done, and the site is finally live! We’ve worked a good three months up to this point, to create our hosting knowledge base and reviews of most every web-hosting related app under the sun! Relax from searching the web and find your answers on our site!
Installing a Secure LAMP Server in 5 Steps
Jul 19th
sudo apt-get install apache2
LAMP’s central software package is Apache, the open-source web server. Although originally designed to run on Unix based machines, webmasters can now install Apache on Windows easily through an XAMPP based installation. In fact, most of the steps in this tutorial can be ignored by choosing to install XAMPP.
sudo apt-get install php5 libapache2-mod-php5 sudo /etc/init.d/apache2 restart
The PHP scripting language will allow webmasters to create any run almost all of the popular web publishing platforms: WordPress, Drupal and MovableType all use PHP on the backend. With hundreds of inbuilt functions, such as file system and socket management, PHP can handle most any web app with ease – from the most basic TODO list app to the largest user-submitted encyclopedia in the world.
sudo apt-get install mysql-server
gksudo gedit /etc/mysql/my.cnf
bind-address = 127.0.0.1 <-- change to IP address
mysql -u root
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('yourpassword');
gksudo gedit /etc/php5/apache2/php.ini
extension=mysql.so <-- uncomment (remove semicolon)
Now it’s time to install a RDMS system called MySQL. It’s a server-based database program that can hold information on your webserver, such as blog posts, forums, web stats and large amounts of textual data. After proper configuration, MySQL can scale well enough that some of the most popular websites in the world deploy it: FaceBook, Google and Wikipedia are just a few of the sites that use MySQL to power portions of their web empires.
Two requirements are needed for a basic installation. Upon configuration, MySQL must know which IP address to bind with and a root password needs to be set. After that a single line in php.ini must be changed in order for PHP to load the MySQL extenstion upon loading.
sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin
Fourth on the list is to install various tools and Apache mods. This includes MySQL authentication and the MySQL mod that will allow communication between MySQL and PHP5. Another tool is the web-based phpMyAdmin database app, which can be used to administrate MySQL through any popular browser. All of the command-line statements can be issued with phpMyAdmin, and many of those are simplified through use of a GUI.
sudo /etc/init.d/apache2 restart
The final step is to simply restart Apache. After loading, Apache should be able to process and serve PHP scripts that communicate with MySQL (such as WordPress and Drupal) and will load when Linux boots. Any errors encountered during this last step can be debugged and fixed by looking through the log files (usually in /var/log/apache2) and by double-checking one of the configuration files.
Simple PHP User Authentication Login System
Jul 2nd
Note: the following code is for educational purposes only, and should not be deployed on any mission-critical systems or websites that require authentication. This post is best used as a tool to help understand the underlying concept of a basic PHP user login system and merely shows a simple example.
A good user-login system should do three things:
- 1. Allow the user to enter a username and password.
- 2. Validate that information and return success or otherwise.
- 3. Perform basic checks on $_SESSION login after the initial login.
The scope of this particular article will focus on the first stage of authentication, which centers on validating user input and establishing a very basic authentication scheme. In later articles, coders will focus on the more advanced concepts of security salts, and techniques to continue validation well after the user has initially logged in, by checking information just as the user’s browser agent and login time.
Assumptions: This tutorial will be using MySQL and PHP. Apache as a server platform is not required, and any server that allows PHP to manage a HTTP POST will work.
For the back end storage solution, many coders may choose to use one of the two versions of MySQL that are included by most shared hosting and VPS providers. With proper scaling configuration, MySQL can handle large sites with hundreds of thousands of users and even by default can handle most any variant of this tutorial.
There are five basic bits of information that are prudent for any login system: the user ID (which should start at zero and increment up for each new user), the users name, password and email, and finally the user-agent string from the browser they logged in through. This user agent string will be updated on each successful login, and can be used to determine if a user is being subjected to a man in the middle attack (which is more advanced, and will be covered in another post). Insert the following SQL statement into phpMyAdmin or MySQL to create the user table.
CREATE TABLE siteusers( u_id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, u_name VARCHAR(32) NOT NULL, u_password VARCHAR(32) NOT NULL, u_email VARCHAR(128) NOT NULL, u_useragent VARCHAR(128) NOT NULL ) ENGINE = MYISAM ;
On the front end, the HTML form consists of three inputs: the username, password and submit button. For now the form code can be placed in a separate form.html file, however the PHP script will not execute unless the method attribute is changed to the correct file path. At the end of this tutorial, all the code is put together and can be safely contained within one single login.php file.
<form action="<?=$_SERVER['PHP_SELF']?>" method="post"> Username: <input type="text" name="username" /><br /> Password: <input type="password" name="password" /><br /> <input type="submit" value="Login.." /><br /> </form>
The following twenty lines of code contain limited commenting, however it is rather easy to understand. Step by step, this code simply detects the browsers state and acts accordingly. If the browser has issued a POST statement, it means the user has likely entered their login credentials and pressed the submit button. From there, it connects to a defined MySQL database and captures the POST variables. Here is where things might get tricky, and require further explaination.
One effective way to deter SQL injection attacks is to escape any variables before using them within a SQL query. This means that PHP adds a back-slash in front of any quotation marks or apostrophes, thus preventing MySQL from unknowingly executing multiple statements (such as defaulting the user ID to an administrator, or forcing MySQL to empy the table entirely). PHP added a function called mysql_escape_string() that can be used as a preemptive measure for SQL injections and malicious users destroying data.
The second part is to calculate a MD5 hash of the password, and this is done so that if an attacker gains access to the database, they will only encounter a list of thirty-two character hashes rather than plaintext passwords. Converting those hashes into the original passwords would take lots of computer power to create a MD5 collision, and not many attempts to do this have been successful. The second section of this tutorial will cover the salt concept, which adds a secondary string to the MD5 calculation, which makes it even harder to convert.
Once the HTTP POST variables are processed, the code then queries the database that was created in the first step for the following: if there is a user with the same username and password as was submitted, return their information; otherwise stop. After this executes, the mysql_num_rows() function counts how many users matched the original query and returns that number. If its zero, the script simply redisplays the login form with an error message claiming the info was invalid, however if one or more users matched, then their username is added into the $_SESSION scope, which is used to validate the user on each subsequent page view.
<?php
// Edit: select your database here
mysql_select_db("database-name");
if($_POST){
$tempuser = mysql_escape_string($_POST['username']);
$temppass = md5(mysql_escape_string($_POST['password']));
$res = mysql_query("select * from siteusers where u_name='$tempuser'
and u_password='$temppass'");
$num = mysql_num_rows($res);
if($num == 0){
// user entered wrong username or pass; not logged in
echo "Invalid username or password.";
}else{
// user is logged in
$_SESSION['uname'] = $tempuser;
}
}
?>
Connecting it all together, the login form can be returned from within a function, and placed inside of the PHP script, thus condensing everything into thirty or so lines of code.
<?php
// Edit: select your database here
mysql_select_db("database-name");
function showLoginForm($msg){
$tempMsg = ($msg) ? $msg : "Please login:";
$temp = "
<b>$tempMsg</b><br />
<form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">
Username: &l;tinput type=\"text\" name=\"username\" /><br />
Password: &l;tinput type=\"password\" name=\"password\" /><br />
<input type=\"submit\" value=\"Login..\" /><br />
</form>";
return $temp;
}
if($_POST){
$tempuser = mysql_escape_string($_POST['username']);
$temppass = md5(mysql_escape_string($_POST['password']));
$res = mysql_query("select * from siteusers where u_name='$tempuser'
and u_password='$temppass'");
$num = mysql_num_rows($res);
if($num == 0){
// user entered wrong username or pass; not logged in
echo showLoginForm("Invalid username or password.");
}else{
// user is logged in
$_SESSION['uname'] = $tempuser;
echo "Welcome back, " . $_SESSION['uname'];
}
}
?>
As a reminder, this tutorial covered the basic concept of using PHP to authenticate a user. The next part will cover more advanced topics, such as salts, browser strings and using timestamps to expire a users login session.