Web Application Security Best Practices

Like any responsible website owner, you are probably well aware of the importance of online security. You may think that you have your ducks in a row in this department, but like many other website owners and companies, there probably hasn’t been enough done to secure your web application(s).

If your website was affected by the massive DDoS attack that occurred in October of 2016, then you’ll know that security is a major concern, even for large DNS companies like Dyn. As shown below, the number of DDoS attacks have consistently grown over the past few years and are expected to continue growing.

Magento 2 – Importing Product Images

Method 1: Import Images from the Local Server

Linux, nginx, MySQL, PHP (LEMP) stack on Ubuntu 14.04

How To Install Linux, nginx, MySQL, PHP (LEMP) stack on Ubuntu 14.04

Apr 25, 2014 Getting Started, Nginx, MySQL, PHP Ubuntu


The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. This is an acronym that describes a Linux operating system, with an Nginx web server. The backend data is stored in MySQL and the dynamic processing is handled by PHP.

Magento image quality on resize – GD library white color loss

When magento resizes images, resized images always loss their original colors. whether you set quality to 100 or not. Maybe it’s okay to live with to some of us.

But what if it’s true color such as white(#FFF) or black(#000)? As far as I tested, GD2(magento default image lib) doesn’t really handle well with these. So if you really want to keep white color as white then you will need some update on magento’s GD2 file.

So here is the sample code for fixing white color issues.

“For loop” in JavaScript

Last week, a colleague of mine asked me “Why are you using a ‘standard for loop’ rather than the faster ‘for-in loop’ to loop through an Array in JavaScript?” and for this reason I’m going to write a short explanation about that. First of all, when I talk about the standard ”FOR loop”, I mean something like

for (var i=0; i < myArray.length; i++){
    // do something

instead the ”FOR-IN loop” is something like:

for (var i in myArray){
    // do something

for-in loop is faster…just to type, for a lazy developer like me and it’s a common mistake especially for developers coming from Java programming (I’m a Java developer as well, that’s why I know that :P), trying to port Java into JavaScript. The two main problems with for-in loop are :

  • It enumerates through all the properties even the ones associated to the Object (that can be augmented previously)
  • The order of the elements is not guaranteed.

Magento Backend Tutorial – Application Directory Structure / Coding Standards

Application Directory Structure

  • app – core & extended application code, templates, layout, translation, configuration.
    • app/code – application code (see more: code pools).
    • app/design – frontend and admin templates & layout XML files.
    • app/etc – system configuration files (ex. database connection), and module declaration (pools, namespaces, and dependencies).
    • app/locale – localization.
  • js – JavaScript libraries (ex. Prototype). Do not put skin specific JavaScript files into this directory.
  • lib – PHP libraries which Magento, or its modules, depend upon (ex. Zend Framework).
  • media – storage of product images, category images, CMS WYSIWYG, etc.
  • skin – CSS, JS, and images that are unique to a given theme.
  • var – dynamically created system files (ex. cache, FPC, sessions, index locking).