«
  • Freedom versus Security in Devops

    I've worked with organizations in which operations support took the form of a human black box that responded to any request with "no", and in which experienced development teams were forbidden from launching a server or opening a cloud account to try something out. It could take months to request anything new. I've also worked with organizations in which every individual engineering team was responsible for managing its own devops support, all the way down to arranging technical vendors and managing cloud accounts. In the former case, there is a huge invisible ball and chain attached to progress. In the latter case there is duplication, competition, and the need for people to spend time on integrating disparate internal efforts that were performed in complete isolation […]

    Read more »

  • A Provisioning Bash Script for a WordPress 4.* Ubuntu 14.04 LAMP Server

    The bash script provided here is suitable for the initial provisioning of an Ubuntu 14.04 server, installing the bare minimum needed for a WordPress installation, including WordPress itself. It was originally intended for use with Vagrant, but will work for provisioning of real servers as well. Once the script completes, you'll find that WordPress is up and running and you can log in to begin customization. The script installs: The Apache webserver with mod_php to run PHP. The MySQL database. Monit as a process monitor to keep things running. WordPress. WP-CLI, a command line interface for WordPress Before running the script, edit the variable declarations in the first section to set the necessary usernames, passwords, and other values. The script offers the option of (a) […]

    Read more »

  • Locking Down a WordPress 4.* Blog Installation

    As is the case for Drupal, WordPress at version 4.* arrives out of the box with a great many default functions, bells, and whistles turned on. If you are a causal user then it is very possible that your blog is even now serving pages and exposing access points that you have no idea even exist. It is rarely the case that you in fact want all of this functionality to be accessible, especially given that WordPress is a prime target for automated attacks. One part of hardening any web application is to shut down or block access to every unneeded component and subsystem, thereby reducing the attack surface. A Starting Point There is a useful semi-official guide on hardening WordPress that provides a good […]

    Read more »

  • Notes on Exporting Large Movable Type Databases

    It is old news now that Movable Type fell off the map in the competition between blogging platforms. Versions 4 and 5 were the last openly available distributions, and can no longer be updated or patched easily. Version 6 is closed, an enterprise product. If forced to pick one root cause for the failure of Movable Type to compete with the likes of WordPress, it would be that Movable Type is written in Perl. The number of people capable of - and also interested in - working in Perl to produce quality plugins and the other tools of an open ecosystem for a web application is small in comparison to those who use PHP, and Perl is so different from PHP that there won't be […]

    Read more »

  • An Example Dropwizard Application with Guice for Dependency Injection

    Dependency injection is a tremendously useful design pattern. From my experience the direct benefits of this pattern are almost entirely realized as a reduction in the cost of building and maintaining good unit test coverage. Being able to swap out mocks and real instances or values very easily makes the creation of test suites a breeze in comparison to some of the alternatives. All the other benefits derived over the long time largely arise from having a far more comprehensive and maintainable set of tests, since the development team were able to do more in the time allotted. There are countless dependency injection frameworks in the Java ecosystem, but here I'll look at Guice. It is lightweight enough to drop into most application frameworks with […]

    Read more »

  • PhantomJS Has Many Uses, But Functional Testing Isn't One of Them

    PhantomJS is a comparatively lightweight headless web browser built on WebKit. When it comes to rendering and interacting with web pages it does everything that any other full-featured browser does with the exception of providing a graphical user interface. You can install it via NPM, meaning that for Node.js ecosystem developers is easy to put PhantomJS in place on build, test, and deployment servers even in more restricted environments. You control PhantomJS either directly via a Javascript API or through a WebDriver interface such as that used by Selenium. So what can you do with a web browser that has no graphical user interface? Take Screenshots PhantomJS is fully rendering pages under the hood, so the results can be exported as images. This is very […]

    Read more »

  • Run NPM Install on All Subdirectories Containing Packages

    Let us say that you have inherited an application deployment consisting of a directory tree containing multiple Node.js packages in various scattered locations. As a part of the setup you want to run npm install for each package individually, but the packages and locations have varied over time in the past and will continue to do so in the future. So you want to write a single script now that will walk through the directory tree, identify Node.js packages, and run the NPM installation where needed. Thus even if packages move around the script will not need any further update. The first tool to reach for in this sort of situation is some combination of find to identify package.json files followed by piping the resulting […]

    Read more »

  • Filenames that Alphanumerically Sort by Descending Timestamp

    The professional life of a programmer consists of an endless series of small trials that in a sane world would never exist. For example, finding oneself needing to generate filenames that sort in descending order by file modification timestamp. Why, oh why, would anyone ever be stuck with a file listing technology that doesn't allow the user to simply specify a sort by that timestamp? This does actually happen, however, I'm sad to say. It is trivial to create a filename format that sorts by ascending timestamp: anything like YYYY-MM-DD-HH-SS will work just fine. Then your file listing technology should have some simple way to reverse that list. What if it doesn't, however? Woe is you. For the sake of never again repeating the short […]

    Read more »

  • Practice Defensive Javascript: Assume Blocking of Third Party Resources

    I, being basically sensible and lacking any patience for the indignities that other people consistently try to force upon me in the name of their outdated business models, use a small array of browser add-ons that efficiently block near all trackers and ads. I have little patience for the idea that I should be donning a hair shirt and suffering because various entities can't figure out how to apply basic ransom and donation business models to their provision of content to the world. This is entirely as an aside to the thrust of this post, but here is news for you: if you are in the business of arranging bits into a specific order and then propagating that arrangement for profit, then whether you like […]

    Read more »

  • Progressive Lenses and Large Monitors Do Not Play Well Together

    Age chews up the eyes. If you wear glasses then at some point, on roughly the same timeline as noticeable graying starts in on your hair, you are going to develop the need for different prescriptions for computer use versus other activities. You'll notice because of a growing eye strain while coding, and eventually that will drive you to visit an optician. After sticking you in front of eye charts, shining lights at you, and so forth, that individual will no doubt try to sell you on a set of progressive lenses. When dealing with the need for different lenses for close and distance vision there are three options: firstly two different pairs of glasses that you swap out as needed, secondly bifocals, and thirdly […]

    Read more »

»