Archive for the ‘Backend’ Category

File Under: Backend, Security

Set Up a Linux Firewall on Your Network

Go outside and pop the hood of your car. You should see a thick metal barrier at the back of the engine compartment. This is called the firewall. To see how it works, poke a small hole in the fuel line so that a tiny amount of gasoline starts dripping on the engine block. Now close the hood, start the car, and head out on the highway (Some of you may choose to save life and limb (and time!) by merely visualizing this exercise).

If you have positioned the puncture correctly, within a few minutes the escaped gasoline should ignite and cause a small engine fire. At this point you may see smoke emerge from the engine compartment. Continue driving. You should be able to proceed a considerable distance before the heat becomes uncomfortable and toxic fumes and flames start to enter the passenger compartment.

The reason you can drive so far with a flaming engine is because the firewall is a highly effective barrier between the engine compartment and the passenger compartment. If your car had no firewall, the engine fire would have already melted the dashboard electronics and plastic, destroyed the upholstery, and toasted you to a crisp.

Now. Pull over and very carefully extinguish the fire.

A similar principle can be applied to networked computers. Picture your machine as the cozy, tricked-out interior of your automobile, and the outside world as the dirty but powerful engine that makes it go. It won’t do to have the vulnerable components of your network exposed to the engine’s maliciously raging heat — it’s best to install a firewall.

Let us abandon our weakening metaphor here before it carries us into a ping-pong tournament without a paddle. A firewall, in the networking sense, is a machine that straddles the interface between a private network and the Internet at large, and follows predetermined rules for allowing certain traffic to pass, while blocking traffic that’s unwanted.

So, how to get yourself one of those disaster-averting firewalls? You can start by reading on.

Continue Reading “Set Up a Linux Firewall on Your Network” »
File Under: Backend, Programming, Software

CVS for Beginners


OK. You and ten of your closest pals have decided to work on the greatest-ever web page/Perl script/whatever. You all want to work on the same file from the same location at the same time. Then when you’re good and ready, you’ll roll out releases of the code.

Does it sound like a logistical impossibility? Well it’s not if you have the right tool — a source control system.

A good source control system is the secret behind any successful web development project. If you look at any large-scale software development project, you’ll see a source control system at work.

Continue Reading “CVS for Beginners” »
File Under: Backend

Set Up Dynamic DNS

Now that everybody* has a home broadband connection, the need for IP addresses is a growing concern. With the rollout of IPv6 still pending, IP addresses are a limited resource. ISPs are understandably reluctant to hand a static IP address to every US$50/month subscriber. Some ISPs do, and some allow you to pay extra for one. For the most part, though, they’re a bit of a pain to get.

* not everybody

This is not a problem for the majority of home broadband users. Their needs — efficient web browsing, quick downloading of large files, “always-on” service, productive hours spent on WoW or AIM — are met admirably by the service provided. Giving them a static IP address, if they even noticed, would just result in increased security headaches as their insecure Windows machines suddenly had fixed addresses, making them easier to break into.

Continue Reading “Set Up Dynamic DNS” »
File Under: Backend, Web Services

Google Launches a Public DNS Service

If you’ve ever looked at a common web technology, protocol, service or piece of internet infrastructure and wondered aloud if Google was working on its own better, faster version of it, rest assured that the answer is almost always, “yes.”

The company announced Thursday that it is launching a public domain name system (DNS) service. On the Google Public DNS project’s website, Google tells us why DNS matters to everyone:

The DNS protocol is an important part of the web’s infrastructure, serving as the internet’s phone book: every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they start loading, so your computer may be performing hundreds of lookups a day.

The company’s plan, in its words, is to make those lookups happen faster, more securely and without redirects.

To start using Google Public DNS, set your network controls for the heart of Google’s servers, which live at the very cool IP addresses 8.8.8.8 and 8.8.4.4.

There are also full configuration instructions for changing your “web switchboard operator” on the Google Public DNS docs page.

If you set it up, let us know how it performs for you.

Google will always swear it isn’t up to no good, but some feel this launch is clearly a move to collect as much user data as possible to use for ads, better traffic routing and, of course, improving search.

One thing to note: in the project FAQ, Google says it does not plan to release Google Public DNS as an open source project, and as of now, it is an experimental service with no software license agreement that is only designed to be implemented within Google.

Of course, the web already has a free, fast DNS service you can use in tandem with or as a replacement for your ISP’s DNS service. It’s called OpenDNS, and it offers more control over your experience than Google does.

As expected, the founder of OpenDNS is not taking Thursday’s news lying down.

See also:

File Under: Backend, Web Services

New Google Tools Help Speed Up Your Website

Good web developers know that even the most beautifully designed page is worthless if it takes too long to load.

To help you optimize your pages, Google has announced a new Labs feature in Google Webmaster Tools designed to track page load speed. The new Site Performance tool is one part tracking and stats tool, and one part Firefox add-on.

The tracking and stats can be accessed through the Labs menu in Google Webmaster Tools. To get the live profiling add-on, you’ll need to be using Firefox and have the Firebug add-on installed. Yes, like Yahoo’s YSlow add-on, Google’s Page Speed add-on injects some extra profiling tools into the Firebug panel.

These days, nearly everyone has a blog or a website they maintain. Popular publishing systems like WordPress, Movable Type and Blogger do a decent job of keeping your sites slim, but once you load up a complicated theme and add a few widgets, your page load times can start to take a substantial hit. Google’s new set of tools, along with similar tools like Yahoo’s YSlow, are powerful and full-featured, making them a must for large-scale site developers. But they are also easy to install and simple enough to use that even bloggers and small site builders should gain plenty of insight from the data they provide.

To get the new tools, install the Firebug add-on and head to the Site Performance section of Google Webmaster Tools. At the bottom of the page you’ll see a button to install the new Firefox plugin. Once installed, head to your site, click the Firebug icon and look for two new tabs: Page Speed and Page Speed Activity.

Click on Page Speed and run the tool and you’ll get a list of potential speed killers. For example are you using image compression? How about minifying JavaScript and CSS? The handy part is that Page Speed offers links to minified and compressed version of your files.

So what does Google’s new tool offer that YSlow doesn’t? Well, there is definitely some overlap, but Page Speed has quite a few more details that make it worth having. For instance the CSS profiling looks at the complexity of your selectors — shorter, more specific CSS rules mean the browser has less to evaluate, hence faster parsing. Google’s Page Speed tools parse your CSS and suggest optimizations.

Even some of the tools that duplicate those of YSlow are a bit nicer than what YSlow offers. For example the list of links to external images and files is much easier to see at glance in Google’s interface and the links to detailed explanations are a nice touch.

We did notice an odd conflict between YSlow and Google’s new tools. In our tests, YSlow didn’t report any cookies coming from the domain serving images, but Google Page Speed did. Which one is right? Frankly we’re not sure, our cookie logs don’t show anything for the image domain, but that doesn’t mean cookies weren’t sent.

Despite a couple of quirks Google’s new Page Speed tools for Firebug are a worth addition to your web profiling toolset. There’s definitely some overlap with YSlow, but enough extra features to make it worth having both on hand when you’re testing websites.

See Also: