MichaelOldroyd.co.uk

Web Development Extraordinaire

Disabling Apache Server Signature 26^th Jan '12

I have been trying to disable the server signature for a while, but I found that turning off the ServerSignature directive didn’t work for all servers. The signature might read something like:

Apache/2.2.X (Ubuntu) mod_ssl/2.X.X OpenSSL/0.X.X

If your server exposes this information, it’s easier for an attacker to compromise a system based on flaws in a particular server software version (especially if your server software is allowed to become outdated, or your distribution is slow to release security updates). By default, it will display this on error pages in plain text, and also present it as a Server header on every request.

To disable completely, you should set the following directives in your Apache configuration:

ServerSignature Off
ServerTokens Prod

via Nixtechnica

Optimising WordPress: Caching 27^th Dec '11

Making your site as cache-able as possible is vital to ensure a smooth browsing experience. WordPress in it’s basic form is quite efficient, when you compare it to code-bases such as Magento. Adding functionality such as plug-ins, media, themes and widgets all have a negative effect on performance. As part of the process of making this domain as efficient as possible, a number of caching techniques have been considered and employed.

Continued

A basic date_diff for PHP 5.2 4^th Nov '11

I came across a problem having developed a site with a PHP 5.3 environment, when moving the site to the live environment the server was running PHP 5.2. Whilst the server gets upgraded I looked into getting the code to work in some form in the meantime. The main issues are the functions lcfirst() and date_diff(). The former is a simple fix, a function which lower-cases the first letter of a string — I was surprised this was only introduced in 5.3!
Continued

Quantity vs Quality 3^rd Nov '11

As my reader may have noticed, I took a hiatus from posting on here until recently. I came back a couple of weeks ago to try and get back into the habit of writing posts, and I set myself the target of publishing a post every Wednesday. I spend around about 12 hours a day on the web, or coding for it. Being able to share some of the fruits of that time ought to come naturally.

Continued

Understanding SEF routing for Joomla Components 19^th Oct '11

Developing bespoke components for Joomla can be quite daunting. There are a lot of resources, books, dev articles and the API documentation; these try to give you a basic understanding of how things should be laid out. A lot of these work on the premise of learning by doing. Many of the documented examples from the API point developers to look at the core components to see how it works.

Configuring an effective component router can be quite tricky, as it depends on how complex your component is. This article serves as a reference for how routing works in Joomla, why it’s important, and how you could make better use of component routing in your projects.

Continued

File validation with jQuery and HTML5 12^th Oct '11

I have been dealing with file uploads a lot recently, and I stumbled upon a few different methods for validating files which provide both basic file-type checking and file size checking before uploading.

The web app was already making use of jQuery with the excellent jQuery validation plugin; so I wrote a couple of extended validators.

Continued

Playing with Incarna in EVE Online 21^st Apr '11

Although my online gaming time has been sparse recently, I thought it would be good to take some time out and look at the new features coming to EVE Online this year. After reading the devlog post that Incarna functionality was being tested on Duality, I decided to take a peek. After spending quite a lot of time crafting my character, I was quite happy to wait an hour to grab the Duality client (4GB+) and take my avatar for a spin.
Continued

Filter a category from your WordPress Blog 5^th Apr '11

I’m pretty new to working with the internals of WordPress. It seems very easy to settle for installing hundreds of plug-ins to achieve the simplest of tasks. Plug-ins are awkward for me, as they have the tendancy to not quite do what I want them to. I end up messing with them in some way which breaks updates.

Continued

WordPress Post Formats made easy 30^th Mar '11

netmagazine.com

Brief History of Fonts on the Web 28^th Mar '11

For years, web designers have been yearning for custom fonts in web design. It’s a real shame that web fonts didn’t really take off with IE4 in 1997! The web was a different place back then, web design was a pretty new thing. Bandwidth was highly constrained at the time, so one could not imagine waiting for web fonts to load. Microsoft’s container format of choice is also EOT, which is a Microsoft proprietary technology. Although everybody slates it’s proprietary and closed nature, it was sort of a good idea. EOT provides domain locking, encryption, sub-setting and compression – all good things for convincing those behemoth font foundries to allow web embedding licenses.

Now is a better time than ever to move away from the standard web-safe fonts. Mainstream browsers have caught up with IE, over a decade later. Here is a short history lesson on the many techniques that Web Designers have been using to get beautiful type into their pages.

Continued