2. Web Application | What do you think is most important for building web sites?
Security
Maintainability
Usability
Performance
Graphic Design
3. Web Application | Security
Three Categories
- Network
- Server
Installing a quality firewall and hiring a competent system
administrator can go a long way towards making you feel
comfortable
- Application
Not very easy. Must undergo a series of audits and "trial by fire"
before it can be considered anywhere near safe
4. Web Application | Security | Some Quick Rules
Always verify any data sent from a client for size and type.
Be extra careful with scripts that talk to databases - don't give
the web server any more permissions that it needs.
Any file operations done by the web server are high risk. Verify
that your permission structure does not grant any unnecessary
permissions which could be exploited to damage the system.
Avoid executing shell commands at all costs.
Never send clear-text passwords over the network. Use
encrypted connections, with SSH or SSL, whenever sending
important information.
5. Web Application | Maintainability
Traditional systems design
- Typical lifetime of 2 to 4 years
- Once the application has reached a stable configuration
the design effort is all but finished.
- Majority of expense is in the systems understanding and
analysis.
6. Web Application | Maintainability
What's the number one cost in web design?
- Planning the application?
- Building the application for the first time?
- Cost of the server or the connectivity?
7. Web Application | Maintainability
“The highest cost in web design will be maintaining the
application”
- Dynamic aspect of the web
- Improvements in existing applications are continuous
- New content is expected
- New technologies appear on a regular basis
- User feedback and design demands are much more
prevalent
In fact your software must be frequently modified and updated
8. Web Application | Maintainability | Build everything for distribution
Build customization variables into your code
Separate code and content
Use templates
Use style sheets
Make the language of your site customizable
Develop a common coding style and stick with it
Comment your code well
9. Web Application | Usability
Usability is the study of how to make using applications easy
and intuitive
- Listen to the geeks
- Listen to the newbies
- Just because everyone else does it
- The need for speed
Great: < 8 KB/page (text and images)
Good: 8 - 20 KB/page
Reasonable: 20 - 50 KB/page
Poor: 50 - 100 KB/page
Don't: > 100 KB/page
10. Web Application | Performance
Performance on the web is straightforward: a relatively small amount of servers
must be able to support a potentially unlimited number of clients
Any code running on the server must be clean and fast
Database optimization
Number your queries in your code. This will help you keep track of how many queries are involved in a
certain process, and will save you time when trying to optimize your scripts.
Create proper indexes. Optimized indexes are key to database speed. Any fields which are routinely
queried against should have indexes. Don't create too many indexes, as unnecessary indexes will slow
INSERTs and increase the database size unnecessarily.
Test, test, and test again. Poorly written queries can kill a database server. Take the time to gauge the
performance of your queries and understand what the database needs to do in order to execute them.
Disk reads
minimal number of included files
11. Web Application | Graphic Design
Changing the graphic design of the site is as easy as changing
your t-shirt
12. Web Application | Architecture
Hosting
Server
Response
DNS
Visitors Server
Internet
Request
Registrar
13. Web Application | The Fundamentals of HTTP
Hypertext Transfer Protocol
One of the few protocols that bridges the gap between
networking and application development groups
HTTP Request Methods
GET
POST
PUT
DELETE
HEAD
HTTP response
-consists of a header section and a body
-The header section tells the browser how to treat the body content and
-Each HTTP response includes a status code, which indicates the status of the request
- 200 OK
- 304 Not Modified
- 404 Not Found
- 401 Authorization Required
- 500 Internal Error
14. Web Application | HTTP Headers
HTTP headers carry information about behaviour and
application state between the browser and the server
HTTP version (HTTP/1.0 or HTTP/1.1)1.
Accept-Encoding: gzip, deflate2.
Connection: Keep-Alive3.
If-* headers4.
Cache-Control or Pragma no-cache5
15. Web Application | Cookies
Cookies are sent by the web server to the browser as an HTTP
header and used to store all sorts of information about a user’s
interaction with the site
Encrypted cookies will affect the performance of an application
16. Web Application | Meta Tags
Two types of meta tags
- HTTP-EQUIV
- NAME
HTTP-EQUIV meta tags are equivalent to HTTP headers