Securing intranet applications with SSL
Getting rid of browser warnings on private network HTTPS connections
We all know how important is HTTPS for securing data flowing between users’ web browsers and the webserver.
With the release of Chrome 56, Google decided to start marking websites not served using the HTTPS protocol as Insecure (source), so it is becoming even more important, if not critical, to use HTTPS for all web applications.
This is obviously relevant for web applications and websites in general, which are available to the public. In such situations, the typical solution is to purchase an SSL certificate from a certification authority (such as RapidSSL or GoDaddy) and enable it within the webserver. This article is not about this.
What we’re going to talk about today is the security of Intranet web applications, such as a websites which are not publicly available, but somehow available to specific people having access to private networks. Read more…
Token based authentication in Zend Expressive
Implementing JWT based authorization in PHP with Zend Expressive
Authentication is one of the most important parts of any web application. As RESTful API designers we often deal with the need of authenticating our users in order to handle and display sensible information. In this post, we’ll focus in a specific authentication strategy called token based authentication using Zend Expressive micro framework.
Read more…
PHP-Middleworld is Out!
Collecting PHP PSR-7 compliant Middleware
We just released php-middleworld.com, a repository for PSR-7 compliant middleware in PHP, and we would like to share our progress and what the future may bring.
Read more…
Docker, PHP and E-Mail: getting things to work
Integrating Mailhog and SSMTP in your development environment
It’s a common need for software nowadays to send notifications through e-mail: registration confirmations, password recovery requests, event notifications and so on. As my colleagues develop software, they often encounter problems while dealing with such e-mail exchange in their local (Docker) environment.
Read more…
Zend Framework 2 Routing Basics
An introduction to ZF2 Routing Internals
Earlier this year, I’ve had the opportunity to speak at the Italian Zfday in Milan, as well as at the Unconf of the PHPDay, the Italian conference on PHP, which is held every year in Verona. In both occasions, I introduced Zend Framework 2 Routing in a talk titled: “Full sail: easy routing with the ZF2” (original title: “Levate l’ancora: Rotte senza problemi con ZF2“). These conferences turned out to be interesting experiences, allowing me to get in touch with the Italian Zend Framework Community. From the positive feedback I have received, I’ve decided to write some blog posts about the topics that were introduced in my talks. So, here it comes this post, the first of a series about zf2 routing.
Read more…
Asset management in Zend Framework 2
A simple and effective way to manage your ZF2 project's assets: AssetManager
During the last February I’ve had the chance to be a speaker at Zend Framework Day in Italy where I made a talk about zf2 modules. I think the topics covered deserve more time and space, so this blog post is the first of a series about how to take advantage of new ZF2 modular structure. Read more…
One of the first issues a developer runs into when dealing with ZF2 modules is how to arrange assets between modules. A Web asset is simply any css file, js library, image (and generally all static files) a module needs to work properly.
PHP error: file size limit exceeded
PHP Logging, include statement and Timezone setting causing headaches
Troubleshooting PHP interpreter issues can be tricky. A few days ago a client reported that one of his cron job scripts wasn’t being executed on his x86_64 CentOS 5.8 server, running Zend Server CE PHP 5.3.14. Troubleshooting such situations is usually straightforward, but this time PHP error messages I got were so ambiguous, and issues were so many at the same time, that I decided to write a blog post, hoping that it can be of some help for someone else.
Read more…
Enhancing user stories with personas
Avoiding wasted efforts and feature creep
Since the adoption of user stories, we have noticed huge benefits in our development workflow. We don’t expect to plan everything upfront anymore, don’t waste time analyzing things which will never turn into software, and can deliver value to our customers much quicker and more efficiently.
Many other companies have experienced the same benefits and it’s for this reason that user stories are becoming a standard way to collect software requirements.
Read more…
Recent Comments