Securing intranet applications with SSL

Getting rid of browser warnings on private network HTTPS connections

6'
Christian Bianchi 08/05/2017 07:02
category: DevOps
https

We all know how important is HTTPS for securing data flowing between users’ web browsers and the webserver.
With the release of Chrome 56, Google decided to start marking websites not served using the HTTPS protocol as Insecure (source), so it is becoming even more important, if not critical, to use HTTPS for all web applications.

This is obviously relevant for web applications and websites in general, which are available to the public. In such situations, the typical solution is to purchase an SSL certificate from a certification authority (such as RapidSSL or GoDaddy) and enable it within the webserver. This article is not about this.

What we’re going to talk about today is the security of Intranet web applications, such as a websites which are not publicly available, but somehow available to specific people having access to private networks.

Read more…

Token based authentication in Zend Expressive

Implementing JWT based authorization in PHP with Zend Expressive

3,5'
Diego Drigani 01/03/2017 03:36
category: Software Development
zf-logo-mark

Authentication is one of the most important parts of any web application. As RESTful API designers we often deal with the need of authenticating our users in order to handle and display sensible information. In this post, we’ll focus in a specific authentication strategy called token based authentication using Zend Expressive micro framework.

Read more…

PHP-Middleworld is Out!

Collecting PHP PSR-7 compliant Middleware

3,5'
Marco Perone 14/02/2017 09:39
category: Software Development
php-middleworld-logo

We just released php-middleworld.com, a repository for PSR-7 compliant middleware in PHP, and we would like to share our progress and what the future may bring.

Read more…

Docker, PHP and E-Mail: getting things to work

Integrating Mailhog and SSMTP in your development environment

3'
Christian Bianchi 10/02/2017 04:21
category: DevOps
docker-email

It’s a common need for software nowadays to send notifications through e-mail: registration confirmations, password recovery requests, event notifications and so on. As my colleagues develop software, they often encounter problems while dealing with such e-mail exchange in their local (Docker) environment.

Read more…

Zend Framework 2 Routing Basics

An introduction to ZF2 Routing Internals

6'
Diego Drigani 04/06/2013 01:47
category: Software Development
Zend Framework 2 Routing

Earlier this year, I’ve had the opportunity to speak at the Italian Zfday in Milan, as well as at the Unconf of the PHPDay, the Italian conference on PHP, which is held every year in Verona. In both occasions, I introduced Zend Framework 2 Routing in a talk titled: “Full sail: easy routing with the ZF2” (original title: “Levate l’ancora: Rotte senza problemi con ZF2“). These conferences turned out to be interesting experiences, allowing me to get in touch with the Italian Zend Framework Community. From the positive feedback I have received, I’ve decided to write some blog posts about the topics that were introduced in my talks. So, here it comes this post, the first of a series about zf2 routing.

Read more…

Asset management in Zend Framework 2

A simple and effective way to manage your ZF2 project's assets: AssetManager

5,5'
Stefano Valle 08/03/2013 10:47
category: Software Development
ZF2 modules

During the last February I’ve had the chance to be a speaker at Zend Framework Day in Italy where I made a talk about zf2 modules. I think the topics covered deserve more time and space, so this blog post is the first of a series about how to take advantage of new ZF2 modular structure.
One of the first issues a developer runs into when dealing with ZF2 modules is how to arrange assets between modules. A Web asset is simply any css file, js library, image (and generally all static files) a module needs to work properly.

Read more…

PHP error: file size limit exceeded

PHP Logging, include statement and Timezone setting causing headaches

4'
Stefano Maraspin 04/01/2013 02:12
category: DevOps
PHP Logs

Troubleshooting PHP interpreter issues can be tricky. A few days ago a client reported that one of his cron job scripts wasn’t being executed on his x86_64 CentOS 5.8 server, running Zend Server CE PHP 5.3.14. Troubleshooting such situations is usually straightforward, but this time PHP error messages I got were so ambiguous, and issues were so many at the same time, that I decided to write a blog post, hoping that it can be of some help for someone else.

Read more…

Enhancing user stories with personas

Avoiding wasted efforts and feature creep

6,5'
Stefano Maraspin 12/12/2012 10:54
category: User Experience Design
User Stories and Personas

Since the adoption of user stories, we have noticed huge benefits in our development workflow. We don’t expect to plan everything upfront anymore, don’t waste time analyzing things which will never turn into software, and can deliver value to our customers much quicker and more efficiently.

Many other companies have experienced the same benefits and it’s for this reason that user stories are becoming a standard way to collect software requirements.

Read more…