Many factors go into the security of a Web site, particularly an e-commerce one. While creating a secure Web application in the first place is a key component, there's an easy way to improve the security of a site over time: by maintaining secure passwords. In this post, I'll explain what this means.
Blog Posts about Best Practices
A feature of many of today's Web sites is the ability for users to upload files to the server. While often necessary, this process presents a new type of risk to servers and sites, whether any user can upload a file or just an administrator can. In this post, I explain what steps you can take to limit the risks of allowing for file uploads.
The bulk of security-related advice is based upon preventing break-ins, hacks, and attacks, but responsible e-commerce developers and administrators know that it's just as important to have created an emergency plan well before trouble occurs. In this post, Larry Ullman talks about why an emergency plan is important and what, exactly, that means.
The security of an e-commerce site depends upon so many things: the hosting involved, keeping all the software updated, using secure passwords, and so forth. But when it comes to the software you write--the Web application itself--the most fundamental security concept is that incoming data is validated, validated, and validated. In this post, Larry Ullman writes about what that means, from the concept to the implementation.
Forgive me for this superficial analogy, but sometimes I feel like our
daily ever-vigilant efforts to stop ebook piracy are akin to my trying to pull up the bermuda grass in my backyard. I can yank up all the weeds I see, but the runners have already spread underground, and new weeds will pop up tomorrow in other areas of my lawn.
Q: Should I use Hex or RGB values to define colors in CSS?
The short answer is RGB.
The slightly longer answer is that Hex values have become the de facto standard for use in CSS code and both developers and designers are used to them.
The long answer is that, in the final design on the screen, there is no difference between using Hex or RGB values in your code. Which system you use is really a matter of you own personal preference (and those of the team you are working with) as to whether or not you use Hex or RGB values to define colors.
Q: Are there alternatives to Arial, Times, and Georgia for Web designers?
The short answer is YES!
The slightly longer answer is that most designers use Arial, Times, or Georgia, and, to a lesser degree, Verdana, Trebuchet MS, Courier, and Comic Sans because they think that’s all they have at their disposal, but they are wrong.
The long answer is that the core Web fonts (the one listed above plus Impact and Web Dings) are used because they are almost guaranteed to be installed on the vast majority of computers your designs are likely to be installed on. One fact of life in Web design is that unless the end user's computer has access to the font file, then the browser cannot use it.
The Web doesn't constrain us to the physical limitations of print on paper, author Zoe Mickley Gillenwater, of Flexible Web Design, reminds us. It's not print design. If you are a designer who is used to controlling every pixel in a fixed-width Web page layout, you're in denial about how much flexibility you can build in to your pages to make them user-friendlier.
As an acquisitions editor, some of my favorite moments are when books I signed months ago are first delivered to the author, hot off the press. All the frustration and deadlines and sleepless nights and self-doubt the authors endured during the editorial process melt away into glee and excitement. I got to experience that twice this week.
Q: What is a Web Designer anymore? It was easier to make Web sites all by yourself, even 5 years ago, but now there is just too much technology for one person to handle. If I want to make a Web site for a very small business, don't have I to be web "developer" now?
The short answer is that everybody is a Web designer now.
The slightly longer answer is that Web designers are practitioners of a highly specialized discipline that requires years of study to truly master.
The long answer is that a good Web designer is a good designer, and this can come “naturally” or from training, but is not medium-dependent. However, a professional Web designer has to understand the medium well enough to know its strengths and limitations. Any designer can pump out something that looks brilliant when displayed in a Web browser window, but is slow to load, static when loaded, and completely unusable.