Publishers of technology books, eBooks, and videos for creative people

Home > Blogs > Web Design & Development > Best Practices

Blog Posts about Best Practices

RSS Feed Subscribe  RSS details

Larry Ullman

Maintaining Secure Passwords: Five Critical E-Commerce Security Tips in Five Days

By Larry UllmanFeb 25, 2011

Many factors go into the security of a Web site, particularly an e-commerce one. While creating a secure Web application in the first place is a key component, there's an easy way to improve the security of a site over time: by maintaining secure passwords. In this post, I'll explain what this means.

Larry Ullman

Securely Handling File Uploads: Five Critical E-Commerce Security Tips in Five Days

By Larry UllmanFeb 24, 2011

A feature of many of today's Web sites is the ability for users to upload files to the server. While often necessary, this process presents a new type of risk to servers and sites, whether any user can upload a file or just an administrator can. In this post, I explain what steps you can take to limit the risks of allowing for file uploads.

Larry Ullman

Have a Emergency Plan: Five Critical E-Commerce Security Tips in Five Days

By Larry UllmanFeb 23, 2011

The bulk of security-related advice is based upon preventing break-ins, hacks, and attacks, but responsible e-commerce developers and administrators know that it's just as important to have created an emergency plan well before trouble occurs. In this post, Larry Ullman talks about why an emergency plan is important and what, exactly, that means.

Larry Ullman

Validate, Validate, Validate: Five Critical E-Commerce Security Tips in Five Days

By Larry UllmanFeb 22, 2011

The security of an e-commerce site depends upon so many things: the hosting involved, keeping all the software updated, using secure passwords, and so forth. But when it comes to the software you write--the Web application itself--the most fundamental security concept is that incoming data is validated, validated, and validated. In this post, Larry Ullman writes about what that means, from the concept to the implementation.

Larry Ullman

Understand Your Hosting, Five Critical E-Commerce Security Tips in Five Days

By Larry UllmanFeb 21, 2011

People often think that the security of an e-commerce site is primarily based upon the software they write. Although the Web application itself must also be secure, the biggest factor, in my opinion, is the Web hosting being used. In this post, you'll see why hosting is such a critical consideration, as well as what additional steps one might take depending upon the hosting involved.
Jason Teague

Choosing the Right Color Value

By Jason Cranford TeagueDec 14, 2009

Q: Should I use Hex or RGB values to define colors in CSS?

The short answer is RGB.

The slightly longer answer is that Hex values have become the de facto standard for use in CSS code and both developers and designers are used to them.

The long answer is that, in the final design on the screen, there is no difference between using Hex or RGB values in your code. Which system you use is really a matter of you own personal preference (and those of the team you are working with) as to whether or not you use Hex or RGB values to define colors.

Jason Teague

Expand Your Font Repertoire

By Jason Cranford TeagueNov 30, 2009

Q: Are there alternatives to Arial, Times, and Georgia for Web designers?

The short answer is YES!

The slightly longer answer is that most designers use Arial, Times, or Georgia, and, to a lesser degree, Verdana, Trebuchet MS, Courier, and Comic Sans because they think that’s all they have at their disposal, but they are wrong.

The long answer is that the core Web fonts (the one listed above plus Impact and Web Dings) are used because they are almost guaranteed to be installed on the vast majority of computers your designs are likely to be installed on. One fact of life in Web design is that unless the end user's computer has access to the font file, then the browser cannot use it.

Jason Teague

Everyone is a Web Designer

By Jason Cranford TeagueAug 10, 2009

Q: What is a Web Designer anymore? It was easier to make Web sites all by yourself, even 5 years ago, but now there is just too much technology for one person to handle. If I want to make a Web site for a very small business, don't have I to be web "developer" now?

The short answer is that everybody is a Web designer now.

The slightly longer answer is that Web designers are practitioners of a highly specialized discipline that requires years of study to truly master.

The long answer is that a good Web designer is a good designer, and this can come “naturally” or from training, but is not medium-dependent. However, a professional Web designer has to understand the medium well enough to know its strengths and limitations. Any designer can pump out something that looks brilliant when displayed in a Web browser window, but is slow to load, static when loaded, and completely unusable.

Jason Teague

Ask me, ask me, ask me

By Jason Cranford TeagueJul 1, 2009

Do you have a question about Web standards, CSS, JavaScript, Ajax, interaction design, user experience, or Web typography? Maybe you just want to know "How'd they do that?" Ask me questions, and each week I will select a question to answer via my blog.

Larry Ullman

Performing cross-domain Ajax requests, Five JavaScript Tips in Five Days

By Larry UllmanMar 11, 2009

Sometimes it's necessary to perform a cross-domain Ajax request, despite that the standard doesn't allow it. There are several ways of working around this restriction. In this post, I talk about the options, along with which you should be using (the answer shouldn't surprise you).

Larry Ullman

Debugging XML/JSON requests, Five JavaScript Tips in Five Days

By Larry UllmanMar 10, 2009

Ajax requests, where a server sends data to the client via behind-the-scenes JavaScript, often uses XML or JSON, rather than plain text, for transmitting larger amounts, or just more structured, data. The benefits of using these data formats also bring about the hassle of more hair-pulling debugging. In this post, I detail the steps I take to debug XML and JSON transactions.

Larry Ullman

Handling JSON data securely, Five JavaScript Tips in Five Days

By Larry UllmanMar 9, 2009

JSON (JavaScript Object Notation) is a lightweight data format commonly used in Ajax requests. Unfortunately, JSON has some inherent security concerns. In this post, I'll discuss the problem with JSON and the fix that makes it safe to use in your Rich Internet Applications.