August 23, 2012
Security
When it comes to reviewing visitor site usage, server bandwidth usage, or forensic security investigations; IIS log files often hold the answers. Although as I'm sure you’re more than aware, gigantic text files can be hard to view let alone pull intelligence from. Investigating a website attack can be really daunting when looking at log files as an information source. In my previous post I covered a tool to help with Windows Security Logs. Lucky for us it’s just as awesome when dealing with huge IIS logs.
August 15, 2012
Security
When bad things happen to either your website or your server you’re usually faced with a situation that either makes or breaks you. Much like having a good backup and restore plan, being able to filter and scan log files for what you need to help draw conclusions on how a situation occurred or by whom it was conducted, is an important part of your security plan. However if you have a heavily traffic’d website, network share or part of your file system and you’re doing a lot of logging, you probably have files the size of the moon to wade through, so making sense of them can be a nightmare.
July 30, 2012
ASP.Net
In ASP.net land we are often lead to think the “Microsoft way” when it comes to a lot of things. Running performance tests and benchmarking is one of these tasks where we are often found looking into commercial tooling or products to help us find out how our applications handle load. Meanwhile a lot of web developers on other stacks are doing it with great free tooling. There is nothing stopping us from stealing the best parts from these stacks and bringing them back to the land of ASP.Net.
July 15, 2012
Continuous Integration
Microsoft Web Deployment projects are an easy way to add a MSBUILD scripting to your Visual Studio web projects. I use them all the time for personal deployment projects and at work so do all my team members. With the upcoming release of Visual Studio 2012 there is currently no Web Deployment project type. Luckily there is something we can try and do about it – Let Microsoft know.
July 11, 2012
E-mail
When delivering messages to people using email, companies and website owners have fallen into a common fallacy about the internet: believing its OK to show contempt for our readers by not caring for their reply. We do this every time we send an email, however important, that comes from noreply@mywebsite.com. Like a number of life’s oddities this doesn’t make sense – let’s look at why and how we can change it.
July 10, 2012
Accessibility
When placing audio and video elements on a web page I’ve worked on a number of pieces of work where, for one reason or another, clients want to have their media Autoplay. To us nerds it may seem like common sense that Automatically playing media to a visitor is a bad idea for accessibility. The W3C has made this clear with it’s WCAG guidelines – we’re nerds; we care about these kinds of things. It’s worth mentioning that as with most accessibility features though, proper use of Autoplay also does a lot for usability and visitor sanity for the rest of your audience as well.
July 9, 2012
ASP.Net
If you’re developing on the ASP.Net web stack you’ve probably used either the WebForms FileUpload control or the MVC HttpPostedFileBase model binding parameter many times before. On a badly configured website this can create a perfect storm of insecurity potentially exploited by anyone who uploads malicious files. As this very attack can be your website’s undoing let’s take a look at why it’s a problem and what you can do to fix it.
June 25, 2012
Conferences
Next Saturday at 9am sharp, I will be first cab off the rank in the developer skills stream at DDD Sydney presenting my talk “A few things developers should know about the internet (but probably don’t)”. I’d love for you to come along and say hello on the day, so if you haven’t already bought tickets, please do from the link above. Sydney has many conferences throughout the year, but few are as straight talking as DDD, with a good range of subjects on not only the Microsoft stack, but general web and development as well – not only how Microsoft would recommend it, but the very people who’ve been in the trenches with you.
June 21, 2012
Tips and Tricks
Running Apache and IIS on the same web server might seem like sacrilege to some folks, but like a lot of things in life there is a time and a place for everything. I’ve overseen some quite successful deployments that have had the two running side by side on the same machine, and the flexibility that Apache can bring to an application as a value add can be really exciting. For both future keepsake and to share with all of you folk, here is a quick how-to guide so that all you have to do is follow the bouncing ball.
June 12, 2012
General banter
No matter what your chosen career path society places constraints on what is an acceptable amount of interest you are allowed to show to a subject before you become *weird*. People working in IT face this more than most. In my life I have known a lot of really smart people,who are obviously in love with what they are doing, not sharing their excitement with others for fear of being thought of as uncool. However crazy this sounds from the outside one thing is true; they are holding themselves back from success.