Starting A New Website: The Fast, Easy, And Cheap Way

You may be surprised by how many decisions need to be made when managing a new website. If you’re just getting started on your journey it’s not unusual to feel a mixture of excitement for the challenge you have ahead of you and daunted by the array of topics you need to learn about.

With the right hosting plan, you can avoid the need to have a designer or web developer work on your site or having to learn how to design and code yourself. Building a website fast and cheap includes choosing a hosting plan with free domain name registration, enough resources to support growth for your business, a site builder, an eCommerce builder if you’re planning an online store, and using a CMS and other websites to make creating content easier.

Read more

Simple Trick To Finding Cheap Web Hosting That Isn’t Awful

Everyone wants the best deal at the best price. There is nothing wrong with that, but choosing a good host is about more than finding the lowest price. When it comes to hosting there is no shortage of options. There is also an abundance of providers seemingly offering the world for rock bottom prices.

There’s a lot of web hosting out there that is awful, especially on shared hosting plans. A quick trip to the reviews section for such hosting plans will often yield several people saying their sites were slow or would be often down. Shared hosting is usually the cheapest type of hosting out there – good for the budget-minded, but it also allows web hosts to cram several accounts onto one server with no resources dedicated to a given site.

Not all shared hosting is bad though, and there are a couple reliable ways to weed out the bad actors in web hosting. First, look for a 99.9% uptime guarantee from the web host as well as a commitment to 24/7 customer service. Second, create a list of requirements you need for host and find plans that meet those needs without bloating the price on features you don’t need. Read on to learn how to easily find these things and save you both time and stress the next time you need to shop for web hosting.

Read more

Telltale Signs You Need A New Web Host

The hosting provider and plan that you choose to use can have a direct impact on the quality of service your website users receive, both positive or negative. Furthermore, it can transform the ease of how you manage your website.

You should never be complacent about your hosting provider: if the service you’re experiencing is less than ideal for you, then it’s likely to be the same for your visitors too. This can absolutely crush the experience your users have on your site, impacting both your sales and your rankings. In this case, it may be time to consider if the host is right for you.

Poor customer service, slow page speeds, websites crashes, usage alerts, and having find workarounds or contact support on a regular basis are all signs that you may need to look for a new hosting plan or provider. Sometimes you may just need to upgrade your package, sometimes you may need to change your host altogether. Read more to learn how each sign could be impacting your site’s potential and if you need a new host or plan.

Read more

How To Find The Perfect Web Hosting For Your Needs

Finding the perfect web hosting is as easy as getting a plan that meets your requirements without excessive features and specifications going to waste. Okay – it’s probably not that easy since understanding what your needs are can be a challenge if you don’t know where to begin.

In order to find a web hosting plan that supports your website goals, you need to understand the size of your current audience, determine its potential growth, assess your resources, and identify what features are relevant to your website. This will result in establishing a set of minimum requirements that you can use to assess a hosting plan. The following steps will guide you through that process.

Read more

Web Hosting Basics: Everything You Need To Get Started

In today’s world, everything is done online. Having an online presence allows you to reach others in ways that were previously impossible, making the benefits of having one obvious. However, starting a website can be a confusing and daunting task.

The basics of web hosting include understanding what web hosting and domains are; learning how data storage, bandwidth, and uptime impact your website, and what type of hosting is appropriate for your business.

Read more

Keep visitors by using these UI features with care

UI tricks to avoid

A poor user experience can derail the success of a website. Many web designers risk turning their visitors away in frustration because poor User Interface choices are contributing to a bad user experience.

Following web trends can easily lead web designers into this trap. What looks cool in design circles can be off-putting to visitors.

This article looks at some UI no no’s and explores how a web designer might bend the rules to include them in a way their visitors won’t mind.

Read more

Functions to avoid for PHP and WordPress Developers

secure php and wordpress

PHP, the language powering WordPress has evolved significantly in recent years. The programming language is now on version 7 and performing better and more securely than ever before.

As PHP and the web has matured much of the functions of PHP have been improved upon or replaced. However Functions that have long past their glory days, together with misinformation on the proper usage, still linger.

By updating to the latest version of PHP problems that can occur by using this code can be avoided as those the functions are deprecated and begin to lose their support.

It is not always possible to update, so some developers may find themselves with access to code that they can use but shouldn’t

In this article, I will look at some of the functions that PHP and WordPress developers should take caution with and avoid altogether when attempting to build a secure website. These are functions known to developers should be avoided.

By now it is widely known that magic quotes and globals are no no’s in PHP security and thankfully newer versions of the language do not support this. You will also be hard-pressed to find a host that allowed this code on their servers too.

Going beyond these obvious security flaws to avoid are some common misconceptions over when to be alert using outdated functions or functions frequently used that go beyond their otherwise safe purpose.

The below are my big never use in PHP Functions.

Passwords

The worst offending, outdated code, a problem I come across is password hashing.

A common misconception is that MD5 and Shar1 should be used for this purpose. This is absolutely wrong and completely outdated. Unfortunately, this is a real problem as some education institutions still teach outdated PHP password hashing.

With MD5 and Shar1 all hashes can ultimately be linked back to one source.

PHP now comes with its own inbuilt Password hashing functions, this is the most advisable method to use for your password hashing needs. For now at least. This function uses BCrypt which uses a built-in salt meaning it is impossible to get two hashes with the same value with the same source password. This is unlike password hashing with MD5 and Shar1 where the hash for a given word will be the same.

Hashing a password is a one-way system that cannot be reversed into its original state. This is distinct from encryption that can be decrypted back to its original state.

Websites now exist with the dedicated purpose of breaking MD5 and Shar1 hashes and can do so in seconds with billions of known hashes stored in databases known as rainbow tables. Previously it was the case that these hashing functions would take years to break but that was with the most sophisticated technology of the time, and this has moved on.

There are several arguments that support MD5 and Shar1. Despite some misinformation that is around it is not the case that either of these hashing function can be hashed inside each other to create a stronger password. Nor is it the case that the websites that are dedicated to breaking hashes can have only a small pool of possible passwords to serve up a password that matches the hash provided.

Ultimately users will create themselves insecure passwords but good security should never rely on user input.

eval

The original purpose of this function was to evaluate a string as PHP code.

This purpose has been found to be open to manipulation and injection, not actually escaping anything, can pass through a raw request to be executed on the server, this potential could be from malicious user input. In worst case scenario a hacker might wipe out entire server.

Rasmus Lerdorf, the founder of PHP himself disapproves of the use of eval function. He once even said “If `eval()` is the answer, you’re almost certainly asking the wrong question.””.

globals

Global can change a variable state so can change something from a local to a global state, for instance, a variable inside a function or closure that is a local state, but prefix it with global and it potentially turns it into a global state.

This is bad because you can then access a variable outside of that function that should only be inside that function.
If you need to access the variable, then the function should be returning the value instead.

Another problem with global is the potential to interfere with an existing varible without realizing it or where that variable has come from.

Risky PHP

These PHP Functions have good wholesome real world intentions but do come with certain risks attached. For this reason, they have fallen out of favor among developers.

file_get_contents

This function has the potential to expose you to man in the middle attacks.

Over the file_get_contents() function is a useful common practice for call an external URL. The danger is when the remote pages that are fetched, the integrity of the HTTPS protocol connection is not always checked. This would then leave the file_get_contents() page result open to contain anything the attacker places there.

extract

The use of the extract function has lost popularity. The useful little function was once used by developers who just wanted to create living variables out of the key => value pairs in their code.

Developers should watch out because when extracting $_GET and $_POST this exposes vulnerabilities. The danger with extract is you don’t know what your extracting. The risk here is that you may find you are extracting malicious input data from the user.

If this is unavoidable, then the web developer should be sure to sanitize data resulting from the extract before it is used.

WordPress dangers

WordPress builts on PHP and provides a library of its own useful functions to make use of when developing plugins and functionality for the popular CMS. Here are some common user mistakes with some of these functions.

dd_query_arg

Not so long ago WordPress developers were mistakingly believing that this WordPress function sanitized their URL’s. This was caused by misleading information in the documentation. Some website continue to use this safely as a result meaning website owners are not as safe from XSS attacks as they thought they were.

is_admin

The problem with this function lies in the name. It looks like it will tell you if the user is an admin. In fact, what it indeed does is indicated that the code is on the administration side of the site as opposed to the front end viewable by the average visitor.

Read more

Speed your development workflow with these Chrome extensions

A very popular browser choice among developers is Google Chrome. And a great but often underused feature of Chrome is its Extension Store. As a developer, you can use this resource to access a multitude of free tools that will help you cut down on some of the most tedious tasks in development.

After all, as rewarding and interesting that development may be, it’s still true that tasks such as browser testing and link testing can be very dull ways to spend huge chunks of time.

Development Extensions

These Chrome extensions will help you speed up your development workflow right from your browser.

Chrome Extension - Web Developer

Web Developer
Get the extension

If I could only install one extension, then this would be my choice. With this extension, a developer will be able to gain a lot of information on their project.

I find the most useful features of this extension is the ability to disable things like javaScript, cookies, CSS styles and images. I also find it very useful to outline elements based on their type. This could be floated elements and absolutely positioned elements as well as floated elements and headings.

I also really like how I can work with forms, this is really useful for when testing the forms I have built are working correctly. With the Web Developer extension, I can quickly complete mundane tasks like clearing form fields and checking and unchecking form fields.

Web Developer Checklist
Get the extension

I like my websites to be the best they can be, and for this reason, I keep the Web Developer Checklist as part of my toolkit.

The Checklist extension will test your website to make sure it is mobile worthy and passes SEO, accessibility and security essentials.

It is even possible to check the quality of code. However, I have my IDE also checking this for me as I write code based on Laraval Artisan standards.

Pesticide
Get the extension

I think the name for this handy, simple extension is perfect, sometimes when working with front-end development, the code issues can feel like a real bug hunt.

The purpose of this extension is to outline all CSS elements to see the placement on a page better and help to identify a problem which could otherwise feel like hunting down a pest in your code.

Browser testing – Browserling and IETab
Get Browserling
Get IETab

Testing in multiple browsers is definitely one of those tedious tasks mentioned earlier. The bad news is there is no getting away from browser testing; however, it’s definitely not as painful as it used to be and there are now extensions that mean you can do it all in one tab.

One such extension is Broswerling. This is a live interactive cross-browser testing service, and it provides cross-browser testing for web developers and web designers. Also, it provides quick access to all the most popular browsers on the most popular operating systems.

Link Checker
Get the extension

Much like browser checking, link checking is also an essential highly tedious task. The Chrome browser extension Link Checker has one simple but powerful purpose which is to make this tedious task a thing of the past.

Extensions for designers

Chrome Extension – Spectrum

Here are some of the best extensions for front-end designer to speed up real-world, everyday tasks.

WhatFont
Get the extension

The WhatFont extension in invaluable when it comes to identifying a font. Sometime when browsing the web I come across a website that uses terrific typography but determining what makes it so great is not always intuitive to developers and this extension makes that process so much easier.

Information can be found on type family and font size and, what’s more, it can help you find out if your typography find is available on Google API or even TypeKit if you prefer.

ColorZilla
Get the extension

If you find you frequently need to design a website around a specific color pallet, then this extension will be a great asset.

Often clients know they want their color scheme to match their logo or some other design work. Or even their existing website. What ColorZilla will do is use a color picker to select any shade in the browser and find the HEX or RGB code of those colors.

Spectrum
Get the extension

Color deficiencies are common but not widely accounted for by web designers. A color blind person may have a needlessly terrible time on a website you designed, but this can all be solved with a few adjustments to your design.

Spectrum is an extension that will allow you to see your website like a color blind person would do addressing the problem of wanting to help but not knowing how to.

Read more

Staying relevant in the 2018 web dev job market

stay relevant in web dev

Web development stays still for no one, anyone in the industry longer than 12 months can tell a newbie this from first-hand experience.

In 2018 it feels like this is the year the industry starts to feel the impact of recent disruptions and many web designers are already beginning to feel the effects of AI tools taking over tasks that were once a staple of their skill set.

Read more

Build on Bootstrap for fast and quality web design

website design

Bootstrap is the most popular HTML, CSS, and JS framework for developing responsive, mobile projects on the web.

You have probably come across Bootstrap as a web designer along with other technologies such as Sass, LESS, Grunt, Gulp, npm ect and felt like it you need to absorb an avalanche of knowledge before you can get started on your website. This can feel like overkill for smaller sites too.

Read more