Blog

Less than two days after it was detected a vulnerability (CVE-2014-6271) that affects the Bash shell on Linux, Unix and Mac OS X, a patch was released that solves this issue only partially, which forced to report a new vulnerability (CVE-2014-7169) still pending. This issue has quickly gained a simple name by which it will be remembered for a long time: Shellshock or Shell Shock.

The bug was detected by Stephane Chazelas, a Unix and Linux system administrator from Akamai when he found out that Bash erroneously interpreted as a command wich only was data within a variable when entering a specially crafted string in the command line. As a result, everything coming after that string was executed as a command or function by Bash. This allows any attacker to execute commands on your server arbitrarily. It’s true that this can not be done as root, but there are many harmful actions that can be done without root privileges.

It’s common not to pay much attention to website loading speed as long as it remains between more or less acceptable levels wich don’t make us waiting forever for content. However, web speed is becoming an increasingly important factor and optimization efforts in this area can be decisive for success or failure in achieving our goals.

Below are the top 5 reasons why you should start worrying about website speed and page loading times.

For all it’s well known that physical inactivity is bad for health. But not everyone knows how harmful it is, even having reached the rank of a pandemic in this century according to numerous studies. Any person staying long hours sitting in front of a computer while working knows that this causes many inconvenience over time, whether back, shoulders or neck pain, and of course weight gain and overall deterioration of physical condition. In addition there is increasing evidence from numerous studies that sitting long hours on the same position increases up to 50% the chances of developing cardiovascular disease and even various forms of cancer.

Before you can get to define what web architecture is, first it is necessary to frame it properly. There are some roles related to architecture within the Information Technology industry, but basically we can do the following division:

It’s in the latter group where web architects fall, as a subgroup of software architects specialized in designing and building applications that are used through what is known as the Web, ie, using the HTTP protocol to communicate with users or with other web applications.

There are basically two options when creating a multi-language website based on WordPress. One involves duplicating posts and pages by creating one different post for each language, wich is the approach followed by some plugins like WPML, Polylang or xili-language. Another approach is to introduce all the translations into the same post, separated by meta-tags within the content itself.

Each translation is displayed in different tabs within the HTML editor of a single post. This is the case of Qtranslate, which happens to be the simplest solution from my point of view, as it is not necessary to modify the WordPress database in order to create relationships between a post or page and their translations, as well as among other WordPress objects like categories, tags, widgets, menus, etc. Therefore Qtranslate is my favorite choice when it comes to creating a multilingual website based on WordPress.

One of the most widespread options to create a multi-language site with WordPress is to use the qTranslate plugin, wich works pretty well and it’s free. Perhaps the most sensitive aspect of multilingual sites ​​is URL translation, since it affects website’s information architecture and search engine optimization (SEO).

Precisely qTranslate does not support URL’s translation, so we must choose to install an additional plugin: qTranslate Slug. At first all works well with these two plugins installed, but problems arise when we need an XML sitemap to upload to Google.

It is quite annoying that our Google Analytics traffic statistics are adversely affected by our own visits or those of any member of our team (internal traffic). Even more in early stages of websites, while still receives little traffic and our activity is a greater percentage compared to the total activity. Not only modifies appreciably the number of visits per se, but also the number of page views per visit, bounce rate and average time spent per user among many other parameters. This makes sense, as it is when we spend more time reviewing each and every one of our web pages or performing unfinished development tasks.

Many corporate and heterogeneous networks use the rsync protocol to perform server backups or to keep files synchronized automatically from one or more directories on different machines. Linux natively incorporates the rsync utility and other associated tools, but what do you do when you need to backup Windows folders automatically from a NAS or a remote machine? One option could be to use Samba to read the contents of those folders from Linux, but it would be a fairly complex solution, because it would force us to configure Samba on the server side, set the various permissions and configuration options in Windows and place both machines on the same local network or configure complex rules on our firewall to allow SMB/CIFS traffic. And yet, the file transfer through the network would not be safe, because it would be made text clear with no encryption.

Neither version of Windows, either Windows XP, Windows 7, or 8 or more modern versions such as Windows Server 2008 or Windows 2012, provides an SSH server to use a standard way to access from other machines with different operating system and be able to run console commands, copy files, forward ports or automate logins by using public/private keys. The Microsoft alternative to this is WinRM / Powershell, but many are the chances that we will need to find a standard and compatible way to access to other systems, and what better way to do this than using the widespread and well-known SSH protocol to get into our Windows machines securely.

When we create a custom module in SugarCRM (eg «grt_Providers_Contracts») and create a link or relationship between that module and one that uses the «Related to» field type such as «Tasks», we probably will want to search all the tasks related to our new module «grt_Providers_Contracts» from the simple or advanced search form from «Tasks» module.

However, there is a bug in SugarCRM that prevents us to retrieve tasks related to a custom module if that module has underscores (_) within his name, showing the following fatal error: