Archief van

Officiële opening van de Blog!

Geschreven door Erwin A.W. Maas

img alttext

Nou: we kunnen eindelijk aan de slag.
Ik heb ongeveer 2 maanden geleden besloten om alle websites te vernieuwen, dat is al een poosje klaar.

Maar ik wilde ook wat interactieve mogelijkheden gaan aanbieden en heb toen na veel zoeken een leuke Sociale Media gevonden en deze blog (welke ik geweldig vind).

Alleen: er waren problemen achter de schermen, 1 specifieke achtergrondapplicatie werkte niet bij de webhost en ik heb hier lange tijd (2 maanden ongeveer) op moeten wachten, maar dat is nu klaar.
Ik heb grootse plannen met deze blog dus kom af en toe eens kijken 😉

The CSP is ready

Geschreven door Erwin A.W. Maas

That was really an adventure, took me 6 days to make a safe Content Security Policy where all scripts and stylesheets are being loaded

But I learned a lot and it's ready for now (in the future I will try to make more use of nonces instead of hashes)

Means that I can go on with real front-end websitedevelopment, which I love most

CSP: start again after 3 days work

Geschreven door Erwin A.W. Maas

Busy inplementing a strong CSP for the domain: much more work than I expected

Google tagmanager requires a nonce, but that needs mod_unique_id which wasn't installed, but the webhost is very helpful and activated it right away, works fine on Apache-side

Quantcast-choice which generates the cookie-policy application that let's visitors choose to accept or decline, is causing the biggest problem, it breaks the whole website. But now that mod_unique_id is installed I could try use a nonce for that too.

Two of the four scripts are going to use nonces, so why not try that with all the scripts?

So: back to an empty CSP and start all over...

It's not going smooth...

Geschreven door Erwin A.W. Maas

The Social Network needs GD-Library to function, it does under PHP 8.0 but not under PHP 8.2 😟

I have send a message to the webhost about it and received an answer with a question to test it out, so I did (in the testenvironment ofcourse), after that: blank page.

Trying to get back to the old version: blank page, blank page, blank page...

The only way to get it working again was with a fresh install, new database, new datafile etc.

So: back on PHP 8.0 hoping that GD will be fixed for 8.2 soon...

Decision: the Social Media stays

Geschreven door Erwin A.W. Maas

I have been studying the login-part (you have to login anew after 24 minutes not being on the site anymore) and I have come to the conclusion that prolonging the login-session will bring critical security-issues with it: 24 minutes is the default session-time and there are good reasons for that.
This means that installing another Social Media application that dóes keep users logged in for days for example, is less secure than the application that we use now, so changing applications is not an option either.

So: we will stick to this one!

Social network Issues

Geschreven door Erwin A.W. Maas

There are some issues with the Social Network, most of them are minor issues but one is not acceptable:
-when a logged in User leaves the site, the session-cookie will expire in 24 minutes. After that a person has to log in again

Busy working on it, but if this can´t be fixed I am seriously considering installing a completely different social-media script that dóes keep the users logged in for a longer period of time.

Everything must start somewhere

Geschreven door Erwin A.W. Maas

First of all:

I like to be fully open in my website-developments.
With that I mean that I like to develop websites online and start publishing before they're ready

That said: this is my first blogpost on a clean install, much much more to come, so follow this blog to see it develop!