It is now a common practice to use composer as part of our deployment stack. The recipe goes like this: gitignore your « vendor » directory (or whatever folder your dependencies end up in), but commit your composer.lock file, then deploy. Is this such a good idea?
The recipe goes like this : gitignore your "vendor" directory (or whatever folder your dependencies end up in), but commit your composer.lock file, then deploy.
The Blackfire.io profiling tool is now available to Code Enigma customers.
Blackfire.io is a profiling tool by the people behind Symfony, SensioLabs. We had a demo of this useful performance profiling tool some months back and decided it looked really good.
Using Drupal as a Service Provider with an Active Directory Federation Services server as the Identity Provider, using SAML
We'll try to cover the needed step to authenticate (and create if need) Drupal 7 users against an external Active Directory Federation server, using SimpleSAMLphp and the simplesamlphp_auth mo
Code Enigma is changing the provider of it's infrastructure, moving all services to Pulsant.
We first met Pulsant in 2012, when we co-sponsored the excellent DrupalCamp North West (along with a bunch of other companies, of course).
A quick note to help if you ever want to monitor incoming HTTP requests regardless of web server infrastructure
If you're ever in a situation where you need to see incoming HTTP requests, maybe to check incoming headers, or you want to know what cookies are being set, or get some clues as to why things aren't being cached, the following command might be helpful:
In this final part of the series of blogs about our hosting services versus PaaS systems, we look at DX and why you don't need "the cloud" to have great developer tools.
So I said in my first post in this series that the developer probably isn't the most important stakeholder when you're selecting your hosting.
In the 4th instalment of this series about our hosting versus PaaS competitors, we look at securing your data.
Before we go into this, I'd like to explain this mostly isn't a "public cloud versus private cloud" thing, like some of the other posts in this series have been. Rather, this is looking at the companies operating the platforms you have to trust.
In the third part in the series of posts about why managed private cloud represents a better deal than public cloud services, this time looking at resilience.
Most public cloud services are not Highly Available by nature. They are designed with “cattle” in mind - that is to say, disposable units that are quickly and easily replaceable. Public cloud providers are clear on this.
Pentesters have started recommending the use of HSTS in web servers quite frequently, but often without adequately explaining the consequences. This blog tells you why HSTS should be approached with caution.
So I made a slightly sarcastic tweet the other day which deserves expanding upon.
The second instalment of traditional managed servers versus platforms in the public cloud, focusing on quality and amount of dedicated resource.
Last time I explored the cost per site of some of the Drupal platforms around, when compared against our managed private cloud servers.
The first in a series of blog posts comparing more traditional dedicated server infrastructure to the more fashionable public-cloud platforms prevalent on the market at the moment.
There are so many options out there in the hosting market, and the pricing models and benefits can be so confusing, it's hard to decide who to go with.
A quick start guide to getting going with Drupal on a CentOS server.
Before I start, I make no claim this is the best way to set up CentOS. I'm sure it isn't the only way, and I'm sure there will be other, more thorough, howto articles about the general setup of CentOS that are much better than this one.
Important facts about the ongoing #AberdeenCloud situation and how it might affect their customers and our own.
A short tragedy on the demise of #AberdeenCloud.
UPDATE 1: #AberdeenCloud have made the platform available for 36 hours, as of last night, 30th June 2016. You can, for a short time only, get files and backups again. Sounds like the platform will be available until some time around Saturday lunchtime, 2nd July 2016.
Head of support and hosting, Greg Harvey, explains what a denial of service attack is and how you can protect yourself.
Not many people have been unfortunate enough to be at the sharp end of a serious denial of service (DoS) attack.
Drupal may or may not have been the cause of the already infamous Mossack Fonseca leak, but if it was, it would never have happened if they'd kept their software up to date.
In light of the much talked about #PanamaPapers leak, it seems there has never been a better time to talk about keeping your software up to date.
Drupal security audits are not a simple job, since security holes can be both in code and in the way the site is configured. This article collates the most common things to look for when auditing a Drupal site.
Site audits are one of the services that some of our clients have requested from us in the past.
Having gone through infrastructure, virtualisation and operating system, we arrive at the software layer. What choices have Code Enigma made, and why?
We've already explained we're closely tied to Linux for many reasons, and Debian specifically. But what do we put on top of that? For the purposes of this post, I'll focus on PHP hosting.
This blog post is about why Code Enigma uses Debian as our Linux distribution of choice.
We talked in previous posts about our infrastructure and our virtualisation. This time it's the turn of our operating system.
Second in a series of posts about the Code Enigma hosting stack, covering every aspect of how we operate, from networks and servers up to deployment and testing.
In my last post I wrote about the base of our hosting stack, our infrastructure providers over at Rackspace UK. Now it's time to move up a level and look at what we put on that infrastructure, starting with our