• Python Virtual Environment, and Package Management

    Python virtual environments, and as well package management, has a shaky history, and it has been changing a lot for last few years.
    Even currently, (early 2018), it is confusing because there are many tools for virtual environments (venv, virtualenv, pyvenv, pyenv).
    I couldn’t find one tutorial that describe everything in just one place, so I thought, I will write it down.
    This post is a combination of many official documentation, answers of StackOverflow, and different blog posts that I think will give you comprehensive picture, not only for the virtual environment, but for the package management as well.



    read more ...
    Simple Explanation of XSS Attacks

    Cross-Site Scripting attack (XSS), is one of the top 10 OWASP most critical web application security risks.
    As a developer I pay extra attention to this attack, because it is 100% caused by a vulnerable code, and it is 100% developer responsibility to protect against this attack.



    read more ...
    Hadoop and Map Reduce - Part 3

    The chances are, the most common software you will hear about while you are navigating the Big Data World, is Hadoop.
    Hadoop by itself, is very important and widely used computational platform, and adding to that, it is the base of other software, technologies and applications that are built on top of it.
    Lots, and lots of important technologies, and software in different domains and business are built on Hadoop.
    Hadoop is complex and its computational framework MapReduce is complex, but the good news is there is a good chance that you can use all of the technologies that are built on Hadoop without the need to learn or deal with Hadoop at all.
    In spite of that, still understanding the basic concepts of Hadoop will give you a boost in the Big Data World, becuase you will encounter its concepts in other technologies and software.



    read more ...
    Advanced HTTPS

    Adding an SSL Certificate and enabling HTTPS on your web site is not the end of the road for securing your website, and securing the communication to your website.
    It is just the start, and you need to do more steps related to HTTPS to guarantee your site safety, and your visitor safety. In this post I am going to describe:

    1. TLS and its algorithms in more depth.
    2. Insecure protocols, and algorithm.
    3. Best algorithm combination.
    4. Redirect from HTTP using HSTS.


    read more ...
    Universal (Isomorphic) React Application. Beyond the basics.

    I decided to write this post, because I didn’t find any blog post, article, or a tutorial that will sum up for developers what the issues they are going to face when they build a universal application.
    If you googled a tutorial on how to build a universal react application, you will find a lot, but most of them are just covering the surface, hello-world examples. But as you go further, or even you decided to use one of the universal frameworks/boilerplate, you will start to face some issues and difficulties.



    read more ...