Upgrade to Pro — share decks privately, control downloads, hide ads and more …

10 tips for a stable webshop - Safeshops 2017

10 tips for a stable webshop - Safeshops 2017

Ca901ddcea38854b9783781c91fc87c9?s=128

Thijs Feryn

May 23, 2017
Tweet

Transcript

  1. 10 tips for a stable webshop By Thijs Feryn

  2. Hi, I’m Thijs

  3. I’m @ThijsFeryn on Twitter

  4. I’m an Evangelist At

  5. None
  6. 10 tips

  7. ONE

  8. Own your own domain

  9. None
  10. TWO

  11. Anti-DDos measures

  12. ✓Volume-based ✓Botnets ✓Traditional UDP flow ✓(DNS) amplification & reflection attacks

    ✓Slow Loris ✓Targeted attacks DDoS
  13. ✓Web Application Firewall ✓CDN (+DNS offloading) ✓Flow monitoring + BGP

    routing ✓NAWAS Anti-DDoS
  14. THREE

  15. SSL all the way

  16. Encryption & trust

  17. ✓Domain Validation ✓Organization Validation ✓Extended Validation ✓LetsEncrypt SSL

  18. None
  19. FOUR

  20. Protect sensitive data

  21. ✓Hash passwords ✓Encrypt super-sensitive data ✓Restricted database access ✓GDPR Protect

    sensitive data
  22. FIVE

  23. Install updates, patch your code

  24. ✓OS & distribution ✓Application stack ✓Your code ✓CMS, Frameworks &

    libraries Install updates
  25. ✓Web application firewall with 0day updates ✓Patchman, maldet In case

    your forget
  26. Prevent & cure

  27. SIX

  28. Scale: up & out

  29. ✓Scale up: more resources ✓Scale out: more servers ✓Server per

    role ✓Multiple servers per role ✓Loadbalancing ✓Clustering Scale
  30. ✓Multiple webservers ✓Separate admin backend ✓Replicated databases ✓Caching servers ✓Logging

    & indexing servers Scale: in e-commerce
  31. SEVEN

  32. Caching

  33. Don’t recompute if the data hasn’t changed

  34. ✓Redis or Memcached as internal cache ✓Varnish as page cache

    ✓CDN for media ✓User profile, checkout, … cannot be cached Caching
  35. EIGHT

  36. Optimize your images

  37. ✓Compress & optimize for web ✓Inline images ✓SVG data ✓Optimize

    for connection & resolution Optimize your images
  38. NINE

  39. Deployments Automated & safe

  40. ✓Version control (Git, SVN) ✓Build server ✓Automated tests ✓SSH-based (SFTP,

    SCP, Rsync) ✓Post-deploy tasks ✓Atomic version switch ✓Rollback Automated & safe deployments
  41. TEN

  42. What kind of …

  43. None
  44. ✓Shared ✓Dedicated ✓Managed Cloud ✓Colocation ✓SaaS ✓PaaS ✓IaaS What kind

    of hosting?
  45. None