Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
We’ve always had row-level security in Hyperlambda. However, as of today, row-level security in Hyperlambda and SQL is a declarative feature when generating your CRUD backend. Look at the below screenshot to understand.
The above is a simple table I added to the Aista CRM plugin using SQL Studio. The idea is to have a single table where each user can store notes for later. The “owner” field is the username of who’s note the particular record belongs to. No users should have access to other users’ notes. This idea is called “row level security”. If you reproduce the above database table in SQL Studio then go to the CRUD Generator, and select your database and table, you’ll see something like this if you expand the “owner” column.
Spark-Radiant is the Apache Spark Performance and Cost Optimizer. Spark-Radiant will help optimize performance and cost considering catalyst optimizer rules, enhance auto-scaling in Spark, collect important metrics related to a Spark job, Bloom filter index in Spark, etc.
Spark-Radiant is now available and ready to use. The dependency for Spark-Radiant 1.0.4 is available in Maven central. In this blog, I will discuss the availability of Spark-Radiant 1.0.4, and its features to boost performance, reduce cost, and the increase observability of the Spark Application. Please refer to the release notes docs for Spark-Radiant 1.0.4.
There is no question that data is king when it comes to what companies need to manage and how they can do so. In fact, there are many companies that put a lot of effort into keeping their data safe and secure at all times, and that is exactly what they should do.
Their customers trust them to keep it safe, and the companies themselves understand that the data that they collect has real value. They have worked hard to obtain the data, and there is no point in letting it out into the wild unnecessarily.
There are coders all around the world right now working on some of the most challenging coding problems that are out there. They are all likely relying on using Groovy database at least to some extent as this is a major player in the industry.
People from all over the world recognize the true power of Groovy database and all that it can provide to them from a coding perspective, but the fact that it is such a powerful tool should not be ignored.
Defender had already implemented Two-Factor Authentication (2FA) in WordPress for hardened security… now we’ve added Biometrics, too!
It has become increasingly apparent that relying strictly on usernames and passwords for logins no longer offers the highest levels of security.
WPMU DEV’s solution to addressing this is through the use of the WebAuthn standard, which bypasses vulnerabilities by providing a protocol of public key cryptography as a login authentication method.
Our newest Defender release—both Free and Pro versions—marks the start of our odyssey into the world of biometric authentication; providing the ability to verify the authenticity of a user login by way of a device fingerprint reader or facial recognition software.
The use of this new biometric authentication is similar to the existing 2FA methods already present in Defender, and can be used together with the existing TOTP (Time-based One-Time Password), backup codes, and fallback email authentication methods.
In this article, we’re going to look at how to implement the Biometric Authentication feature, as part of our 2FA WordPress plugin features in Defender.
Continue reading, or jump ahead using these links:
Let’s explore all that Defender has to offer in the form of login protection with the cool new 2FA Biometric feature.
Defender gives you the best in WordPress plugin security, stopping SQL injections, cross-site scripting XSS, brute force login attacks—and other vulnerabilities—with a list of one-click hardening techniques that will instantly add layers of protection to your site.
It also makes safety easier on and for you, taking advantage of the latest in biometric security measures.
By way of a quick overview, here’s how this works in Defender… the user will input their username & password to log in, and if biometric authentication has been configured for that device, said user can verify their identity through their fingerprint scanner or facial recognition software.
Because we’re using the WebAuthn protocol, Defender does not at any point receive any biometric data, only a confirmation or rejection from the user’s device.
I want to interject here with a quick point of interest, shared by one of our techs, Marcel Oudejans (and paraphrased by me)…
The convention of naming a dog “Fido” was popularized by Abraham Lincoln, though its use as a canine pet name dates back to the ancient Romans.
“Fido” means “faithful”. FIDO stands for “Fast IDentity Online”. The new Biometric authentication feature uses WebAuthn protocol from FIDO.
So in a lovely, roundabout way, by using the FIDO protocol to implement this feature, one could say we are infusing ‘faithfulness’ into Defender.
For more technical information on FIDO, check out this article.
Ok, now let’s take an in depth look at this awesome new Biometric feature.
First, make sure you have the Defender plugin installed and activated, and update it to the latest version (at the time of this writing, that’s 3.0.1). Defender versions 3.0 and higher are fully compatible with the recently released WordPress 6.0.
Two important things to note up front:
Navigate to the WordPress Dashboard > Defender. If you’ve just now updated, you’ll get the popup modal. Give it a quick read, then click the Got It button.
You’ll be on Defender’s main page now. From the left sidebar, click on the 2FA menu header.
Another popup will appear; click on the Activate button.
Now you’ll see all the section information for Two-Factor Authentication, and all the options we have available here.
From the same Defender 2FA page, under User Roles > Administrator, toggle the button On. Make sure to scroll to the bottom and click on Save Changes.
From the Dashboard’s side menu, go to the Users section, and click on your Admin User profile.
Scroll down to the Security section, and toggle ON the button next to Biometric.
Once the Biometric feature is toggled on, you’ll see a suggestion to choose an additional authentication method from these options: TOTP, Backup Codes, and Fallback Email.
In the example below, you’ll see I’ve selected Fallback Email, but you can choose whatever method(s) you prefer. Remember to click the Update Profile button at bottom.
Biometric authentication does not replace your traditional WordPress login (i.e., username & password), instead adds an additional secure layer, like the other authentication options above.
While many browsers and operating systems are compatible with the WebAuthn protocol used to manage the authentication process, some are currently not. Check here to see WebAuthn’s browser and OS compatibility list.
With biometric authentication enabled, the Registered Device table will appear, with options to Register Device or Authenticate Device.
Clicking the Register Device button will start the prompt from your browser to configure the form of biometrics you wish to use, depending on which are available on your device.
Enter any name in the Authenticator Identifier field, then click the Start Registration button.
Note that depending on the device you are using the registration process will differ.
Registering a Windows desktop or laptop will prompt you to enter your Windows Hello PIN, or whatever other authentication method may be enabled on your device.
Registering a mobile device will prompt you to touch the fingerprint sensor, or whatever other authentication method may be enabled on your device.
Back on your Users Profile page, if you scroll to the bottom under Security > Registered Device, you’ll see your device listed here, along with a message beneath it confirming it has indeed been registered.
The next step is to authenticate the device you just registered.
Once the device has been registered, click the Authenticate Device button.
The same authentication method used to register the device will prompt you to confirm the action.
Once done, you’ll see a success message appear. Now you’ll be able to use the registered biometric option as a fast, secure way to login to your site.
If desired, you can rename or delete any authenticated device.
Navigate to the WordPress Dashboard > Users, and click on your username.
To Rename:
From Profile > Security > Registered device, click on the Rename text in the Action column. Type the new name, and click Save.
To Delete:
Same process as above, but click on the Delete text in the Action column, then click OK from the next popup.
Be advised that the Delete action doesn’t save settings, so if you decide you want to use the Biometric feature from that device again, you will need to go through the full setup process.
Likewise, if you deactivate any biometric functionality on your device, the login will no longer work, and you would need to repeat the process on your device to restore the feature’s functionality.
FIDO Alliance standards were created from the outset with a “privacy by design” approach and are a strong fit for GDPR compliance.
Because FIDO delivers authentication with no third-party involvement or tracking between accounts and services, biometric authentication with FIDO2 compatible devices is fully GDPR compliant.
With FIDO, no personally-identifying information ever leaves your device.
For more information, see the following article on the FIDO website: FIDO Authentication and GDPR.
If you enable more than one additional authentication method in your profile, each will display as alternate options beneath the method you have set as your default. In the example below, TOTP Authentication is my preferred method.
You can click on any available option in the list, and it will display the selected alternate authentication method.
A final note… Biometric authentication requires that the following PHP extensions be enabled on your server: mbstring, GMP, and Sodium. These extensions are enabled by default on all sites hosted by WPMU DEV.
If you are hosting elsewhere and any of them are not enabled on your server, you’ll see an alert like the one below. Reach out to your hosting provider to have them enable the extensions for you so that you can use this feature.
Click here for WPMU DEV’s full documentation on Defender’s Biometric authentication feature.
As protective measures go in WordPress, it’s hard to beat Defender.
Defender has powerful security protocols, including malware scanning, antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication (2FA), including the newly added Biometric Authentication.
The latest version of Defender also came with an additional, useful enhancement to Defender’s WP-CLI “scan” command. By using this WP-CLI command and option, if any issues are found, Defender will create a table with results.
Previously, you could only see the results of a malware scan from the back-end of the site (at WP Admin > Defender Pro > Malware scanning), but now you’ll be able to see the completed scan results right in the console.
Coming soon for Defender… we’ll expand on our use of WebAuthn, with our devs currently working on the ability to use hardware authentication devices. Plans are also underway to implement ‘password free’ logins in the best way possible, using the WebAuthn protocol.
You can read about upcoming features for any of our tools and services anytime in our product Roadmap.
If 2FA is the question, Defender is the answer. Handling security in your WordPress sites can be as simple—yet complete—as activating Defender.
Defender had already implemented Two-Factor Authentication (2FA) in WordPress for hardened security… now we’ve added fingerprint/facial recognition, and external hardware security keys, too!
It has become increasingly apparent that relying strictly on usernames and passwords for logins no longer offers the highest levels of security.
WPMU DEV’s solution to addressing this is through the use of the WebAuthn standard, which bypasses vulnerabilities by providing a protocol of public key cryptography as a login authentication method.
Our newest Defender release—both Free and Pro versions—marks the start of our odyssey into the world of Web Authentication; providing the ability to verify the authenticity of a user login by way of biometrics (facial or fingerprint recognition), or a USB security key (e.g., YubiKey).
Usage of these new web authentication methods is similar to the 2FA methods already present in Defender, alongside the existing TOTP (Time-based One-Time Password), backup codes, and fallback email authentication methods.
In this article, we’re going to look at how to implement these new Web Authentication methods, as part of our 2FA WordPress plugin features in Defender.
Continue reading, or jump ahead using these links:
Let’s explore all that Defender has to offer in the form of login protection with the cool new 2FA WebAuth features.
Defender gives you the best in WordPress plugin security, stopping SQL injections, cross-site scripting XSS, brute force login attacks—and other vulnerabilities—with a list of one-click hardening techniques that will instantly add layers of protection to your site.
It also makes safety easier on and for you, taking advantage of the latest in WebAuth security measures.
By way of a quick overview, here’s how this works in Defender… the user will input their username & password to log in, and if Platform authentication has been configured for that device, said user can verify their identity through their fingerprint scanner or facial recognition software. Likewise, if the Roaming authentication has been configured for that device, the user can verify their identity through their USB security key.
Because we’re using the WebAuthn protocol, Defender does not at any point receive any biometric or security key data, only a confirmation or rejection from the user’s device.
I want to interject here with a quick point of interest, shared by one of our techs, Marcel Oudejans (and paraphrased by me)…
The convention of naming a dog “Fido” was popularized by Abraham Lincoln, though its use as a canine pet name dates back to the ancient Romans.
“Fido” means “faithful”. FIDO stands for “Fast IDentity Online”. The new Biometric authentication feature uses WebAuthn protocol from FIDO.
So in a lovely, roundabout way, by using the FIDO protocol to implement this feature, one could say we are infusing ‘faithfulness’ into Defender.
For more technical information on FIDO, check out this article.
Ok, now let’s take an in depth look at these awesome new Web Authentication features.
First, make sure you have the Defender plugin installed and activated, and update it to the latest version (at the time of this writing, that’s 3.1.1). Defender versions 3.0 and higher are fully compatible with the recently released WordPress 6.0.
Two important things to note up front:
Navigate to the WordPress Dashboard > Defender. If you’ve just now updated, you’ll get the popup modal. Give it a quick read, then click the Got It button.
You’ll be on Defender’s main page now. From the left sidebar, click on the 2FA menu header.
Another popup will appear; click on the Activate button.
Now you’ll see all the section information for Two-Factor Authentication, and all the options we have available here.
From the same Defender 2FA page, under User Roles > Administrator, toggle the button On. Make sure to scroll to the bottom and click on Save Changes.
From the Dashboard’s side menu, go to the Users section, and click on your Admin User profile.
Scroll down to the Security section, and next to Web Authentication, toggle the button ON.
You’ll see a recommendation to choose an additional authentication method from these options: TOTP, Backup Codes, and Fallback Email.
In the example below, you’ll see I’ve selected Fallback Email, but you can choose whatever method(s) you prefer. Remember to click the Update Profile button at bottom.
Web Authentication does not replace your traditional WordPress login (i.e., username & password), instead adds an additional secure layer, like the other authentication options above.
While many browsers and operating systems are compatible with the WebAuthn protocol used to manage the authentication process, some are currently not. Check here to see WebAuthn’s browser and OS compatibility list.
With WebAuth authentication enabled, the Registered Device table will appear, with options to Register Device or Authenticate Device.
Clicking the Register Device button will start the prompt from your browser to configure the form of Web Authentication you wish to use, depending on what’s available on your device.
Select an Authenticator Type, enter any name in the Authenticator Identifier field, then click the Start Registration button.
Depending on the authenticator type and device you are using, the registration process will differ.
Registering a Windows desktop or laptop will prompt you to enter your Windows Hello PIN, or whatever other authentication method may be enabled on your device.
Registering a mobile device will prompt you to touch the fingerprint sensor, or whatever other authentication method may be enabled on your device.
Example 3:
Registering a USB Security key will prompt you to go through a brief series of steps.
Back on your Users Profile page, if you scroll to the bottom under Security > Registered Device, you’ll see your device listed here, along with a message beneath it confirming it has indeed been registered.
The next step is to authenticate the device you just registered.
Once the device has been registered, click the Authenticate Device button.
The same authentication method used to register the device will prompt you to confirm the action.
Once done, you’ll see a success message appear. Now you’ll be able to use the registered WebAuth options as additional, secure ways to login to your site.
If desired, you can rename or delete any authenticated device.
Navigate to the WordPress Dashboard > Users, and click on your username.
To Rename:
From Profile > Security > Registered device, click on the Rename text in the Action column. Type the new name, and click Save.
To Delete:
Same process as above, but click on the Delete text in the Action column, then click OK from the next popup.
Be advised that the Delete action doesn’t save settings, so if you decide you want to use the Biometric feature from that device again, you will need to go through the full setup process.
Likewise, if you deactivate any WebAuth functionality on your device, the login will no longer work, and you would need to repeat the process on your device to restore the feature’s functionality.
FIDO Alliance standards were created from the outset with a “privacy by design” approach and are a strong fit for GDPR compliance.
Because FIDO delivers authentication with no third-party involvement or tracking between accounts and services, biometric authentication with FIDO2 compatible devices is fully GDPR compliant.
With FIDO, no personally-identifying information ever leaves your device.
For more information, see the following article on the FIDO website: FIDO Authentication and GDPR.
If you enable more than one additional authentication method in your profile, each will display as alternate options beneath the method you have set as your default. In the example below, TOTP Authentication is my preferred method.
You can click on any available option in the list, and it will display the selected alternate authentication method.
A final note… Web Authentication requires that the following PHP extensions be enabled on your server: mbstring, GMP, and Sodium. These extensions are enabled by default on all sites hosted by WPMU DEV.
If you are hosting elsewhere and any of them are not enabled on your server, you’ll see an alert like the one below. Reach out to your hosting provider to have them enable the extensions for you so that you can use this feature.
Click here for WPMU DEV’s full documentation on Defender’s Web Authentication feature.
As protective measures go in WordPress, it’s hard to beat Defender.
Defender has powerful security protocols, including malware scanning, antivirus scans, IP blocking, firewall, activity log, security log, and two-factor authentication (2FA), including the two newly added Web Authentication methods–Biometric, and USB Safety Key.
The latest version of Defender also came with an additional, useful enhancement to Defender’s WP-CLI “scan” command. By using this WP-CLI command and option, if any issues are found, Defender will create a table with results.
Previously, you could only see the results of a malware scan from the back-end of the site (at WP Admin > Defender Pro > Malware scanning), but now you’ll be able to see the completed scan results right in the console.
Coming soon for Defender… we’ll expand on our use of WebAuthn, with our devs currently working on the ability to use hardware authentication devices. Plans are also underway to implement ‘password free’ logins in the best way possible, using the WebAuthn protocol.
You can read about upcoming features for any of our tools and services anytime in our product Roadmap.
If 2FA is the question, Defender is the answer. Handling security in your WordPress sites can be as simple—yet complete—as activating Defender.
Hi everyone! My name is Georgy Lebedev, and I'm a part of Tarantool's kernel development team. In 2021, we participated in the Google Summer of Code (GSoC) for the first time: one of the proposed projects was migration of SQL from VDBE to a JIT platform — that's where my journey in Tarantool began.
Having a year of developing various toolchain components as educational projects under my belt and armed with the support of mentors (Nikita Pettik, Timur Safin, and Igor Munkin), I took on this project. While building a platform for JIT compilation of SQL queries in Tarantool virtually from scratch during just one summer, I have encountered some pitfalls and acquired, in my opinion, interesting knowledge and experience which I would like to share. This article will be of interest first and foremost to those who are interested in further maintaining this project, as well as to those who are considering implementing JIT compilation in their own SQL.
What’s the best way to store, protect, and access your data? This is a fundamental, yet critical decision. After all, data is the cornerstone of success for just about every modern organization. For most companies, the choice comes down to SQL and NoSQL databases. Each has unique strengths and weaknesses.
They’re extremely flexible and easy for developers to work with and modify. Learn more about SQL and NoSQL databases and their basic differences.
Installing Joomla on one of Microsoft's SQL-based back-ends can be simple with the setup utilities provided. The process is shown in detail via tutorials on Hooduku's channel on YouTube. Here is a pair of videos that can get you set up quickly and easily!
You can find the second part of this installation guide on the site linked below, as it hasn't been put on YouTube yet.
This is my series of articles covering short "today I learned" topics as I work with CockroachDB. Read the previous installments:
CockroachDB has a very user-friendly and helpful UI called DB Console. I like to refer to it when I debug query performance. There is a very useful Statements page that shows a statement overview and explains plans and execution stats.
In this article, we will talk about system database corruption. It means that one or more system databases are corrupted. Corruption in system databases, such as master databases, is a big problem because SQL Server will stop. Let’s see how to fix this problem.
System databases are databases used internally by SQL Server and are necessary for its operation.
This web gem offers a very smooth scroll experience, a delightful color theme and fine effects. Our pick this week.
Start delivering rich videos across devices with automatic optimizations, on-the-fly video transformations, and integrated video CDN.
Motion DevTools is a Chrome extension for creating web animations where you can inspect, edit and export animations made with CSS and Motion One.
A high-performance framework with fine-grained observable-based reactivity for building rich applications.
A deep-dive into the new CSS subgrid feature with real-life examples and use-cases. By Ahmad Shadeed.
Web styling features of today and tomorrow, as seen at Google IO 2022, plus some extras. By Adam Argyle.
A free online beat-making machine based on a circular timeline.
Organically changing flowers to express the innumerable shapes and love of mothers. A beautiful ad project made by mount inc.
Learn about D1, Cloudflare’s first SQL database, designed for Cloudflare Workers.
Atipo released a super modern new font and offers the regular and italic weight for free.
Google’s most popular font gets customizable with the launch of Roboto Flex.
Maxime Heckel’s deep dive into his experience building his own design system that documents my process of defining tokens, creating efficient components, and shipping them as a package.
A new weekly newsletter for front-end developers with a specific focus on tools. Curated by Louis Lazaris.
Adam Laki from Spruce CSS offers some good advice on writing better CSS.
Markdoc is a powerful, flexible, Markdown-based authoring framework by Stripe.
Find out how the :has() parent selector can help you simplify your code and avoid JavaScript entirely using practical, real-life examples.
A massive guide with everything you need to know about ES Modules and Bundlers.
A beautiful scroll experience made by the folks of Immersive Garden.
Some thoughts on the standardization of web platform APIs beyond the browser by Jim Nielsen.
Studio Freight’s take on smooth scroll: lightweight, hard working and smooth as butter. Still in WIP but looking great already!
A real-time jelly simulation on the GPU made by saharan.
Iconex is a gigantic set of more than 1000 icons for Figma. Made by Dmitry Mikhaylov.
Results of surveys filled in by 3073 developers from 125 countries about the state of frontend.
An experimental layout transition where a stack of images animates to a gallery view, showing some more content.
The post Collective #711 appeared first on Codrops.
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can seem really daunting.
Thankfully, most real-life vulnerabilities share the same root causes. And by studying these common vulnerability types, why they happen, and how to spot them, you can learn to prevent them and secure your application.
Imagine you're watching a baseball game. In the middle of the fifth inning, your pitcher throws a strike and then another one. The fan sitting next to you jumps to his feet in a jubilant celebration.
You could be forgiven for wondering what's going on. After all, it takes three strikes to get a batter out — why is this guy dancing like the game is already over?
I recently shifted from IntelliJ IDEA Ultimate to Visual Studio Code (VS Code) and I have no regrets! VS Code is highly customizable and fast. It stores your settings in the cloud so you don’t have to worry about configurations when you move to a different machine.
As expected, it has support for Java, Git, SQL, Spring Boot, and many other languages, frameworks, and tools.
To become an insight-driven organization (IDO), first and foremost, you need data and the tools to manipulate and analyze it. Another essential component is the people (i.e., data analysts or data scientists) with appropriate experience. Last but not least, you need to find a way to implement insight-driven decision-making processes across your company.
The technology that lets you make the most out of your data is Machine Learning. The ML flow starts by using your data to train the predictive model. Later, it answers your data-related questions. The most effective technology for Machine Learning is Artificial Neural Networks. Their design is influenced by our current understanding of how the human brain works. Given the great computing resources people currently have, it can lead to incredible models trained with a lot of data.
