So a little while back when I had been playing with Pagespeed I somehow managed to break certificate stapling on my server. So when I ran the Qualys SSL Server Test my score had fallen to a B! I messed around and tried a few things and I had no luck getting it to work. One of my friends said the site started to give weird errors under Chrome on Android. Then I was reading this CertSimple Blog entry yesterday and they mentioned the Mozilla Server Side TLS Project, which I don’t think I had heard of. Basically what it does is you enter your server version and your OpenSSL version and how aggressive you want your security settings and it will generate a sample config for you. It will tell you based on how aggressive your settings are what the minimum browser versions are. For example of of the differences between Intermediate and Modern is that they drop support for TLSv1 in Modern and only support TLSv1.1 and TLSv1.2. For most browsers this doesn’t seem to be an issue but if you are running IE that means the minimum browser version is IE 11. I debated whether I should drop TLSv1 support or not, but I figure if I keep it I can support IE back to 7, though I can’t imagine any software engineers that might check out this blog using IE anyway. For now I have kept it but one of these days I will drop it because given the rate of SSL issues with Freak and Logjam lately, it is only a matter of time before someone finds a hole in TLSv1.

We had some workshops over the last couple of days at work on an intro to Angular.js. I have to say I came away from them pretty impressed with the framework. I can see why it is taking the development world by storm.

I think the controllers make it very relate able for anyone coming from the Java world as it is like dealing with Spring or Struts at that point. The way you do URL parameters in your $routeparams is just like doing any sort of rest URL parameters.

I have had it with AT&T Uverse! We have been having some internet issues lately. We have been AT&T Uverse customers since 2008. I started out with 6mbit service then upgraded to 12mbit and then to 18mbit (upstream is only 1.5 mbit.) When we first got it installed it was very cheap but as the years have been going on they have been increasing the prices and not necessarily the speed. The first time they installed it they had to do like a 4 hour install which pretty much involved rewiring the house from the Node in the alley all the way to the jack they installed for the gateway. Given that my house is over 100 years old this probably isn’t too surprising. When I initially did the upgrade from 6 to 12 mbit the speed only went up to 8 mbit. They sent a tech out and he fixed the wiring apparently the first installer had done a few things wrong, and he had to replace our 2-wire gateway as that also seemed to have issues. At some point I upgraded from 12 to 18mbit as the price differential was so small there was no reason not to. When we first got 6 mbit service it was amazing, videos streamed perfectly, downloads were fast I was very happy. When I upgrade to 12mbit I was blown away I was downloading songs from iTunes in 3 seconds everything was great. We could watch Netflix without having to wait to buffer again life was good. When we went to 18 I didn’t notice a big difference but everything just got a little bit better. But as time has gone on the service quality has gotten horrible, even though I still have my 18mbit clearly AT&T has some backbone issues, as I can hardly play a YouTube video now without it choking. I tried doing some Amazon streaming a couple of months ago, and it was almost unusable.

I am always a little amazed when I get an email from my blog that tells me it upgraded software versions. Even though I have had auto-updating operating systems and other software for years, something about a website updating itself just seems like a bigger deal. I am sure most people think like whatever, but I think what a cool time we live in, when all this stuff just manages itself.

Google has changed their algorithm to favor sites that are more mobile friendly if the user is coming from a mobile device. So of course wanting my blog to show up in search results I ran google’s tests on it. The first one they have is Mobile-Friendly. I ran that and am happy to report that Wordpress automatically took care of that for me. The other tool that you should run against your site is Google Pagespeed. When I ran that it actually had a list of a few things that I should fix to make my page faster. Some of them I wasn’t quite sure if I can change inside of Wordpress easily but one that it highlighted was that I didn’t have GZip compression enabled for my site. They also give instructions on how to fix the issue. So now because of Pagespeed my site will now compress files it sends across. Anyway wanted to mention them both as they both seemed pretty useful to me.

The Electronic Freedom Foundation has released a nice post on how one should configure their server to pass the Qualsys SSL Labs test with an A+. Given that when I initially setup my site it took me like 3 hours of messing around to get my site to pass with an A+ I figured I should share this post with everyone as it is so useful. Check it out here!

I have been using open source software now for about 20 years. One of the things that I always saw discussed back in the day was if you don’t like the way a project is being run you can always fork it and do things differently. In all my years I have never actually felt the need to do such a thing because lets be honest running an open source project is a ton of work. As readers of my blog know I have been wanting to update to Spring 4.1. What has been holding us back was a change in aspectj 1.8.2 where it would automatically process annotations found in the code. This ends up generating the hibernate meta-model and dumping the files wherever maven was invoked. So trying to work within the project I opened up a jira for an enhancement which would allow me to pass a flag to the compiler to not process the annotations. There was a quick response at the beginning of January and I was left with the impression that this would be handled in a couple of weeks. Finally in the middle of February with the work still not done Ralph Engelmann submitted a patch which would actually implement the feature.

I came across this book: SEO Like I’m 5: The Ultimate Beginner’s Guide to Search Engine Optimization

Anyway it is free I think through tomorrow on kindle, so if you want to learn some more about SEO strategies this seems like a good way to do it for free. I downloaded it, but haven’t had a chance to check it out at all yet.

I was checking the Spring Blog today to see what was new after taking much of the week off. I came upon the following entry. Of course I was very interested as Spring Security 4.0 has been hyped for a few months now so I figured I would check out the migration guide from 3.2 to see what will be involved for us to upgrade. I found this is the new feature section. They have added a feature which will now automatically prepend ROLE_ to any roles you use in Spring security if your role doesn’t start with that. So if you have a role called ROLE_USER for a standard user you can now just say @PreAuthorize(“hasRole(‘USER’)”).

I ended up having to miss the JHipster webinar last week as I was invited by my company to attend the Datastax DS220: Data Modeling with Datastax Enterprise class on Monday and Tuesday. The company came out and taught the class onsite. The instructor was Andrew Lenards and he did a great job.

I have been using Cassandra for a little while, but I hadn’t done anything serious with it. The CQL query language is all at once a great blessing and a curse. On the upside it is immediately familiar so anyone who has done SQL work can get comfortable creating tables and executing queries quickly. On the downside it sort of abstracts a few things about the data store away from you and I think at a certain point for performance you sort of need to understand what is going on under the hood. This class gave us that. It starts out presenting a data model like you might see in relational databases and then you work through the ways you might model that data in Cassandra and the trade offs of different models (which questions you can ask, which fields are required to ask those questions, etc). One of the biggest things I was missing prior to the class was the whole concept of partitions vs rows and what the partition key is vs the collating keys. I had been using the data store like a SQL database so that my partitions always had at most one row. We did a lot of looking at instead what if we model the data so the partitions have many rows and what are the advantages and disadvantages of doing so. On day two we got very deep in the technical aspects of what was going on under the hood, how data was stored on disk and how to do things like estimate partition sizes. We were also able to ask a lot of questions specific to how we have been using Cassandra in our organization and what the limitations are going to be as we expand its usage to even more areas of our product.