This is a simple script to check whether URLs are reachable over HTTP(S). This comes in handy for example when a project has many different (secondary) domains that redirect to the main domain.
#!/bin/bash
urls=(
"http://domain1.com",
"https://domain1.com",
"http://domain2.com",
"https://domain2.com",
"...",
)
# remove commas
for i in "${!urls[@]}"; do
urls[$i]=${urls[$i]//,}
done
#for i in "${!urls[@]}"; do
# echo "$i"
# echo "${urls[$i]}"
#done
#exit 0
for i in "${!urls[@]}"; do
echo "Checking status of ${urls[$i]}"
code=`curl -sL --connect-timeout 20 --max-time 30 -w "%{http_code}\\n" "${urls[$i]}" -o /dev/null`
echo "Found code $code for '${urls[$i]}'"
if [ "$code" = "200" ]; then
echo "Website '${urls[$i]}' is online."
online=true
sleep 3
else
echo "Website '${urls[$i]}' seems to be offline. Waiting $timeout seconds."
echo "Monitor finished with failures, at least one website appears to be unreachable."
exit 1
fi
done
echo "Monitor finished, all good."
exit 0
You can log into Google services like Google Drive or Google Photos with your existing your.name@your-business.com or your.name@gmx.de email address.
Some context: A Google Account and a gmail address are not the same thing. A Google Account is required to log into Google services such as gmail, google drive, youtube, etc. Login with Google even lets you use your Google Account (instead of a username and password) to log into third-party services that support it.
Note: When you create a gmail address a Google Account is automagically created with it.
Google lets you create a Google Account for any email address, specifically for your work address.
Why does it matter?
Other people might want to add you to Google services. If you don’t have a Google Account on your work address, these people will see this error, here is an example from Google Analytics:
It’s recommended to use your official work address for Google (and other) services you use for work, instead of your private (or secondary) gmail address. This way, system administrators can identify individuals when looking at a list of authorized users which increases security for everybody at your company. Nobody knows who frank_82@gmail.com is, but everybody can recognize frank.mueller@yourcompany.com.
How? Here is how to create a Google Account with your non-gmail email address:
Finalize the registration providing the required information
If Google complains that there is already a Google Account for this email address, then please click on Sign in instead and sign in, use the Forgot password? link to recover your password if necessary.
Now your work email address (respectively the Google Account attached to it) can be used by other people to add you to Google Services, for example Google Analytics.
Luckily, with django we don’t have to worry about basic security at all. Here is a list of basic security stuff that django supports right out of the box.
Cross site scripting (XSS) protection
Cross site request forgery (CSRF) protection
Full CORS support
SQL injection protection
Clickjacking protection
SSL/HTTPS
Host header validation
Session security
On top of this we lock down production deployments as follows:
Set SECURE_HSTS_SECONDS. If your entire site is served only over SSL, you may want to consider setting a value and enabling HTTP Strict Transport Security. Be sure to read the documentation first; enabling HSTS carelessly can cause serious, irreversible problems.
SECURE_CONTENT_TYPE_NOSNIFF set to True, so your pages will not be served with an ‘x-content-type-options: nosniff’ header. You should consider enabling this header to prevent the browser from identifying content types incorrectly.
SECURE_BROWSER_XSS_FILTER set to True, so your pages will not be served with an ‘x-xss-protection: 1; mode=block’ header. You should consider enabling this header to activate the browser’s XSS filtering and help prevent XSS attacks.
SECURE_SSL_REDIRECT set to True. Unless your site should be available over both SSL and non-SSL connections, you may want to either set this setting True or configure a load balancer or reverse-proxy server to redirect all connections to HTTPS.
SESSION_COOKIE_SECURE set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.
Set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
DEBUG set to False in deployment.
X_FRAME_OPTIONS set to ‘DENY’. The default is ‘SAMEORIGIN’, but unless there is a good reason for your site to serve other parts of itself in a frame, you should change it to ‘DENY’.
Additional Security Features
django features a range of third-party open source modules that improve security, for example access logging and application firewalling: https://djangopackages.org/grids/g/security/
I was recently asked to compare the django ecosystem with the drupal ecosystem. Drupal is widely known as a huge open source CMS success with a massive community behind.
However looking at Google Trend to my biggest surprise I realized that this is not true in 2019 anymore. The django ecosystem is bigger and on top of that, growing in a sustainable way.
Django (red) vs Drupal (blue) – Since 2016 django has surpassed Drupal. Shockingly, the decline in the interest in the Drupal CMS ecosystem is sharp.
Google Trends 2019
It is my experience that most CMS come and go across the years. The django ecosystem appears to be much more robust than any CMS ecosystem because it doesnt just cover CMS functionality, as a web application framework it covers a much broader scope, with the django CMS package covering the CMS part.
As you can see here, Django is amongst the top three open source web technology ecosystems and it is on a continuous growth path:
Google Trends 2019
django CMS itself is much leaner than other CMS, as it sits on the shoulder of a giant: django – this makes it more long-living and much more maintainable than other CMS projects.
I hope I could give you some insights into the advantages of django + django CMS. Please let me know if you have any questions.
For more information about the technology stack, I’d also point you to the slightly technical articles I wrote about django and django cms.
Disclaimer: At what.digital django and django CMS is our main backend technology stack.
Would you like to contribute to this article? Please let me know. For example, do you think Google Trends is a good way to look at how future-proof a technology is?
Divio is the company that originally founded django CMS a couple of years ago and that still contributes to developing it further together with the rest of the django CMS community.
Divio is a professional, modern cloud hosting company specialized in hosting python / django / django CMS projects in a highly secure, performant and efficient way.
Divio relies on data centers in Europa and North America via Amazon Web Services (AWS) and in Switzerland – its hosting is fully scalable, meaning that we could host websites with Divio that would be used by hundreds of thousands of daily users.
Amongst Divio’s customers are small to large enterprises in Switzerland and across the globe including S&P Fortune 500 companies and global financial institutions.
Divio is headquartered in Zurich, close to Hardbrücke and has offices in New York City and Stockholm as well as a technical team distributed around the world to be able to respond to support requests around the clock (24/7).
At what.digital what we like about divio.com hosting is:
simplicity of the divio.com control panel to launch and maintain projects for our clients
very competitive pricing
simple backup
quick responses from their support staff
robust developer tools for django and django CMS projects
Secure: Django has built-in state-of-the-art security.
Efficient: Django has some of the best scaffolding tools to build web applications fast and efficiently (ORM including fully automated database migrations, admin interface, form generation, user authentication, management and permissions, REST API support, and much more). This means that applications can be developed quicker and more cost-efficiently, and the maintenance cost is lower in comparison with other web frameworks.
Popular: Django is very popular and has a huge community. Looking at Google Trends, Django emerges as a top-three web framework next to Spring and Laravel. Being so popular, Django has tons of well-maintained modules. These modules are well organized – check it out at https://djangopackages.org/.
By the way: Django also has very good Content Management (CMS) support via projects like Django CMS or wagtail.
Why Django CMS? Django CMS is a good choice for companies that depend on their website to drive business and generate user value.
For Editors and Marketing Managers: Django CMS empowers editors to select from custom-made page templates and content elements without any dependency on developers. Watch the video below:
django CMS is user friendly and has a very intuitive drag and drop interface. It’s built around the needs of multi-lingual publishing by default, not as an afterthought: all websites, pages and content can exist in multiple language versions
Modular Content Management. Editors can choose from…
content elements (plugins)
templates for a whole page
templates for just parts of a page (sections)
Full Multi-Language Support
Simple publishing process (draft / published)
Multi-Site Support (manage different sites with different domains in the same project)
Support for all aspects of SEO and Social Media cards / integrations
Full-fledged admin interface and site settings
different levels of permissions for editors
Full-text search
Undo / Redo / Revert to published version for editors
… and more
For Developers: Developers can use the full power of Django, a top-three open-source web framework which is also at the core of Django CMS, to build state-of-the-art applications (such as an online course booking tool) that integrate smoothly with the rest of the website. Moreover, developers can include CMS functionality in their applications, creating a perfect blend between application logic and manageable content.
The demo theme consists of standard components. It allows you to build your own page templates. Components include image sliders, text and images in one or multiple columns, tabbed content and much more.
First Steps: In Django CMS, all content can be edited right on the website itself. Append ?edit to the current URL and hit enter. Now you should see the admin bar where you can log in with the admin username and password that you received (or if already logged in, just hit the ‘Edit’ button). Then try double-clicking on a text anywhere on the page and an editor window will open.
The goal: What the app marketer would like to do: Prepare links with Google Analytics utm parameters that lead the user to the app (either via download & install through the app store or directly to the installed app) and then use these links in online marketing campaign across the board (email marketing, social media marketing, search engine marketing, display advertising, etc.)
The Solution (experimental): Firebase Dynamic Links
Dynamic Links work across app installs: if a user opens a Dynamic Link on iOS or Android and doesn’t have your app installed, the user can be prompted to install it; then, after installation, your app starts and can access the link.
…
When a user opens one of your Dynamic Links, if your app isn’t yet installed, the user is sent to the Play Store or App Store to install your app (unless you specify otherwise), and your app opens. You can then retrieve the link that was passed to your app and handle the deep link as appropriate for your app.
