Tips And Tricks Posts

October 20, 2014

Clean Your Virtual Desktop Day

“A national holiday specifically for cleaning! Be still my heart,” said the neat freak.

So, I didn’t really know how to start this blog post because my virtual desktop is pretty clean. I adhere to the school of thought, “a place for everything and everything in its place.” Does this make me a neat freak void of any creativity? More on that later.

With that being said, I started with a quick Google search for “de-cluttering your desktop.” I didn’t realize there would be so many articles on the subject. No surprise, Martha Stewart even posted an article about the topic full of words like “tidy,” “unholy mess,” and “. . . makes people cranky.”

Wait.

Come back.

We’re not going to talk about Martha’s how-to guide here. [This is SoftLayer—the only how-to guides posted here are about CSS.] I actually found some pretty cool ideas that I’d like to pass on to our readers in honor of the day.

I came across a tutorial on how to create a wallpaper for your desktop in which you “drop” your desktop icons into appropriate sections. The tutorial used Adobe Photoshop, but if you’re like me, Photoshop-illiterate, you can use PowerPoint (I find it so much easier, albeit limiting). Here’s a screen shot of my desktop.

For our more tech-savvy readers . . . download Fences®. It’s basically the same thing as the DIY version I described above, but it allows you to place your icons into resizable shaded areas on your desktop. Pretty cool!

Most people store files on their desktops because they think it makes it easier to find them, but sooner or later, your desktop gets overrun by these once easy-to-find files. If you want something that will keep your desktop free from any documents, install a launcher program. There are lots to choose from, including LaunchBar, Quicksilver, Launchy, or AutoHotkey. Once installed, the program is activated by a keystroke combination. When it opens, start typing the program, folder name, or file you want open. According to users, it’s faster than locating the icon on your desktop and double-clicking. Many users claim they don’t know how they lived without it for so long.

My last tip is similar to when your mom asks you to clean your room, and all you do is shove everything under your bed. Same thing here. Just hide all those icons.

  1. Right click on your desktop
  2. Select View
  3. Unselect Show your desktop icons

That’s right. Out of sight. Out of mind.

“If a cluttered desk is a sign of a cluttered mind, of what, then, is an empty desk a sign?”

I don’t know what Albert Einstein was implying when he said that, but I do know personally that a messy desk lowers my productivity. Does this lower my creativity too?

After reviewing a few different studies on whether or not clutter produces creativity or chaos, I have come to the conclusion that if you need to accomplish practical chores like paying bills or replying to emails, you need a clutter-free workspace to focus. If you need to be creative, clutter can distract you and let you think outside of the box.

Personally, I don’t think that a clean slate lowers my creativity because I can’t even begin to work if it is messy. But, some people thrive in chaos. Hey, whatever works.

Happy Cleaning/Cluttering!

-JRL

October 16, 2014

#T4 – Tips and Tricks–jQuery Select2

Who doesn’t like a walk down memory lane? In our #T4 series, SoftLayer brings back popular tech tip blog posts. #ThrowbackThursday #T4 #ThrowbackThursdayTechTips

Creating a drop-down menu? Here’s an abridged version of our Tips and Tricks – jQuery Select2 Plugin post from two years ago tomorrow!

Turn your drop-down menu from this:
Option Select

To this:

Pretty Option Select

  1. Download Select2 and upload it to your server.
  2. Add the jQuery library and scripts to the <head> of the page document:
  3. <script src="jquery.js" type="text/javascript"></script> 
    <script src="select2.js" type="text/javascript"></script>
  4. Add Select2's included style sheet:
  5. <link href="select2.css" rel="stylesheet"/>

  6. Before closing the <head> tag, invoke the Select2 function:
  7. <script>
    $(document).ready(function() { $("#selectPretty").select2(); });
    </script>
  8. Then add the #selectPretty ID to the select element you want to improve:
    <select id="selectPretty">
    <option value="Option1">Option 1</option>
    <option value="Option2">Option 2</option>
    <option value="Option3">Option 3</option>
    <option value="Option4">Option 4</option>
    </select>

For questions, comments, or just feel like chatting, contact us at social@softlayer.com.

-Cassandra

September 24, 2014

HTML5 – Back to Basics with a Strong Foundation Pt. 1

If you guys have read any of my other blogs, I’m sure you’ll notice a pattern: rather than discussing opinions or news of new technologies, more often than not, I like to write more in the form of tutorials and hands-on exercises that demonstrate either fundamentals or new tips and tricks that I have learned.

In this blog, I’d like to discuss HTML5. I know, I know, it’s not exactly a subject that’s brand new. However, with as many HTML5 implementations as there are out there, and throughout many discussions, I’ve realized that many of the most talented Web developers have had to return to the basics of HTML5 features and techniques in order to redesign projects the same way they developed them.

Simply put: If we forget what we’ve done and scripted for over two decades with previous HTML versions and return to the basics, we can re-learn a new foundation that is sure to make us stronger developers and smarter engineers.

I. Declaration of Independence … or at least a declaration you don’t have to spend hours memorizing!

One of the most raved about features of HTML5 (and yet one of the simplest new features) is the new Doctype. How many of you had to Google the standard Doctype every single time you started a new project? Or perhaps you kept the tag in a code bin for easy copy/pasting? Well, no more!

The old (4 and below) way:

<!DOCTYPE HTML PUBLIC “=//W3C//DTD HTML 4.01//EN”
http://www.w3.org/TR/html4/strict.dtd>

Of course the actual strict/transitional or html/xhtml would vary depending on your page, but they pretty much worked the same way.

The new HTML5 way:

<!DOCTYPE html>

Done. I know it seems like such a simple thing, but returning to the foundation of what we learned so many years ago and re-learning them in the new HTML5 way will not only strengthen our sites, but it will also build a brand new foundation of flexibility and efficiency. Technology evolves at such a rapid pace that if we don’t keep up, we’re going to be left chasing the wagon of the future.

II. Editable content WITHOUT JavaScript!

HTML5 has added so many advanced features that our need for jQuery can be cut by nearly a third (depending on our requirements of course), which in turn greatly reduces the overhead of the browser’s need to process a ton of jQuery functions. If we utilize just a few of HTML5’s awesome new jQuery-like features, we can speed up our site and keep our .js scripts smaller!

Just for giggles (if you’re not familiar with HTML5’s editable content), give this a try:

<!DOCTYPE html>
 <html>
<head>
    <title>SLayer’s Awesome List</title>
</head>
<body>
    <h1> SLayer’s 5 Most Awesome Bloggers </h1>
        <ul contenteditable=”true”>
            <li>Steve Kinman</li>
            <li>Kevin Hazard</li>
            <li>Gary Kinman</li>
            <li>Matthew Herring</li>
            <li>Mark Quigley</li>
        </ul>
</body>
</html>

Put that into an .html file, and open it up in your favorite browser. You’ll see what should look like this:

A simple list of course. In the years of your career I’m sure you’ve made tens of thousands of these. What’s cool about this list, if you’re not familiar with all of HTML5’s neat little tricks, is that this list is editable. Go ahead and try clicking on the list item and replace the names; even add your own name!

As you can see, I didn’t have the heart to remove any of our most frequent bloggers, so I just appended my name to Mark Quigley (of course, that’s not my true SoftLayer Blog ranking, but one day soon … it shall be!)
This feature may not save the user’s edits, but if you add in some nifty HTML5 storage abilities (local or session), you could have yourself a pretty robust application!

III. Beautiful placeholders to hold a place for my heart.

One of my biggest gripes every time I’d either design or program a user interface (registration, account functionality) was the fact that I would have to integrate a jQuery function just to add a little bit of extra help with the text boxes. Placeholders never worked as they should. Sometimes we just didn’t have enough real estate on the page for the amount of instruction as we needed, which meant another placeholder maker for jQuery.

HTML5 now comes equipped with beautiful support for placeholder text (well, I suppose it depends on your POV on designing/developing forms. If you do it as much as I do, the new placeholders are the holy grail of usable forms!). A very simple preview of what HTML form life was like before HTML5 (without the jQuery function to add text to just one input box):

The fact is: Sometimes we don’t always have the real estate that we would like to provide the user enough instructions to clarify what needs to be done!

This simple form could end up being very confusing for the user. It’s so simple, yet there are several ways to enter a phone number, and depending on the backend, it may only accept one format.

Let’s add a placeholder to that textbox and clear things up:

<input placeholder="(555) 555-5555" type="text" name="phone" id="phone" />

Just by adding the simple placeholder attribute, we have now cleared up exactly what format we need the phone number! Now let’s have a look:

It’s funny how a simple, light-colored demonstration of acceptable input can really beautify a form and increase usability. With the placeholder attribute in place in this example, I’m not even sure it’s necessary to have the instruction text on the right, as we can clearly see we need 10 digits, with parenthesis and dashes.

Well my friends, looking at the word count of this document, it looks like this blog is coming to a close, and I’ve only gone over three of my favorite foundational features of HTML5, so you know what that means … Part 2!

-Cassandra

September 16, 2014

CSS3 Tips and Tricks – Generated Content Without jQuery

If you guys have read any of my past blogs, you know how much I LOVE jQuery, but every good developer knows that if there’s an easier or more efficient way of doing something: DO IT. With all the new developments with CSS3, HTML5, etc. etc., sometimes we have to get back to basics to relearn how to do things more efficiently, so here it goes!

Nearly every website has some form of 2.0/dynamic/generated content nowadays, and if your site doesn’t… well, it probably should catch up! I’ll show you how with some new CSS tricks and how it can reduce a lot of overhead of including the entire jQuery library (which would save you approximately 84kb per page load, assuming you have no other asynchronous/client side functionality you need).

I’ll start off with an easy example, since I know most of you take these examples and let your creativity run wild for your own projects. (Note to self: start a “Code Gone Wild” series.)

Usually this is the part where I say “First, let’s include the jQuery library as always.” Not this time, let’s break the rules!

FIRST, start off your document like any other (with the basic structure, set your DOCTYPE appropriately, i.e. strict vs transitional):

<!DOCTYPE html>
<html>
<head>
</head>
<body>
</body>
</html>

Wow, you can already tell this generated content’s going to be a TON easier than using jQuery (for those of you whom aren’t already jQuery fans).

Now let’s add in a div there; every time we hover over that div, we’re going to display our generated content with CSS. Inside of our div, we’re going to place a simple span, like so:

<!DOCTYPE html>
<html>
<head>
</head>
<body>
     <div class=”slisawesome”>
          <span data-title="Hello Cassandra!">What’s my name?</span>
     </div>
</body>
</html>

As you can see, the span content contains a simple question and the data-title attribute contains the answer to that question.

Now let’s just make this div a little bit prettier before we get into the fancy stuff.

Add some style to the <head> section of our document:

<style>
     .slisawesome  {
          /* Will TOTALLY be making another blog about the cool CSS gradients soon */
          background:linear-gradient(to bottom, #8dd2d9 , #58c0c7);
          padding: 20px;  /* give the box some room to breathe */
          width: 125px;  /* give it a fixed width since we know how wide it should be  */
          margin: 100px auto;  /* move it away from the top of the screen AND center it */
          border: 1px solid black;  /* this is just a little border */
          position: relative;  /* this is to help with our generated content positioning */
     }
</style>

Now you should have something that looks like this:

This is good; this is what you should have. Now let’s make the magic happen and add the rest of our CSS3:

<style>
     .slisawesome  {
          /* Will TOTALLY be making another blog about the cool CSS gradients soon */
          background:linear-gradient(to bottom, #8dd2d9 , #58c0c7);
          padding: 20px;  /* give the box some room to breathe */
          width: 125px;  /* give it a fixed width since we know how wide it should be  */
          margin: 100px auto;  /* move it away from the top of the screen AND center it */
          border: 1px solid black;  /* this is just a little border */
          position: relative;  /* this is to help with our generated content positioning */
     }
     .slisawesome span::before {
          content:attr(data-title); /* assigning the data-title attribute value to the content */
          opacity: 0; /* hiding data-title until we hover over it */
          position: absolute; /* positioning our data-title content */
          margin-top: 50px; /* putting more space between our question and answer */
 
          /* Fancy transitions for our data-title when we hover over our question */
          /* which I’m TOTALLY going to write another blog for ;) If you guys want, of course */
          -webkit-transition:opacity 0.4s; /* determines the speed of the transition */
          transition:opacity 0.4s; /* determines the speed of the transition */
     }
</style>

Now, right now, your page should still look like this:

That’s okay! We still have ONE more step to go:

<style>
     .slisawesome  {
          /* Will TOTALLY be making another blog about the cool CSS gradients soon */
          background:linear-gradient(to bottom, #8dd2d9 , #58c0c7);
          padding: 20px;  /* give the box some room to breathe */
          width: 125px;  /* give it a fixed width since we know how wide it should be  */
          margin: 100px auto;  /* move it away from the top of the screen AND center it */
          border: 1px solid black;  /* this is just a little border */
          position: relative;  /* this is to help with our generated content positioning */
     }
     .slisawesome span::before {
          content:attr(data-title); /* assigning the data-title attribute value to the content */
          opacity: 0; /* hiding data-title until we hover over it */
          position: absolute; /* positioning our data-title content */
          margin-top: 50px; /* putting more space between our question and answer */
 
          /* Fancy transitions for our data-title when we hover over our question */
          /* which I’m TOTALLY going to write another blog for ;) If you guys want, of course */
          -webkit-transition:opacity 0.4s; /* determines the speed of the transition */
          transition:opacity 0.4s; /* determines the speed of the transition */
     }
     /* Drum Roll --------- Here’s our hover magic */
     .slisawesome span:hover::before{
          opacity:1;
     }
     /* Okay… that was a little anticlimactic… losing cool points */
</style>

Despite my anticlimactic adding of “the magic,” we just added a :hover that will show full opacity when we hover, so refresh your page and try it out! You should see something like this when you hover over THE QUESTION:

Of course you could REALLY start getting fancy with this by adding some php variables for the logged in user, or perhaps make it dynamic to location, time, etc. The possibilities are endless, so go… go and expand on this awesome generated content technique!

-Cassandra

September 9, 2014

Building a Secure Cloud-based Solution: Part I

When you begin a household project, you must first understand what you will need to complete the task. Before you begin, you check your basement or garage to make sure you have the tools to do the work. Building a secure cloud-based solution requires similar planning. You’re in luck—SoftLayer has all the tools needed, including a rapidly maturing set of security products and services to help you build, deploy, and manage your cloud solution. Over the next couple of months, we will take a look at how businesses leverage cloud technologies to deliver new value to their employees and customers, and we’ll discuss how SoftLayer provides the tools necessary to deliver your solutions securely.

Hurricane plan of action: Water: Check. Food: Check. Cloud: Check?

Let’s set the scene here: A hurricane is set to make landfall on the United States’ Gulf Coast, and the IT team at an insurance company must elastically scale its new claim application to accommodate the customers and field agents who will need it in the storm’s aftermath. The team needs to fulfill short-term computing needs and long-term hosting of additional images from the claims application, thereby creating a hybrid cloud environment. The insurance company’s IT staff meet to discuss their security requirements, and together, they identify several high-level needs:

  1. Provide secure connectivity, authentication, access control, and audit capabilities for IT administrators and users.

    SoftLayer provides VPNs, multifactor authentication, audit control logs, API keys, and fine-grained access control. This allows insurance agents to securely access claim forms and supporting documentation and connect to the application via https, using the wide range of SSL certificates (Symantec, Geotrust, and more). Plus, agents can authenticate using identity and access management solutions such as IWS Go Cloud ID and IBM Security Access Manager.
  2. Ensure that stringent data security measures are enforced.

    Data cannot be shifted across borders, and data at rest or in use must be encrypted. SoftLayer leaves data where customers place it, and will never transfer customers’ data. IBM Cloud Marketplace partners like Vormetric offer encryption solutions to ensure sensitive data-at-rest is not stored in clear text, and that customers maintain complete control of the encryption keys. Additionally, the IT team in our example would have the ability to encrypt all sensitive PHI data in database using data-in-use solutions from Eperi.
  3. Ensure multi-layered security for network zone segmentation.

    Users and administrators in the confidential area of insurance need confidence that their network is securely partitioned. SoftLayer native and vendor solutions such as SoftLayer VLANs, Vyatta Gateway, Fortigate firewall, and Citrix Netscaler allow administrators to securely partition a network, creating segmentation according to organizational needs, and providing the routing and filtering needed to isolate users, workloads, and domains.
  4. Enforce host security using anti-virus software, host intrusion prevention systems, and other solutions.

    The IT team can apply best-of-breed third-party solutions, such as Nessus Vulnerability Scanner, McAfee Antivirus, and McAfee Host Intrusion Protection. These capabilities give administrators the means to ensure that infrastructure is protected from malware and other host attacks, enhancing both system availability and performance.
  5. Define and enforce security policies for the hybrid cloud environment, and audit any policy changes.

    Administrators can manage overall policies for the combined public-private environment using IBM solutions like QRadar, Hosted Security Event and Log Management Service, and xForce Threat Analysis Service. Admins can use solutions from vendors like CloudPassage, Sumo Logic, and ObserveIT to automatically define policies around firewall rules, file integrity, security configuration, and access control, and to audit adherence to such policies.

The insurance company’s IT department already knew from SoftLayer’s reputation that it is one of the highest performing cloud infrastructures available, with a wide range of integrated and automated cloud computing options, all through a private network and advanced management system, but now it knows from experience that SoftLayer offers the security solutions needed to get the job done.

When business needs spike and companies need additional capacity, SoftLayer delivers quickly and securely. Stay tuned for Part 2 where we will talk secure development and test activities.

- Rick Hamilton, IBM Cloud Offering Evangelist

September 4, 2014

Keeping your private parts private.

Even with the knowledge that images can live on forever to haunt you, people continue to snap self-portraits in compromising positions (it’s your prerogative). Heck, before smart phones came along, people were using Polaroids to capture the moment. And, if history teaches us anything, people will continue the trend—instead of a smart phone, it’ll be a holodeck (a la Star Trek). Ugh, can you imagine that?

The recent high-profile hack of nude celebrity photos came from private phones. They weren’t posted to Facebook or Instagram. These celebrities didn’t hashtag.

#birthdaysuit #emperorsnewclothes #whoneedsdesignerthreads #shegotitfromhermama

Their sensitive data was compromised.

After speculation the hack stemmed from an iCloud® security vulnerability, Apple released a statement saying, “We have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet.” The cloud platform was secure. The users’ security credentials weren’t.

These were private photos intended for private use, so how did they get out there? How can you protect your data; your images; your privacy?

You’ve heard it once; twice; probably every time you create a new account online (and in this day in age, we all have dozens of user accounts online):

  1. Use a strong password. This SoftLayer Blog is an oldie but a goodie where the author gives the top three ways to make a password: 1) use a random generator like random.org; 2) use numbers in place of letters—for example, “minivan” becomes “m1n1v4n”; 3) write your passwords down in plain sight using “Hippocampy Encryption” (named in honor of the part of the brain that does memory type activities). Or take the XKCD approach to password security.
  2. And for heaven’s sake, don’t use the same password for every account. If you duplicate usernames and passwords across sites, a hacker just needs to access one account, and he or she will be able to get into all of your accounts!
  3. Craft little-known answers to security questions. Don’t post a childhood photo of you and your dog on Facebook with the description, “Max, the best pup ever” and then use Max as a security validation answer for “What’s the name of your favorite pet?” It’s like you’re giving the hackers the biggest hint ever.
  4. If available, use a two-factor authentication security enhancement. The government (FISMA), banks (PCI) and the healthcare industry are huge proponents of two-factor authentication—a security measure that requires two different kinds of evidence to prove that you are who you say you are and that you should have access to what you're trying to access. Read our blog or KnowledgeLayer Article for more details.
  5. Remember passwords are like underwear—don’t share them with friends and change them often. When it comes to passwords, at least once a year should suffice. For underwear, we recommend changing more regularly.

We won’t tell you what to do with your sensitive selfies. But do yourself a favor, and be smart about protecting them.

-JRL

June 5, 2014

Sysadmin Tips and Tricks - Understanding the 'Default Deny' Server Security Principle

In the desktop world, people tend to feel good about their system’s security when they have the latest anti-virus and anti-spyware installed and keep their applications up-to-date. Those of us who compute for a living know that this is nothing close to resembling a “secure” state. But it’s the best option for non-technical people at this time.

Servers, on the other hand, exist in a more hostile environment than desktop machines, which is why keeping them secure requires skilled professionals. This means not only doing things like keeping applications patched and up-to-date, but also grasping the underlying principles of system security. Doing that allows us to make informed and skillful decisions for our unique systems—because no one knows our servers as well as we do.

One very powerful concept is “Default Deny” (as in Deny by Default), by which means that "Everything, not explicitly permitted, is forbidden." What does this mean, and why is it important?

Let’s look at a simple example using file permissions. Let’s say you installed a CGI (Common Gateway Interface) application, such as some blog software, and you’re having trouble getting it to work. You’ve decided the problem is the permissions on the configuration file. In this case, user “rasto” is the owner of the file. You try chmodding it 755 and it works like this:

-rwxr-xr-x 1 rasto rasto 216 May 27 16:11 configuration.ini

Now that it works, you’re ready to move to your next project. But there’s a possible security problem here. As you can see, you have left the configuration file Readable and Executable by Other. There is almost certainly no reason for that because CGI scripts are typically run as the owner of the file. There is potentially no reason for users of the same group (or other random users of the system) to be able to Read this configuration file. After all, some configuration files contain database passwords. If I have access to another user on this system, I could simply “cat” the configuration file and get trivial access to your data!

So the trick is to find the least permissions required to run this script. With a little work, you may discover that it runs just fine with 700:

-rwx------ 1 rasto rasto 216 May 27 16:11 configuration.ini

By taking a little extra time, you have made your system much more secure. “Default Deny” means deny everything that is not explicitly required. The beautiful thing about this policy is that you can remove vulnerabilities that you neither comprehend nor even know about. Instead of making a list of “bad” things you essentially make a list of “good” things, and allow only those things to happen. You don’t even have to realize that someone could read the file because you’ve made it a policy to always allow the least amount of access possible to all things.

Another example might be to prune your php.ini to get rid of any expanded capabilities not required by PHP scripts running on your system. If a zero-day vulnerability arises in PHP that affects one of the things you’ve disallowed, it simply won’t affect you because you’ve disabled it by default.

Another scenario might be to remove packages from your system that are not being used. If someone tries to inject some Ruby code into your system, it won’t run without Ruby present. If you’re not using it, get rid of it, and it can’t be used against you.

Note: It’s very easy to be wrong about what is not being used on your system—you can definitely break things this way—I suggest a go-slow approach, particularly in regards to built-in packages.

The important thing is the concept. I hope you can see now why a Default Deny policy is a powerful tool to help keep your system more secure.

-Lee

June 3, 2014

My 5 Favorite Sublime Text 2 Plugins

I can’t believe that is was only a mere year ago since I learned of Sublime Text 2. I know, I know … where have I been? What kind of developer was I that I didn’t even know of Sublime Text? I’ll take the criticism, as I can honestly say it has been the best text editor I have ever used.

It’s extremely fast. I rarely wait for saves, uploads, or syntax highlighting, it keeps up with everything I do and allows me to develop directly from the keyboard. I hardly ever reach for my mouse!

It looks awesome. It has kind of retro-look for those developers who remember coding purely from the terminal or DOS. It really brings back memories.

It can be extended. Need some extra functionality that doesn’t come out-of-the-box? Sublime Text 2 has a range of available plugins that you can install to enhance your capabilities with this awesome text editor. In this blog, I’ll cover my top five favorite plugins of all time, what they do, and why they’re great!

1. BracketHighlighter

Many people believe that bracket highlighting should be a ready-made helper for developers of all languages. I agree on this point, however, at least Sublime Text 2 provides a plugin for this. It’s a very simple addition; it allows you to see if your opening brackets have an accompanying closing bracket. Many developers will tell you stories of these large and complex programs that consumed much of their time as they searched for one simple error … only to find that it was just a missing closing bracket.

In addition, it highlights opening and closing tags and quotes, for those of you who do a lot of HTML/XHTML, both bracket and tag settings are customizable.

For more details on the plugin check out the BracketHighlighter GitHub page.

2. DocBlockr

This is a neat plugin that speeds up and simplifies documentation. It supports PHP, Javascript, Java, Action Script, Objective C, C, C++, and Coffee Script.

By typing this:

/** (Press Enter)

The plugin automatically returns this:

/**
*
*/

Boom, the quickest way to document that I’ve ever seen.

In order to document your functions, just put it in your comment:

/** (Press Enter)
function myFunction(var1, var2) { }

And, it'll become:

/**
*[myFunction description]
* @param {[type]} var1 [description]
* @param {[type]} var2 [description]
* @param {[type]}
*/

function myFunction (var1, var2) { }

When you want to do variable documentation, the structure is similar:

/** (Press Enter)
myVar = 10

The plugin will fill out the documentation block like this:

/**
*[myVar description]
* @type {Number}
*/

Tell me that this isn’t nifty! If you want to try it out or just get a closer look at this plugin, head here.

3. Emmet (previously known as Zen Coding)

Unfortunately, I encountered some oddities when I tried to install Emmet with SublimeLinter, so I decided to disable the Linter in favor of Emmet to give it a spin. I absolutely love Emmet.

It provides a much more efficient way to code by providing what they call “abbreviations.” For example, if I want to create a div with an unordered list and one bullet point in it, Emmet lets me save myself a lot of time ... I can type this into Sublime:

div>ul>li

And press Control+E, and my code automatically turns into this:

<div>
    <ul>
        <li></li>
    </ul>
</div>

If I need to add multiple <li> tags, I can easily replicate them with a small addition:

div>ul>li*3

When I hit Control+E, voila! The unordered list structure is quickly generated:

<div>
    <ul>
        <li></li> 
        <li></li>
        <li></li>
    </ul>
</div>

That's just the tip of the iceberg when it comes to Emmet's functionality, and if you’re as impressed as I am, you should check out their site: http://docs.emmet.io/

4. SFTP

I think the title of the plugin says it all. It allows you to directly connect to your server and sync projects and files just by saving. You will never have to edit a file in a text editor, open your FTP client and upload the file again. Now, you can do it directly from Sublime Text 2.

When used in conjunction with Projects, you’ll find that you can easily save hours of time spent on remote uploading. By far, SFTP for Sublime Projects is one of the most essential plugins you’ll need for any project!

5. SideBarEnhancements

This is a small plugin that makes minor adjustments to the Files and Folders sidebar, providing a more intuitive interface. Though this doesn’t add much functionality, it can definitely speed things up. Take a look at the plugin on the SideBarEnhancements GitHub page

I hope this list of Sublime Text 2 plugins will enhance your capabilities and ease up your processes, as it has done for me. Give them a try and let me know what you think. Also, if you have a different favorite plugin, I’d love to hear about it.

-Cassandra

May 8, 2014

SoftLayer Security: Questions and Answers

When I talk to IBM Business Partners about SoftLayer, one of the most important topics of discussion is security. We ask businesses to trust SoftLayer with their business-critical data, so it’s important that SoftLayer’s physical and network security is as transparent and understandable as possible.

After going through the notes I’ve taken in many of these client meetings, I pulled out the ten most frequently asked questions about security, and I’ve compiled answers.

Q1: How is SoftLayer secured? What security measures does SoftLayer have in place to ensure my workloads are safe?

A: This “big picture” question is the most common security-related question I’ve heard. SoftLayer’s approach to security involves several distinct layers, so it’s tough to generalize every aspect in a single response. Here are some of the highlights:

  • SoftLayer’s security management is aligned with U.S. government standards based on NIST 800-53 framework, a catalog of security and privacy controls defined for U.S. federal government information systems. SoftLayer maintains SOC 2 Type II reporting compliance for every data center. SOC 2 reports are audits against controls covering security, availability, and process integrity. SoftLayer’s data centers are also monitored 24x7 for both network and on-site security.
  • Security is maintained through automation (less likely for human error) and audit controls. Server room access is limited to authorized employees only, and every location is protected against physical intrusion.
  • Customers can create a multi-layer security architecture to suit their needs. SoftLayer offers several on-demand server and network security devices, such as firewalls and gateway appliances.
  • SoftLayer integrates three distinct network topologies for each physical or virtual server and offers security solutions for systems, applications, and data as well. Each customer has one or many VLANs in each data center facility, and only users and servers the customer authorizes can access servers in those VLANs.
  • SoftLayer offers single-tenant resources, so customers have complete control and transparency into their servers.

Q2: Does SoftLayer destroy my data when I’ve de-provisioned a compute resource?

A: Yes. When a customer cancels any physical or virtual server, all data is erased using Department of Defense (DoD) 5220.22-m standards.

Q3: How does SoftLayer protect my servers against distributed denial of service (DDoS) attacks?

A: A SoftLayer Network Operations Center (NOC) team monitors network performance and security 24x7. Automated DDoS mitigation controls are in place should a DDoS attack occur.

It’s important to clarify here that the primary objective of this DDoS mitigation is to maintain performance integrity of the overall cloud infrastructure. With that in mind, SoftLayer can’t stop a customer from being attacked, but it can shield the customer (and any other customers in the same network) from the effects of the attack. If necessary, SoftLayer will remove the target from the public network for periods of time and null-routes incoming connections. Because of SoftLayer’s three-tiered network architecture, a customer would still have access to the targeted system via the private network.

Q4: How is communication segmented from other tenants using SoftLayer?

A: SoftLayer utilizes industry standard VLANs and switch access control lists (ACLs) to segment customer environments. Customers have the ability to add and manage their own VLANs, providing additional security even inside their own accounts. ACLs are configured to permit or deny any specified network packet (data) to be directed along a switch.

Q5: How is my data kept private? How can I confirm that SoftLayer can’t read my confidential data?

A: This question is common customers who deal with sensitive workloads such as HIPAA-protected documentation, employee records, case files, and so on.

SoftLayer customers are encouraged to deploy a gateway device (e.g. Vyatta appliance) on which they can configure encryption protocols. Because the gateway device is the first hop into SoftLayer’s network, it provides an encrypted tunnel to traverse the VLANs that reside on SoftLayer. When securing compute and storage resources, customers can deploy single tenant dedicated storage devices to establish isolated workloads, and they can even encrypt their hard drives from the OS level to protect data at rest. Encrypting the hard drive helps safeguard data even if SoftLayer were to replace a drive or something similar.

Q6: Does SoftLayer track and log customer environments?

A: Yes. SoftLayer audits and tracks all user activity in our customer portal. Some examples of what is tracked include:

  • User access, both failed and authenticated attempts (destination IP is shown on a report)
  • Compute resources users deploy or cancel
  • APIs for each call (who called the API, the API call and function, etc.)
  • Intrusion Protection and Detection services that observe traffic to customer hosts
  • Additionally, customers have root access to operating systems on their servers, so they can implement additional logging of their own.

Q7: Can I disable access to some of my users through the customer portal?

A: Yes. SoftLayer has very granular ACLs. User entitlements are segmented into different categories, including Support, Security, and Hardware. SoftLayer also gives customers the ability to limit access to public and private networks. Customers can even limit user access to specific bare metal or virtual server.

Q8: Does SoftLayer patch my operating system?

A: For unmanaged cloud servers, no. Once the updated operating system is deployed on a customer’s server, SoftLayer doesn’t touch it.

If you want help with that hands-on server administration, SoftLayer offers managed hosting. In a managed hosting environment, Technical Account Managers (TAMs) are assigned as focal points for customer requests and issues. TAMs help with reports and trending data that provide recommendations to mitigate potential issues (including OS patching).

Q9: Is SoftLayer suited to run HIPAA workloads?

A: Yes. SoftLayer has a number of customers running HIPAA workloads on both bare metal and single-tenant virtual servers. A Business Associate Agreement (BAA), signed by SoftLayer and the customers, clearly define the shared responsibilities for data security: SoftLayer is solely responsible for the security of the physical data center, along with the SoftLayer-provided infrastructure.

Q10: Can SoftLayer run government workloads? Does SoftLayer use the FISMA standards?

A: The Federal Information Security Management Act (FISMA) defines a framework for managing information security that must be followed for all federal information systems. Some state institutions don’t require FISMA, but look to cloud hosting companies to be aligned to the FIMSA guidelines.

Today, two SoftLayer data centers are audited to the FISMA standards – Dallas (DAL05) and Washington, D.C. (WDC01). Customers looking for the FISMA standard can deploy their workloads in those data centers. Future plans include having data centers that comply with more stringent FedRAMP requests.

For additional information, I highly recommend the on-demand SoftLayer Fundamentals session, “Keep safe – securing your SoftLayer virtual instance.” Also, check out Allan Tate’s Thoughts on Cloud blog, “HIPAA and cloud computing: What you need to know” for more on how SoftLayer handles HIPPA-related workloads.

-Darrel Haswell

Darrel Haswell is a Worldwide Channel Solutions Architect for SoftLayer, an IBM Company.

May 2, 2014

Keyboard Shortcuts in the SoftLayer Customer Portal

I’m excited to introduce a new feature in the SoftLayer customer portal: Keyboard shortcuts!

Keyboard shortcuts give you quick access to the most commonly used features by simply typing a few characters. For those who prefer never having to reach for the mouse to navigate an application, you should find these handy additions quite helpful.

After you log into the Customer Portal, type “?” (shift + forward slash) on any page, and you'll see a full list of available keyboard shortcuts:

Keyboard Shortcuts

On the Keyboard Shortcuts help page, you have the option to enable or disable the functionality based on your preference. Keyboard shortcuts are enabled by default. Disabling this feature will turn off all keyboard shortcuts except the “?” shortcut so that you can access the enable/disable feature preference in the future if you change your mind. This preference is stored in a cookie in your browser, so changing computers or deleting your cookie will re-enable the feature.

The shortcuts are grouped into three sets: Global, Tabs, and Grids.

Keyboard Shortcuts

Global Navigation

You have the ability to navigate to any page in our application by typing in the respective position number in the menu combined with dashes (-). For example, typing 1-5-2 will open Support (1) > Help (5) > Portal Tour (2).

Use the “go to” key combinations to jump to a new location from anywhere in the portal. For example, type (g) and (d) to visit the Device List. Typing (g) and (u) allows you to access the list of portal users, and (g) and (t) takes you to view tickets. If you want to add a new ticket from anywhere in the portal, type (+) and (t). It’s that simple.

Keyboard Shortcuts

Tabs

Many of the pages within the portal have tabs that appear just above the main content of the page. These tabs often allow content to be filtered, or provide access to additional features related to the page topic. Each tab can be accessed by using a simple two-keystroke combination, such as (t) then (f) to reveal the Filter tab on the page.

Keyboard Shortcuts

Grids

Whenever a page contains a grid — a tabular listing — you can now perform common operations from the keyboard. Jump quickly from page to page (first/last or next/previous) or refresh the grid contents with a single keystroke.

Keyboard Shortcuts

Please give this new feature a try for yourself! We welcome your feedback. Please let us know if you would like to have us implement any other keyboard shortcuts in the future.

-Daniel

Subscribe to tips-and-tricks