David Roddick

Before you can start testing a Web App’s security, it’s a good idea to first learn more about what the Web App is, how it functions, what a normal user can do with it and importantly, how it’s built. It’s no good trying to run an exploit built for a PHP application if your target is written in Java. Enumeration is one of the first steps you’ll conduct when assessing the security of a Web Application and is essentially a process of trying to understand the application you’re working with. [Read More]

I was hired as a contractor in early 2017 for some web development work. At the time, the company I was contracted to were experiencing extreme performance issues with their AWS environment. They were having to reboot their primary RDS every Monday morning to prevent it collapsing under load. Websites were very slow, often into the minute or more load times. Content managers were unable to access the CMS, website visitors couldn’t access the front end, and any increase in traffic could crash the entire server(s). [Read More]

I’m a big fan of stuff that’s cool. And ElasticSearch is really cool… I’m not going to explain ElasticSearch in any detail, that’s not my job, other better people have already done that. But I am going to discuss my experience working with ElasticSearch and WordPress on a couple of recent projects. Earlier this year I started working on an analytics platform. It’s still in very experimental stages (meaning I have no idea what I’m building), but we have lots of data in multiple locations and we needed a central way to process and understand it. [Read More]

Shopify is a well known eCommerce platform, and web searches for data migrations either to or from Shopify are pretty easy to find. What I couldn’t find was an explanation on specifically migrating blog articles from Shopify into WordPress. I recently had a client who ran a Shopify store that only sold one product, a magazine, while the rest of the store was dedicated to the blog content. The business wanted to expand the content strategy and build the subscriber database, so, while migrating platforms wasn’t my first choice, it made sense in the long run as we have more flexibility and control with WordPress. [Read More]