4 Replies - 3134 Views - Last Post: 10 March 2014 - 07:39 PM

#1 thatnewdreamer  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 9
  • Joined: 02-January 14

Security for my future portfolio - am I being too paranoid?

Posted 10 March 2014 - 06:21 PM

This question isn't about any specific web hosting service, so I don't know for sure if it belongs here. Please move it if it doesn't.

By the end of April at the latest, I plan to have a small personal website up, which will be used as a portfolio to demonstrate my coding skills. Ever since being laid off last year, I've been on a plan to learn what I can about C# and Java, and refresh my brain on older languages I tout on my resume. I've finally gotten to the point where I have a couple tiny projects out on GitHub. However, I want to go bigger. Do more involved projects and maybe branch out into web apps.

However, I don't know the first thing about running a website from an administrative standpoint. I know some HTML/CSS/Javascript for creating pages, but don't know about hosting/maintenance. In analyzing this deficiency, I've figured out my biggest concern: security. This is just going to be a small site which shouldn't get much traffic; I only intend for employers to see it. However, I plan on building this site from the ground up (with no help from pre-made templates). I also plan to be use databases at this site, as well as put the link on my resume/LinkedIn profile when it's up. So, technically, anyone could see it. Bots and viruses too. Just like I don't know about being a web admin, I don't know much about security. My worry is that some virus is going to hit the site and be a hassle to clean up. I feel that all the other stuff about being a web admin I can learn on my own, but I'm really out in the woods on security. My question is: am I being too paranoid? Are things generally going to be secure if I just go with a reliable webhost? Or are there resources I should consult first?

Is This A Good Question/Topic? 0
  • +

Replies To: Security for my future portfolio - am I being too paranoid?

#2 no2pencil  Icon User is offline

  • Toubabo Koomi
  • member icon

Reputation: 5296
  • View blog
  • Posts: 27,178
  • Joined: 10-May 07

Re: Security for my future portfolio - am I being too paranoid?

Posted 10 March 2014 - 06:34 PM

View Postthatnewdreamer, on 10 March 2014 - 08:21 PM, said:

My question is: am I being too paranoid?

No. If your sight is hijacked due to sloppy security, or assuming 'this will never happen to me'... & traffic from your domain with your registered name (& therefor your legal name) creating a dirty paper trail all over the internet.

My suggestion is if you're going to put it online, you should be aware of potential vulnerabilities & prevent/fix them.
Was This Post Helpful? 0
  • +
  • -

#3 jon.kiparsky  Icon User is offline

  • Pancakes!
  • member icon


Reputation: 7726
  • View blog
  • Posts: 13,045
  • Joined: 19-March 11

Re: Security for my future portfolio - am I being too paranoid?

Posted 10 March 2014 - 06:35 PM

View Postthatnewdreamer, on 10 March 2014 - 08:21 PM, said:

However, I plan on building this site from the ground up (with no help from pre-made templates).


I worry about this - you may be shooting yourself in the foot here.
If you're concerned about security, don't try to reinvent all the wheels. For a start, you're just not going to do security better than the people who wrote the frameworks. Here's just one of the reasons for that: they have users, and you don't. That means that their mistakes will get discovered and fixed - yours, maybe, maybe not. Here's another reason: you're looking to do content, and they're looking to do frameworks. They're concentrating on getting that part right, and you're not. Well, unless you're interested in showing off how well you do at developing web frameworks that is.

A more important consideration: do you really think you're going to impress anyone by advertising yourself as a walking case of "Not Invented Here"? Most managers - the ones you'd want to work for, anyway - are going to see that and run a mile. You want to be the guy who can find round wheels and put them on the boss's cart, not the guy who sees a guy making carts and says "you know, you really ought to be in the wheel business".

This post has been edited by jon.kiparsky: 10 March 2014 - 06:36 PM

Was This Post Helpful? 0
  • +
  • -

#4 thatnewdreamer  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 9
  • Joined: 02-January 14

Re: Security for my future portfolio - am I being too paranoid?

Posted 10 March 2014 - 07:25 PM

Interesting. I never looked at it that way. My intention with the thing was not just to present the content (my projects), but to show web design skills as well. However, maybe working well with a well known and used framework/service can do that just as good as from scratch. Is there anything you would recommend? I just want to put up my projects, and maybe a web service people can demo in the future. I'd be fine with wordpress or something simple for the projects, but don't know how to handle the web service.
Was This Post Helpful? 0
  • +
  • -

#5 jon.kiparsky  Icon User is offline

  • Pancakes!
  • member icon


Reputation: 7726
  • View blog
  • Posts: 13,045
  • Joined: 19-March 11

Re: Security for my future portfolio - am I being too paranoid?

Posted 10 March 2014 - 07:39 PM

Depends what you want to show off, really. When you say "web design", I'm thinking mostly the visual presentation and the user experience part of it. If that's what you're concerned with, pick something that you like and make something cool using it. So you might want to show off your projects by writing them up in all their featureful glory, with screen shots and whatnot, and linking to the repositories on github so the employer can see what he really cares about. You can also provide download links and so forth - basically, make a website like any of a billion open-source project sites, but it's yours, and it's as awesome as you can make it.

If you want to show off your projects as web apps, I guess you have to find a way to serve them. There's a ton of open-source web servers out there. Just thinking of Java, Tomcat and Jetty are well known, but there's no shortage. Maybe you should evaluate them and pick one - and then include your reasoning on a page on your site, so potential employers can see an example of how you think about a problem of this sort. Needless to say, the work of figuring all of this out is a really really really good way to learn more about the web admin side of things.

Be aware that you'll probably get some things wrong, and you'll probably get yourself entangled in one technology and then later on wish you'd picked some other. These discoveries, when shared with the world, are called a blog, and they can be very useful to others following after you. Writing them out can also help you keep a clear head about where you're at and what's next, so it's also useful to you.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1