1.
DNN Horror Stories
Things That DNN Developers Shouldn't Do

2.
Will Strohl
• CEO & Founder, Upendo Ventures
• Leader of the Awareness EAG
• Former CEO, Hotcakes Commerce
• Former DNN Corp employee
• Using DNN since 2003
• DNN MVP since 2013*
• DNN Author & Technical Editor
• Founder of DNNCon (Day of DNN)
• Founded 2 DNN User Groups*
• 25+ open source projects
https://upendoventures.com/How/People/Will-Strohl
“hismightiness”
@WillStrohl

3.
Upendo Ventures
• Platform & Evoq
• E-Commerce
• Implementations
• Integrations
• Custom Modules
• Upgrades & Downgrades
• Custom Themes
• Training
• Fixing stuff other people did ;)
@UpendoVentures
UpendoVentures.com
We Use Technology to Help Your Business
Change People’s Lives

4.
DNN Horror Stories
Things That DNN Developers Shouldn't Do

5.
Who?
• Website owners
• Website administrators
• Website developers
• Content editors

6.
Why?
• We need to grow the ecosystem
• Poor implementations make DNN look bad
• This is how we’ve been getting business
• ~80% of our DNN business
• Affects DNN upgrades
• This is all completely avoidable
• DNN is only as good as the implementor…
• Protect yourself & your website

7.
Administration

8.
Communications
Problem
• The vendor takes too long to respond.
Resolution
Give a reasonable buffer, but the amount of time and effort it
takes to get responses says how important they take your
business.

9.
Low Rates
Problem
• The rates appear to be too good to be true.
Resolution
If you think the rate is exceptionally low, it is. You usually get
what you pay for.
Pay attention to agency/partner directories and follow-up on
client testimonials.

10.
Budget
Problem
• The vendor under-budgets the effort for your project.
Resolution
This has the same impact as rates. Put your project out to bid to
multiple vendors.

11.
Server(s)

12.
Shared Logins
Problem
• Administrators and/or consultants are using shared logins.
Resolution
No matter how time-consuming, every single person in the
project should have a unique login.

13.
Backup Plan (I)
Problem
• The web/database server is not being backed up regularly.
Resolution
Use a service like Acronis to backup the server no less than 1-4
times each month.
Keep off-site copies.

14.
No Backup Plan (II)
Problem
• The database/website is not being backed up regularly.
Resolution
Use a service like Evotiva DNN Backup to backup the website no
less than 1-4 times each day/week.
Keep an on- and off-site copies.

15.
SQL Maintenance Plan
Problem
• The database is not being backed up regularly.
Resolution
Hourly: Backup transaction logs;
Daily: Check DB integrity; Reorganize index; Update statistics;
Maintenance cleanup;
Weekly: Shrink DB; Rebuild index;

16.
RDP Access
Problem
• RDP access is not restricted.
Resolution
RDP access should be protected either by IP address filter and/or
VPN.

17.
CSS & JS

18.
Inline Styles
Problem
• Yes. This is still happening.
• CSS is being applied in module settings, HTML, and templates.
Resolution
Apply these updates in the theme.

19.
Portal.css
Problem
• Very rare that this is necessary.
• CSS is added in the Site Settings/Custom CSS.
Solution
• Apply these updates in the theme.

20.
Portal.css
Problem
• Very rare that this is necessary.
• CSS is added in the Site Settings/Custom CSS.
Solution
• Apply these updates in the theme.

21.
Local CSS & JS
Problem
• Third-party libraries used.
• Could be using a CDN version.
• Site owner has no choice.
• Bloat.
Solution
• Package and/or use CDN versions of the libraries.

22.
Uncompressed CSS & JS
Problem
• Third-party and/or local libraries used.
• Usually an artifact from development or laziness.
• Bloat and decreased performance.
Solution
• Include a compression step in your build process. Point to it.

23.
Extensions

24.
Not Using Source Control
Problem
• Yes. We’re still seeing this today.
• Server back-ups are not good enough.
Solution
• GitHub & BitBucket have free/low cost options for public and
private repositories.

25.
Project/Solution Architecture
Problem
• Custom/commercial extensions are developed/built within the
website.
Solution
• Any professional extension should not be embedded within the
website application itself. It should build outside of the website.

26.
Source Code Location
Problem
• Storing the source code in the website folder(s).
• Forces checking in of the website.
• Difficult to on-board new developers & find code.
• Security!
Solution
• Store the source code in an actual development location.

27.
Source Code Location (II)
Problem
• Storing the source code in multiple locations.
• Difficult to on-board new developers & find code.
• Often leads to re-generating code that is assumed missing.
Solution
• Centralize the source code in a single solution.

28.
Using SQL Instead of the API
Problem
• SQL is used to directly manipulate data in the database.
• Difficult to track and audit.
• Could break any given upgrade.
Solution
• Take the time to know the DNN source code to be forward
compatible.

29.
Validation of User Input
Problem
• Form fields, query strings, and uploads are not validated.
Solution
• InputFilter() should be used for all user-entered data.
• Encoding and validation used for all query string values.
• Uploads should be validated for format & integrity.

30.
Third-Party Components
Problem
• Third-party libraries/frameworks are used, but not updated.
Solution
• In every release, any integrated libraries/frameworks should be
upgraded, if possible.

31.
Using NuGet
Problem
• Manual references to other integrations/libraries are used
instead of NuGet.
Solution
• Whenever possible, package managers like NuGet and/or npm
should be used.

32.
Extension Packaging
Problem
• “All you need to do to install/upgrade it is FTP it to the website.”
Solution
• All extensions and integrations should be versioned and use an
installer.

33.
Build Warnings
Problem
• Build warnings are ignored and not addressed.
Solution
• Build warnings are a key indication that an extension will not be
upgrade-friendly.
• Build warnings should always be addressed as soon as they’re
noticed.

34.
Upendo Ventures
Final Q&A
We use technology to help your business
change people’s lives
UpendoVentures.com
solutions@upendoventures.com
(650) 381-9160
548 Market St. #65401
San Francisco, CA 94104