Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
DNN Horror Stories Things That DNN Developers Shouldn't Do
Will Strohl • CEO & Founder, Upendo Ventures • Leader of the Awareness EAG • Former CEO, Hotcakes Commerce • Former DNN Co...
Upendo Ventures • Platform & Evoq • E-Commerce • Implementations • Integrations • Custom Modules • Upgrades & Downgrades •...
DNN Horror Stories Things That DNN Developers Shouldn't Do
Who? • Website owners • Website administrators • Website developers • Content editors
Why? • We need to grow the ecosystem • Poor implementations make DNN look bad • This is how we’ve been getting business • ...
Administration
Communications Problem • The vendor takes too long to respond. Resolution Give a reasonable buffer, but the amount of time...
Low Rates Problem • The rates appear to be too good to be true. Resolution If you think the rate is exceptionally low, it ...
Budget Problem • The vendor under-budgets the effort for your project. Resolution This has the same impact as rates. Put y...
Server(s)
Shared Logins Problem • Administrators and/or consultants are using shared logins. Resolution No matter how time-consuming...
Backup Plan (I) Problem • The web/database server is not being backed up regularly. Resolution Use a service like Acronis ...
No Backup Plan (II) Problem • The database/website is not being backed up regularly. Resolution Use a service like Evotiva...
SQL Maintenance Plan Problem • The database is not being backed up regularly. Resolution Hourly: Backup transaction logs; ...
RDP Access Problem • RDP access is not restricted. Resolution RDP access should be protected either by IP address filter a...
CSS & JS
Inline Styles Problem • Yes. This is still happening. • CSS is being applied in module settings, HTML, and templates. Reso...
Portal.css Problem • Very rare that this is necessary. • CSS is added in the Site Settings/Custom CSS. Solution • Apply th...
Portal.css Problem • Very rare that this is necessary. • CSS is added in the Site Settings/Custom CSS. Solution • Apply th...
Local CSS & JS Problem • Third-party libraries used. • Could be using a CDN version. • Site owner has no choice. • Bloat. ...
Uncompressed CSS & JS Problem • Third-party and/or local libraries used. • Usually an artifact from development or lazines...
Extensions
Not Using Source Control Problem • Yes. We’re still seeing this today. • Server back-ups are not good enough. Solution • G...
Project/Solution Architecture Problem • Custom/commercial extensions are developed/built within the website. Solution • An...
Source Code Location Problem • Storing the source code in the website folder(s). • Forces checking in of the website. • Di...
Source Code Location (II) Problem • Storing the source code in multiple locations. • Difficult to on-board new developers ...
Using SQL Instead of the API Problem • SQL is used to directly manipulate data in the database. • Difficult to track and a...
Validation of User Input Problem • Form fields, query strings, and uploads are not validated. Solution • InputFilter() sho...
Third-Party Components Problem • Third-party libraries/frameworks are used, but not updated. Solution • In every release, ...
Using NuGet Problem • Manual references to other integrations/libraries are used instead of NuGet. Solution • Whenever pos...
Extension Packaging Problem • “All you need to do to install/upgrade it is FTP it to the website.” Solution • All extensio...
Build Warnings Problem • Build warnings are ignored and not addressed. Solution • Build warnings are a key indication that...
Upendo Ventures Final Q&A We use technology to help your business change people’s lives UpendoVentures.com solutions@upend...
DNN-Connect 2019: DNN Horror Stories
DNN-Connect 2019: DNN Horror Stories
Upcoming SlideShare
Loading in …5
×

DNN-Connect 2019: DNN Horror Stories

256 views

Published on

In this DNN-Connect 2019 session, I walk the audience through many of the most common things that we've run into over the years when helping clients with their DNN websites. You'll see some of the most common worst practices and how to resolve them.

Published in: Technology
License: CC Attribution License
no profile picture user

  • Login to see the comments

  • Be the first to like this

DNN-Connect 2019: DNN Horror Stories

  1. 1. DNN Horror Stories Things That DNN Developers Shouldn't Do
  2. 2. Will Strohl • CEO & Founder, Upendo Ventures • Leader of the Awareness EAG • Former CEO, Hotcakes Commerce • Former DNN Corp employee • Using DNN since 2003 • DNN MVP since 2013* • DNN Author & Technical Editor • Founder of DNNCon (Day of DNN) • Founded 2 DNN User Groups* • 25+ open source projects https://upendoventures.com/How/People/Will-Strohl “hismightiness” @WillStrohl
  3. 3. Upendo Ventures • Platform & Evoq • E-Commerce • Implementations • Integrations • Custom Modules • Upgrades & Downgrades • Custom Themes • Training • Fixing stuff other people did ;) @UpendoVentures UpendoVentures.com We Use Technology to Help Your Business Change People’s Lives
  4. 4. DNN Horror Stories Things That DNN Developers Shouldn't Do
  5. 5. Who? • Website owners • Website administrators • Website developers • Content editors
  6. 6. Why? • We need to grow the ecosystem • Poor implementations make DNN look bad • This is how we’ve been getting business • ~80% of our DNN business • Affects DNN upgrades • This is all completely avoidable • DNN is only as good as the implementor… • Protect yourself & your website
  7. 7. Administration
  8. 8. Communications Problem • The vendor takes too long to respond. Resolution Give a reasonable buffer, but the amount of time and effort it takes to get responses says how important they take your business.
  9. 9. Low Rates Problem • The rates appear to be too good to be true. Resolution If you think the rate is exceptionally low, it is. You usually get what you pay for. Pay attention to agency/partner directories and follow-up on client testimonials.
  10. 10. Budget Problem • The vendor under-budgets the effort for your project. Resolution This has the same impact as rates. Put your project out to bid to multiple vendors.
  11. 11. Server(s)
  12. 12. Shared Logins Problem • Administrators and/or consultants are using shared logins. Resolution No matter how time-consuming, every single person in the project should have a unique login.
  13. 13. Backup Plan (I) Problem • The web/database server is not being backed up regularly. Resolution Use a service like Acronis to backup the server no less than 1-4 times each month. Keep off-site copies.
  14. 14. No Backup Plan (II) Problem • The database/website is not being backed up regularly. Resolution Use a service like Evotiva DNN Backup to backup the website no less than 1-4 times each day/week. Keep an on- and off-site copies.
  15. 15. SQL Maintenance Plan Problem • The database is not being backed up regularly. Resolution Hourly: Backup transaction logs; Daily: Check DB integrity; Reorganize index; Update statistics; Maintenance cleanup; Weekly: Shrink DB; Rebuild index;
  16. 16. RDP Access Problem • RDP access is not restricted. Resolution RDP access should be protected either by IP address filter and/or VPN.
  17. 17. CSS & JS
  18. 18. Inline Styles Problem • Yes. This is still happening. • CSS is being applied in module settings, HTML, and templates. Resolution Apply these updates in the theme.
  19. 19. Portal.css Problem • Very rare that this is necessary. • CSS is added in the Site Settings/Custom CSS. Solution • Apply these updates in the theme.
  20. 20. Portal.css Problem • Very rare that this is necessary. • CSS is added in the Site Settings/Custom CSS. Solution • Apply these updates in the theme.
  21. 21. Local CSS & JS Problem • Third-party libraries used. • Could be using a CDN version. • Site owner has no choice. • Bloat. Solution • Package and/or use CDN versions of the libraries.
  22. 22. Uncompressed CSS & JS Problem • Third-party and/or local libraries used. • Usually an artifact from development or laziness. • Bloat and decreased performance. Solution • Include a compression step in your build process. Point to it.
  23. 23. Extensions
  24. 24. Not Using Source Control Problem • Yes. We’re still seeing this today. • Server back-ups are not good enough. Solution • GitHub & BitBucket have free/low cost options for public and private repositories.
  25. 25. Project/Solution Architecture Problem • Custom/commercial extensions are developed/built within the website. Solution • Any professional extension should not be embedded within the website application itself. It should build outside of the website.
  26. 26. Source Code Location Problem • Storing the source code in the website folder(s). • Forces checking in of the website. • Difficult to on-board new developers & find code. • Security! Solution • Store the source code in an actual development location.
  27. 27. Source Code Location (II) Problem • Storing the source code in multiple locations. • Difficult to on-board new developers & find code. • Often leads to re-generating code that is assumed missing. Solution • Centralize the source code in a single solution.
  28. 28. Using SQL Instead of the API Problem • SQL is used to directly manipulate data in the database. • Difficult to track and audit. • Could break any given upgrade. Solution • Take the time to know the DNN source code to be forward compatible.
  29. 29. Validation of User Input Problem • Form fields, query strings, and uploads are not validated. Solution • InputFilter() should be used for all user-entered data. • Encoding and validation used for all query string values. • Uploads should be validated for format & integrity.
  30. 30. Third-Party Components Problem • Third-party libraries/frameworks are used, but not updated. Solution • In every release, any integrated libraries/frameworks should be upgraded, if possible.
  31. 31. Using NuGet Problem • Manual references to other integrations/libraries are used instead of NuGet. Solution • Whenever possible, package managers like NuGet and/or npm should be used.
  32. 32. Extension Packaging Problem • “All you need to do to install/upgrade it is FTP it to the website.” Solution • All extensions and integrations should be versioned and use an installer.
  33. 33. Build Warnings Problem • Build warnings are ignored and not addressed. Solution • Build warnings are a key indication that an extension will not be upgrade-friendly. • Build warnings should always be addressed as soon as they’re noticed.
  34. 34. Upendo Ventures Final Q&A We use technology to help your business change people’s lives UpendoVentures.com solutions@upendoventures.com (650) 381-9160 548 Market St. #65401 San Francisco, CA 94104

×