The pain point RECOVID is addressing is that small businesses usually don’t know whether they are eligible for funding, not even now during the coronavirus crisis.
And then, when they do find out, they often give up in the process because filling in the application is too complicated.
RECOVID helps here by pre-filling as much data as possible from Open Banking (PSD2).
Theory Force’s Contribution
The RECOVID web app runs as a Firebase service to allow for easy one-click signups via Google account. It is a custom Jekyll template with media served from Cloudinary.
As a starter theme, I used a recent project’s theme from Shake Vault, which probably doesn’t show in the least!
[Live] recovid.me
[More] devpost.com
]]>Get in touch via email or WhatsApp. If you prefer marketplaces, see what sites are currently accepting orders at . Discounts and special rates available for orders through there.
We prefer working with agencies or directly with the brand. We do not usually work with individual resellers, unless you order through Collaborator.
All our websites run on headless CMS technology. We do not use a traditional CMS like Wordpress, which enables our small team to run the entire network of websites without the risk of having them hacked.
Choosing headless also means having the best possible page speed and media delivery, as well as security.
Your benefits of working with TheoryDigital OU:
Last but not least - we’ve got a well-managed Web2.0 presence to back the network up.
Get in touch to get the list of our sites:
]]>What it does: Shifts time expenditures from routine tasks without complicated setups. Pays off even for smaller networks.
How it works: The master branch of RFlow is to be installed and conf’d on your servers. The RPC branch is to run an orchestrated sequence that pulls all working data from your servers into your laptop. This way you can browse all access log data for your whole network at a single run.
Below is a config example for the RPC branch.
# Rflow RPC conf
env: 'tf-local'
root: '/home/theoryforce/rflow'
sdb: '/tmp/rflow/state'
clients: [client1, client2, db, dev, bastion]
servermap:
client1: [uname, xxx.xxx.xxx.xxx]
client2: [uname, xxx.xxx.xxx.xxx]
db: [uname, xxx.xxx.xxx.xxx]
dev: [uname, xxx.xxx.xxx.xxx]
bastion: [uname, xxx.xxx.xxx.xxx]
domains: ['example.com', 'some.tech']
bastion:
server: 'xxx.xxx.xxx.xxx'
user: 'uname'
code: 'bastion'
key: 'id_ed25519_bastion'
servergroup:
production: db, client1
hilit: client2
api:
neutrino:
...
You can still run pipes on clients as well.
Managing everything locally is less convenient for some parts or the routine maintenance. Most of these on-client tasks are updates and reports though - in other words, processes that don’t require your attention. They can be run from a crontab.
All pipes trigger a state change.
States are stored as hex data in simple string data base
, one of Ruby’s default libraries.
These tiny text files are retrieved when you start an RPC pipe, so that you get a single-glance overview of all maintenance sequences that triggered in the past days.
Both RPC and client branches come with a Rakefile and a binary.
rflow -- RFlow is a sysadmin pipeline system in Ruby with some Bash scripts included because we are not too anal about nice code here.
Usage:
rflow <subcommand> [options]
Options:
-h, --help Show this message
-v, --version Print the name and version
-t, --trace Show the full backtrace when an error occurs
Subcommands:
bastion, via Runs flow on client servers through a bastion server. Which server is a bastion needs to be configured.
state Retrieves state note temps from family.
auth, a Runs the orchestration for pulling and redistributing bad hits of client authlogs.
access, l Runs the orchestration for access log scan.
blacklists, bl, b Slurps client blacklists and redistributes the slurp.
techseo Pulls TechSEO reports from sibling servers into a CSV. (Needs counterparts on client)
infosec Nmap network scanning and server log backups for configured clients.
loadtime, lt Runs the curl loadtime report for submitted domain (Assumes HTTPS).
wpscan, wp Runs the wpscan for a domain (Assumes HTTPS), --csv as an option.
hallow, ha [util] Check if current IP is whitelisted on all servers and if not, add it to hosts.allow
ip [util] Display your public IP
probe [util] Neutrino API probe for IP
You can also quickly add your own pipes as you go, as child classes of RFlow
.
JAMStack publishing engines make for faster websites with lower hosting and maintenance costs. The published website your readers see can be served from a static copy, similar to a snapshot, rather than dynamically upon request from a database (the WordPress way). Serving a snapshot makes the load time shorter and the navigation through the web app much smoother.
Database systems are the bottleneck of security and maintenance costs. You don’t actually need one to run a website. It is much smarter to use a content management system that runs off-platform, and have the content downloaded via API.
With JAMStacks, one aspect of not serving through a database is that the security overhead is mostly outsourced to the provider of the content management API. The API will mostly come with a backend, a so-called BaaS (Backend-as-a-Service).
This is what such a backend looks like:
Nothing geeky, not much different from WordPress in fact.
Your website is serving a snapshot of what was edited in an interface like the one above. Your site is always unaffected by any service disruption on part of the backend provider, and it is leaving you with not much to do in terms of cybersecurity on your own website.
It also can be a great way to really slash the costs of a content-heavy publishing project that is meant to be lean. Content heavy websites pulled live from a database need expensive servers. Static sites can be hosted for free or for next to nothing. Some BaaS startups offer very generous free tiers, too.
To name one example, The Business Of Crypto runs on the following stack:
In this particular project, data stored in the database do not need to be retrieved every time there is a visitor. The contents of the website only change when they are edited by the admins.
In this case, the better solution is to hook a script to the static generator deploy routine. It will export the latest version of the database into a CSV file, which is then natively processed by the static site generator and fills up the website.
]]>Vulnerabilities in popular content management system (CMS) WordPress are growing at a rapid rate, up 30 percent in 2018, according to new research released Wednesday by Imperva.
The overall number of new vulnerabilities in web apps in 2018 (17,142) soared upwards by 21 percent compared to 2017 (14,082).
Third of the known web application vulnerabilities don’t even have any available solution, including a workaround or patch.
“Despite the common belief that all our smart electronic devices can be easily compromised, it appears that this area is not targeted as strongly anymore,” researchers said. “Possible explanations include: IoT vendors have finally started to implement better security in IoT devices, or hackers and researchers found an area to focus on where it takes less effort to profit from an exploit.”
]]>Yes - modular: Nobody’s using it for blogging anymore, right? The default use of WordPress CMS became to create business websites.
But with a little development you can use WordPress to also create completely private web apps, hidden from everyone other than your company’s network, or you can use a plugin to manage media assets scattered over various cloud providers.
]]>