Dependency Injection Magento

(Starting) Using Dependency Injection in Magento 2

One of the biggest switches you will experience when moving from Magento 1 to Magento 2 is inversion of control.  This is a very different concept to get used to but once you have it you will be a very happy person.  Maybe.  At least I was.  Understanding how to use dependency injection and understandingContinue Reading “(Starting) Using Dependency Injection in Magento 2”


How much memory does Magento use?

So, I was teaching the Magento Performance for System Administrators class the other day.  I’ve delivered the class several times but this is the first time that somebody asked me “How much memory does Magento actually use?”  Now, I know what you’re supposed to set it at, but I’ve never measured actual usage.  So IContinue Reading “How much memory does Magento use?”


Hash value sizes

For giggles, here are examples of hashes for the SHA1, SHA256 and SHA512 hashing mechanisms. Code 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 echo hash_hmac( ‘sha1’, openssl_random_pseudo_bytes(32), openssl_random_pseudo_bytes(32) ) . "\n";   echo hash_hmac( ‘sha256’, openssl_random_pseudo_bytes(32), openssl_random_pseudo_bytes(32) ) . "\n";   echo hash_hmac( ‘sha512’, openssl_random_pseudo_bytes(32),Continue Reading “Hash value sizes”


What SSL $_SERVER variables are available in PHP

I found myself wondering what HTTPS variables were available in the $_SERVER variable today and didn’t find a specific list (and didn’t have mod_ssl installed).  So as a public service, here is what my server says. array(58) { [“HTTPS”]=> string(2) “on” [“SSL_VERSION_INTERFACE”]=> string(13) “mod_ssl/2.2.3” [“SSL_VERSION_LIBRARY”]=> string(25) “OpenSSL/0.9.8e-fips-rhel5” [“SSL_PROTOCOL”]=> string(5) “TLSv1” [“SSL_SECURE_RENEG”]=> string(4) “true” [“SSL_COMPRESS_METHOD”]=> string(4)Continue Reading “What SSL $_SERVER variables are available in PHP”

Magento Performance

How much does logging affect performance?

So, I was having a discussion with a person I respect about logging and they noted that often logging poses a prohibitive cost from a performance perspective.  This seemed a little odd to me and so I decided to run a quick series of benchmarks on my own system.  Following is the code I used. require_onceContinue Reading “How much does logging affect performance?”


Is prevention the best security practice?

I read a post tweeted by Chris Cornutt today.  The basic gist of the article is that your security is only as strong as your most ethically-challenged developer.  That got me thinking that we spend so much time trying to prevent intrusions when detection might be a better priority.  Some tactics, such as SQL Injection,Continue Reading “Is prevention the best security practice?”