In computer networks, a reverse proxy or surrogate server is a proxy server that appears to any client to be an ordinary web server, but in reality merely acts as an intermediary that forwards the client's requests to one or more ordinary web servers. Reverse proxies help increase scalability, performance, resilience, and security, but they also carry a number of risks. Companies that run web servers often set up reverse proxies to facilitate the communication between an Internet user's browser and the web servers. An important advantage of doing so is that the web servers can be hidden behind a firewall on a company-internal network, and only the reverse proxy needs to be directly exposed to the Internet. Reverse proxy servers are implemented in popular open-source web servers. Dedicated reverse proxy servers are used by some of the biggest websites on the Internet. A reverse proxy is capable of tracking IP addresses of requests that are relayed through it as well as reading and/or modifying any non-encrypted traffic. However, this implies that anyone who has compromised the server could do so as well. Reverse proxies differ from forward proxies, which are used when the client is restricted to a private, internal network and asks a forward proxy to retrieve resources from the public Internet. == Uses == Large websites and content delivery networks use reverse proxies, together with other techniques, to balance the load between internal servers. Reverse proxies can keep a cache of static content, which further reduces the load on these internal servers and the internal network. It is also common for reverse proxies to add features such as compression or TLS encryption to the communication channel between the client and the reverse proxy. Reverse proxies can inspect HTTP headers, which, for example, allows them to present a single IP address to the Internet while relaying requests to different internal servers based on the URL of the HTTP request. Reverse proxies can hide the existence and characteristics of origin servers. This can make it more difficult to determine the actual location of the origin server / website and, for instance, more challenging to initiate legal action such as takedowns or block access to the website, as the IP address of the website may not be immediately apparent. Additionally, the reverse proxy may be located in a different jurisdiction with different legal requirements, further complicating the takedown process. Application firewall features can protect against common web-based attacks, like a denial-of-service attack (DoS) or distributed denial-of-service attacks (DDoS). Without a reverse proxy, removing malware or initiating takedowns (while simultaneously dealing with the attack) on one's own site, for example, can be difficult. In the case of secure websites, a web server may not perform TLS encryption itself, but instead offload the task to a reverse proxy that may be equipped with TLS acceleration hardware. (See TLS termination proxy.) A reverse proxy can distribute the load from incoming requests to several servers, with each server supporting its own application area. In the case of reverse proxying web servers, the reverse proxy may have to rewrite the URL in each incoming request in order to match the relevant internal location of the requested resource. A reverse proxy can reduce load on its origin servers by caching static content and dynamic content, known as web acceleration. Proxy caches of this sort can often satisfy a considerable number of website requests, greatly reducing the load on the origin server(s). A reverse proxy can optimize content by compressing it in order to speed up loading times. In a technique named "spoon-feeding", a dynamically generated page can be produced in its entirety and served to the reverse proxy, which can feed the page to the client as the connection allows. The program that generates the page need not remain open, thus releasing server resources during the possibly extended time the client requires to complete the transfer. Reverse proxies can operate wherever multiple web-servers must be accessible via a single public IP address. The web servers listen on different ports in the same machine, with the same local IP address or, possibly, on different machines with different local IP addresses. The reverse proxy analyzes each incoming request and delivers it to the right server within the local area network. Reverse proxies can perform A/B testing and multivariate testing without requiring application code to handle the logic of which version is served to a client. A reverse proxy can add access authentication to a web server that does not have any authentication. == Risks == When the transit traffic is encrypted and the reverse proxy needs to filter/cache/compress or otherwise modify or improve the traffic, the proxy first must decrypt and re-encrypt communications. This requires the proxy to possess the TLS certificate and its corresponding private key, extending the number of systems that can have access to non-encrypted data and making it a more valuable target for attackers. The vast majority of external data breaches happen either when hackers succeed in abusing an existing reverse proxy that was intentionally deployed by an organization, or when hackers succeed in converting an existing Internet-facing server into a reverse proxy server. Compromised or converted systems allow external attackers to specify where they want their attacks proxied to, enabling their access to internal networks and systems. Applications that were developed for the internal use of a company are not typically hardened to public standards and are not necessarily designed to withstand all hacking attempts. When an organization allows external access to such internal applications via a reverse proxy, they might unintentionally increase their own attack surface and invite hackers. If a reverse proxy is not configured to filter attacks or it does not receive daily updates to keep its attack signature database up to date, a zero-day vulnerability can pass through unfiltered, enabling attackers to gain control of the system(s) that are behind the reverse proxy server. Giving the reverse proxy of a third party access to private keys (for caching or optimizing content) places the entire triad of confidentiality, integrity and availability in the hands of the third party who operates the proxy. A reverse proxy is a single point of failure for the back-end services it fronts: an outage caused by misconfiguration, a denial-of-service attack, or a software fault can make every fronted service unreachable to outside clients, even when the back-end services themselves remain healthy. For example, a 2020 outage at Cloudflare briefly took down major sites and services that relied on its reverse-proxy edge, including Discord.
TowIt
"TowIt" is a free, global, cross-platform mobile app, website, and Web API that allows civilians to report parking violations and dangerous driving in real-time. The mission is to remove the barriers required to make cities effectively fight and deter bad parking and dangerous driving habits. The company ultimately aims to better existing social controls in order to drive necessary behavioral change through increased education, real-time reporting, optimized enforcement, as well as the resulting reactivity. == User base and adoption == The application has users reporting vehicular infractions in upwards of 30 countries. The top reporting countries are: Portugal, Canada, United States of America and Australia. Users have adopted TowIt for a variety of reasons, usually central to their geographical location and the prominent offences in those specific areas. For instance, the majority of Portuguese reports are cars parked on sidewalks, footpaths and pedestrian crossings, Australian reports are largely focused on the abuse of disabled parking spaces, and in Toronto or San Francisco users generally capture cars parked in bicycle lanes. == Functions == === Data collection === TowIt gathers data on individual parking offences, the prominence of various offence types, as well as recurring offenders. This allows the company to identify trends and hotspots in order to take action against problem vehicles, as well as to help improve urban planning, traffic congestion and gridlock management. Individuals modify or improve an aspect of their behavior in response to their awareness of being observed, theoretically more so when demonstrating selfishness, egocentrism, narcissism and anti-social behavior. The company states that by becoming a user, one can "help TowIt relieve congestion, reduce collisions, open up economies, improve the environment and enhance the lives of urban residents and suburban commuters alike". The company has acknowledged that there are numerous legislative changes that would be required to integrate with governments at any level in many countries. A simple three-step process allows users to take a photo of an offending vehicle and subsequently verifying the offending vehicle's license plate information before submitting by tapping the TowIt (submit) button. Photographical evidence can only be captured with the camera from within the TowIt application. An Internet connection is required. The company has stated that this was purposefully done for quality control and report validation purposes. Users may only submit and view their own report history on either the iOS or Android applications. Globally submitted reports are displayed uncensored and in aggregate only on the Android application and the TowIt website. The "Global Feed" feature was removed from iOS (see iTunes Connect Acceptance Issues). TowIt's back-end automatically geotags the report and compares it to local parking by-law data, including by-law types, locations, times, side(s) of street, etc.- where available. Valid reports are posted to the global feed, to the TowIt website, and passed on to municipalities and police for enforcement (where connected). === Technologies used under license === TowIt currently utilizes the following software or software libraries under license: AngularJS, Apache Cordova, Apple iTunes Store EULA, Chart.js, Google Play Distribution Agreement, Ionic Framework, MongoDB, Moment.js, Python 2.7, Python Flask, and jQuery. == Company history == The TowIt application was conceived by Michael Duncan McArthur on December 5, 2014, as a response to Toronto Mayor John Tory's election mandate to "get this city moving". The application was announced via TowIt's official Twitter page on January 6, 2015. After the initial public announcement, Michael & Gregory were contacted by members of John Tory's staff on January 8, 2015, and invited to demo a prototype at Toronto City Hall on January 12, 2015. The two were also invited to meet with Toronto Councillor Norm Kelly, in his City Hall office, for a subsequent demo of the live Android application on January 28, 2015. A similar meeting and demo took place with members of the Traffic Services department of Toronto Police Service on February 2, 2015. Michael & Gregory teamed up with friends and Toronto-based developers Dae-Seon Moon, Jesse Malone, and Marcus Veres to complete the prototype in time to meet the city's imposed demo deadline and to launch the initial Android version of the application. TowIt officially launched on the Android platform on January 16, 2015. A subsequent iOS launch took place on March 19, 2015. === iTunes connect acceptance issues === The iOS version of the application was delayed for approximately two months, only after significant deliberation with Apple's iTunes Connect review board around (as then stated) rule: "14.1 - Any App that is defamatory, offensive, mean-spirited, or likely to place the targeted individual or group in harm's way will be rejected." The result was having to remove the "Global Feed" feature from the iOS platform, in which civilian users could view all recent reports from within the application. This feature still exists on the Android platform. === Business and legal === TowIt engaged Wildeboer Dellelce, one of Canada's leading business law and transactional corporate finance law firms, on January 17, 2015. The company filed for incorporation as "TowIt Solutions Inc." by both Michael & Gregory in the Canadian province of Ontario on January 22, 2015. TowIt continues to operate under a Freemium business model. The company is 100% bootstrapped and has received no outside investment to date. TowIt was accepted into the MaRS Discovery District's Venture Services program on March 4, 2015. === Lobbyist registration === After receiving initial press coverage in January and February 2015, an unknown entity reported Michael & Gregory's initial communications with city staff to the City of Toronto's Lobbyist Registrar. This complaint resulted in legal threats of fines received on February 10, 2015, for apparently and unknowingly breaking municipal lobbying by-laws. These fines (of up to $100,000) were eventually withdrawn after Michael & Gregory immediately provided all records of communication with city officials and registered as lobbyists in the City of Toronto on the subjects of By-law / Regulation, Parking, and Technology. Their registration was accepted by the Lobbyist Registrar on March 6, 2015. However, communication with Toronto city staff was reduced greatly as a result, which the company believes may have been the desired intent of the original complaint. === Outreach and activism === TowIt encourages its global user base to reach out to their local government representatives to promote the app at the users' own will. This tactic is used not only to demonstrate grassroots support, but also to avoid future lobbying issues. On June 2, 2015, the company officially partnered with Australian campaign "No Permit No Park" who advocate for the creation of inclusive communities. == Reception == The Best Planning Apps for 2016 by Planetizen, 5 Toronto apps you should be using by Indie88, 12 Best Apps Made In Canada by TechVibes.
Link-richness
Link-richness is the quality, possessed by some websites, of having many hyperlinks. Classified advertising sites like Craigslist tend to be very link-rich, sometimes with hundreds of links on their main page. They help users find the links they are looking for by grouping links into clusters. Inadequate link richness has been described as frustrating to readers, as it reduces transparency of site content from the main page. Students new to wiki collaboration were found to need guidance in how to take full advantage of the medium's potential for creating link-rich content. Link-richness in some contexts can be distracting, as when an article is surrounded by extraneous links. Indeed, it is becoming accepted as a best practice for universities to have link-rich home pages that do not rely on user categorisation and exploration of long sequences of links and are not constrained by traditional boundaries between departments. Tools are sometimes needed to make the publishing of link-rich web sites tractable, and many people may lack the technical skills, time, or inclination to engage in hand- crafting new digital document forms. A link-rich site that is low on content is sometimes referred to as a "gateway site." Link-rich portals were popular on the Web in 2000. Yahoo! and other sites featuring categories with many links were heavily used and often required fewer than three clicks to reach the content. Web designers were creating flat sites with content positioned close to the top of pages.
Web engineering
The World Wide Web has become a major delivery platform for a variety of complex and sophisticated enterprise applications in several domains. In addition to their inherent multifaceted functionality, these Web applications exhibit complex behaviour and place some unique demands on their usability, performance, security, and ability to grow and evolve. However, a vast majority of these applications continue to be developed in an ad hoc way, contributing to problems of usability, maintainability, quality and reliability. While Web development can benefit from established practices from other related disciplines, it has certain distinguishing characteristics that demand special considerations. In recent years, there have been developments towards addressing these considerations. Web engineering focuses on the methodologies, techniques, and tools that are the foundation of Web application development and which support their design, development, evolution, and evaluation. Web application development has certain characteristics that make it different from traditional software, information systems, or computer application development. Web engineering is multidisciplinary and encompasses contributions from diverse areas: systems analysis and design, software engineering, hypermedia/hypertext engineering, requirements engineering, human-computer interaction, user interface, data engineering, information science, information indexing and retrieval, testing, modelling and simulation, project management, and graphic design and presentation. Web engineering is neither a clone nor a subset of software engineering, although both involve programming and software development. While Web Engineering uses software engineering principles, it encompasses new approaches, methodologies, tools, techniques, and guidelines to meet the unique requirements of Web-based applications. == As a discipline == Proponents of Web engineering supported the establishment of Web engineering as a discipline at an early stage of Web. Major arguments for Web engineering as a new discipline are: Web-based Information Systems (WIS) development process is different and unique. Web engineering is multi-disciplinary; no single discipline (such as software engineering) can provide a complete theory basis, body of knowledge and practices to guide WIS development. Issues of evolution and lifecycle management when compared to more 'traditional' applications. Web-based information systems and applications are pervasive and non-trivial. The prospect of Web as a platform will continue to grow and it is worth being treated specifically. However, it has been controversial, especially for people in other traditional disciplines such as software engineering, to recognize Web engineering as a new field. The issue is how different and independent Web engineering is, compared with other disciplines. Main topics of Web engineering include, but are not limited to, the following areas: === Modeling disciplines === Business Processes for Applications on the Web Process Modelling of Web applications Requirements Engineering for Web applications B2B applications === Design disciplines, tools, and methods === UML and the Web Conceptual Modeling of Web Applications (aka. Web modeling) Prototyping Methods and Tools Web design methods CASE Tools for Web Applications Web Interface Design Data Models for Web Information Systems === Implementation disciplines === Integrated Web Application Development Environments Code Generation for Web Applications Software Factories for/on the Web Web 2.0, AJAX, E4X, ASP.NET, PHP and Other New Developments Web Services Development and Deployment === Testing disciplines === Testing and Evaluation of Web systems and Applications. Testing Automation, Methods, and Tools. === Applications categories disciplines === Semantic Web applications Document centric Web sites Transactional Web applications Interactive Web applications Workflow-based Web applications Collaborative Web applications Portal-oriented Web applications Ubiquitous and Mobile Web Applications Device Independent Web Delivery Localization and Internationalization of Web Applications Personalization of Web Applications == Attributes == === Web quality === Web Metrics, Cost Estimation, and Measurement Personalisation and Adaptation of Web applications Web Quality Usability of Web Applications Web accessibility Performance of Web-based applications === Content-related === Web Content Management Content Management System (CMS) Multimedia Authoring Tools and Software Authoring of adaptive hypermedia == Education == Master of Science: Web Engineering as a branch of study within the MSc program Web Sciences at the Johannes Kepler University Linz, Austria Diploma in Web Engineering: Web Engineering as a study program at the International Webmasters College (iWMC), Germany
Power cycling
Power cycling is the act of turning a piece of equipment, usually a computer, off and then on again. Reasons for power cycling include having an electronic device reinitialize its set of configuration parameters or recover from an unresponsive state of its mission critical functionality, such as in a crash or hang situation. Power cycling can also be used to reset network activity inside a modem. It can also be among the first steps for troubleshooting an issue. == Overview == Power cycling can be done manually, usually using the power switch on the device, or remotely, through some type of external device connected to the power input. In the data center environment, remote control power cycling can usually be done through a power distribution unit, over the network. In the home environment, this can be done through home automation powerline communications. Most Internet service providers publish a "how-to" on their website showing their customers the correct procedure to power cycle their devices. Power cycling is a common diagnostic procedure usually performed first when a computer system freezes. However, frequently power cycling a computer can cause thermal stress. Reset has an equal effect on the software but may be less problematic for the hardware as power is not interrupted. == Historical uses == On all Apollo missions to the moon, the landing radar was required to acquire the surface before a landing could be attempted. But on Apollo 14, the landing radar was unable to lock on. Mission control told the astronauts to cycle the power. They did, the radar locked on just in time, and the landing was completed. During the Rosetta mission to comet 67P/Churyumov–Gerasimenko, the Philae lander did not return the expected telemetry on awakening after arrival at the comet. The problem was diagnosed as "somehow a glitch in the electronics", engineers cycled the power, and the lander awoke correctly. During the launch of the billion dollar AEHF-6 satellite on 26 March 2020 by an Atlas V rocket from Cape Canaveral Space Force Station in Florida, a hold was called at T-46 seconds due to hydraulic system not responding as expected. The launch crew turned it off and back on, and the launch proceeded normally. In 2023 the Interstellar Boundary Explorer spacecraft stopped responding to commands after an anomaly. When gentler techniques failed, NASA resorted to rebooting the spacecraft with the remote equivalent of a power cycle.
NRD Cyber Security
NRD Cyber Security is a Lithuanian company that provides cybersecurity solutions, consulting, and other services. The organization specializes in CSIRT and SOC creation, modernization and training. It has helped to establish national and sectorial CSIRTs around the world, including countries, such as Bangladesh, Egypt, Bhutan, Kosovo, Malawi and others. NRD Cyber Security was found in 2013 to provide quality cybersecurity services to nations and organizations. In 2018 it was included in The Deloitte Technology Fast 50 in Europe list. In 2024 it was awarded the #98 place in MSSP Alert Top 250 world's managed security service providers. The company is a member of various cybersecurity organizations, such as Forum of Incident Response and Security Teams (FIRST), The Global Forum on Cyber Expertise (GFCE), Unicrons Lt. It is a strategic partner of The Global Cyber Security Capacity Centre (GCSCC) at University of Oxford.
TheFWA
FWA (Favourite Website Awards) is an international award platform that honors and rewards web designers, developers and agencies around the world for excellence within the field of web design and development. The FWA was founded in May 2000 by Rob Ford. In November 2012, The FWA was the most visited website award program in the history of the internet, with over 170 millions site visits. == Jury == The FWA jury is composed of more than 500 web professionals (200 women + 200 men) from 35 countries. == Awards granted == FWA of the Day (FOTD) : Every day, the FWA jury selects the best project, FWA of the Month (FOTM): Every month, the FWA jury selects the best project, People's Choice Award (PCA) : Every year, a public vote selects the people's favourite project, FWA of the Year (FOTY) : Every year, the FWA jury selects the best project. == Hall Of Fame == The FWA Hall of Fame was established in May 2007 (to celebrate the seventh anniversary of the FWA), as a recognition of web's greatest individuals and companies.