Ok this one's not for everyone. What we did at goofball.com is to set up a user configurable spam filtering system based on a combination of rules and use of the RBL.
There is a simple web based front-end that allows users to add and modify rules for accepting or rejecting mail based on a variety of factors - all saved in the datbase. Things like checking the subject, to, from, or the body of an incoming email for the presense (or lack) certain strings is a simple example.
All of this is done is Perl using Mail::Audit of course. I know there's Spam Assassin, but this was a little more fun (and customizable) for us.
The final check is the Realtime Blackhole List. When we first implemented this solution, we noticed in the logs that almost everything was on the RBL (even mail from yahoo.com). In fact, our own server was on the RBL. We'd never sent spam before, but I'm sure our relay was open at one time or another.
Since the system is configured to look for "accept mail" rules first, the solution came down to adding "accept" rules for pretty much everyone we knew, so that mail from known parties would be accepted even if on the RBL.
So now I get no spam at all - ever. I get very little mail at all in fact. It's really analogous to having an unlisted phone number. It's not the perfect solution by any means, but I'll take it any day over slogging through literally hundreds of spam mails every day...
I thought it came from Baldur's Gate Throne of Bhaal. There's a little weird apprentice in the game who, if you let him, will rummage through your pack to see if he can find any items he can "upgrade" for you. During the course of this, he constantly says "oooooooh! Shiney!".
I may be off on what the other guy was referring to, but this is the only thing that immediately popped into my head when I read it.
They're arguably equal or (in most cases) superior to most other cards
They've always supported Linux
Installing a Geforce 4200i in my Mandrake box was a snap last year...
BTW - it was interesting to see the comment by Tim Sweeney of Epic Games (Unreal), who was applauding nVidia for their support of Linux. If we could only get all the gaming companies to pay as much attention to the Linux platform as the consoles or the PC, I could see the entire desktop shifting towards Linux next. Ok, well maybe I'm just dreaming...
Why not just whip out your portable DVD player out of your backpack and pop in the DVD right on the street just to make sure you're getting the real goods?
That's what I'd do (if I ever bought a DVD from a street guy, which I haven't yet).
One of Inpharmatica's competitors sends an IT person to "shop for" a Gateway PC.
"Ah yes, thanks Mr. Salesguy, but could you leave me alone with this floor model for a while? I want to get familiar with it before I buy it. Thanks".
Not sure, but anything other than a SETI type application (i.e. non-proprietary data not worth stealing) seems to present a problem here for a PC simply left on a showroom floor.
I could be wrong of course if the grid computing app is written pefectly, but will it?
The real problem is not which browser to use instead of IE, as there are several viable alternatives mentioned here (Mozilla, Opera, Galeon, etc.). The problem is the sheep who all use IE and will continue to do so.
Those of us who are in software development, particularly internet based, need to consistently support customers who use IE. This means we need to run IE ourselves for purposes of testing. And speaking of testing, another thing I dislike about IE is it appears to not expose errors in HTML (tables for example). This makes testing HTML generated by our systems even more difficult.
Of course, switching back and forth between browsers is easy enough, but I do admit to being lazy sometimes and just using IE instead of firing up good old Mozilla at work.
Well let's see. I was out of work at the end of 2001. It's a great feeling when you have a wife, 2 kids, and a mortagage. Fortunately, I was able to land a job after a month and a half with a fairly large company.
I was brought in to architect and deploy an ecommerce system. Did I have a staff? No. Could I contract out any of the development? No. It was like this - here's ONE server (running NT I might add), now go build us a system.
So I did. I wiped the machine clean, installed Linux, installed Perl and various libraries, Open SSL, mod_perl, Apache, and then compiled Apache with mod_perl and mod_ssl. I installed MySQL. I installed Tripwire and set up various accounts for people who needed to FTP graphics onto the machine.
Based on the user specs (not written, but vervbally communicated), I designed the entire database schema, wrote all the code for a web-based administration tool, and wrote all the code to launch the ecommerce system for external customers.
The system has been up and running for several months and bringing in over US $20K per day.
Do you think the company's cutting costs? One server and one person who acts as business analyst, system architect, system adminstrator, DBA, and lead developer. Ya think?
A more positive note: After close to a year, I've been granted additional resources (I was able to hire a junior developer) and additional servers. So maybe things are getting better???
Well I can certainly admit when I'm wrong. You're the first real person I've heard from (examples in XP books aside) that successfully practices peer programming. Not to say I haven't engaged in it on certain portions of projects for short periods of time, but I cannot fathom doing it as a full time practice.
I can see all the benefits, I just can't picture my impatient self sitting by watching someone code. It would be too frustrating!
Can Extreme Programming really be put into practice in the average workplace? Sure, it's clear from the case studies in the book that it has been, but I cannot imagine making strict use of all of it's principals in any software development shop I've been part of in my 15 years of experience.
The one thing I could never see anyone in upper management buying into (aside from the name Extreme Programming) is the concept of Peer Programming. Allocating two perfectly capable resources to one desk during all development time simply does not seem feasible (not to mention desireable) to me. How many of you true developers out there would like one of your co-workers over your shoulder the entire time you were writing code? Or better yet, how would you like to be relegated to being in the passenger seat and simply observing and offering verbal input to the development process? Not very many of you I'd imagine.
Extreme Programming does have quite a few refreshingly positive aspects to it however:
Come out with small releases and come out with them often. This keeps the customer very involved in the entire development process and goes a long to to ensuring they (a) get what they want out of the system and (b) take on a true partnership role in the project. This is especially helpful, since we all know that specs often will begin to change the minute they're committed to paper anyway.
Full testing of the entire system each time a release comes out. How many times has a small change in one area of the system ended up affecting another in some unexpected way? This concept takes care of that situation as well as gauranteeing comprehensive Q/A in general.
No fear of code refactoring. I love this one, because we all know what a pain in the ass it is to have to completely reengineer some piece of code or process that is in place and working, but is discovered to be unscalable or deficient in some way in regards to future use. Building around it only makes the situation worse though, doesn't it? Don't be afraid, rewrite it and make it right. There's usually no way of knowing everything a specific process may be called on to do from day one anyway.
We all own this code. The concept of all developers being able to work on any piece of the system makes much sense. I used to work in one shop where the brilliant mananger decided everyone would have one area of responsibilty, thus having him make statements to users like "Oh sorry the search engine is not working, but we can't get it fixed till tomorrow since Andy is out today and he is the Search Engine Guy". Everyone being able to change the communal code does require that you have a group of developers who are all competent of course - which is not always the case in the real world.
I guess my take on it is that you simply cannot apply the principals of Extreme Programming as a simple "black-and-white" practice. It's really got to be somewhere in the middle to make it work in the real world...
If this is so easy to do, why haven't the various consumer electronics manufacturers shipped DVD players with a hard drive on board?
It would certainly be an advantage to be one of the first to market with something like this, not to mention the hordes of geeks (like myself) who would be compelled to go out and get one immediately.
When I first heard about this "virus", I must admit my sphincter clenched up a bit, being responsible for more than a few Open SSL ecommerce servers (and just having started a week off from work to boot). But after a looking into it for about 10 seconds, I realized I was ok since I upgraded in July.
Am I missing something here or are the people that did get affected by this people who simply ignored the July warning?
Really - the bat was the coolest part of the game in some ways. It introduced a purely random element to the game.
Remember he'd fly up and forcibly "trade" whatever object he had with yours? The worst was having your sword taken and being handed a dragon.
Or how about if the dragon ate you and you were in his stomach just as the bat came along and grabbed the dragon? So just as the game ended, you'd be watching yourself fly around the dragon's belly as the bat carried the dragon from screen to screen...
All that fun and your character was a friggin square that you moved around the screen. Go figure!
With all of the TRUE real life stories about hacking and the "cyberpunk" culture out there - why on earth would anyone need to spend time reading about something that never happened?
Of course I do appreciate good fiction now and then, but when it comes to anything computer related, I'd rather "keep it real". If we wanted fiction about computers or the internet, we need only to look at any movie where some "hacker" is prompted by some giant GUI password dialog box and after a few tries he cries "I'm in" after "hacking" his way into the "system".
Try Paul Taylor's Hackers before spending your time on this...
First off, as someone already mentioned, 2 am is not "up all night". On the weekends, I'll usually get in around 2 am and then start gaming till the birds chirping make me feel guilty and go to bed.
The best drink to stay up - Red Bull. It will snap you to it real quick - ready to get your Quake on (anyone remember CTF Creeper) or of course Counterstrike. Red Bull tastes just like carbonated Sweet Tarts and has a great way of counteracting the effects of alcohol when you need to.
I've also heard that a couple of THC laden cookies will high-ten your mind set for a long night of gaming as well;-)
When I was back in high school, I was in the "advanced math class", which was a hard core algebra course in freshman year. I went to an all boys Catholic high school and our teacher for this course happened to be the most insane teacher I've ever had.
He was the epidemy of a geek - short, skinny, coke bottle glasses, greasy black hair. He was a "brother" (not a priest, but someone pretty much living by the same rules) and wore the long black robe. He was brilliant and spoke at a hundred miles an hour.
We learned algebra out of pure fear, because you see, he would physically punish those who made it clear that they weren't paying attention or didn't do their homework. He'd box people's ears in, pull hair, grab you by the back of your neck, knock your desk over with you in it. I'd even seen him punch a kid in the chest and heard the infamous story of how he'd thrown a kid out the first floor window into the snow. I'd tell my mother that Brother McCaully dragged me to the blackboard by my earlobe and she'd say "good, you must have deserved it". There was little anyone could do about it (and this was not the 50's, it was the late 80's).
But we didn't need fear to learn of course. At least I didn't. The big complaint I've heard from people about algebra (and all it's silly trains going in different directions type problems) was "when will I use this in real life?" Well, all anyone could have told me at the time was that algebra is the quintessential skill to mastering computer programming and software development. Without a strong base in algebra, you really cannot be successful as a programmer.
I've since gone back to my old high school for Career Day. I gave a talk to about 50 of the 400 graduating seniors who wanted to go into software development. I explained the importance of algebra as well as the other applicable fields of math, but made it especially clear that if they didn't like algebra, they might want to choose another related field in computers aside from programming. Of course when I asked for a show of hands, 95% of them wanted to be games developers (which too is what had darwn me into programming back when I was 10 years old), but explaining the reality of the chances of success in that sector of the market was difficult. They'll learn on their own just like everyone else...
BTW - It seems that good old Brother McCaully, the violent nerd, had since been forced to "retire from teaching in order to write textbooks" after one too many a violent incident.
When will companies that make MP3 players realize that no matter how light they make them or how many features they add - that 32, 64, or even 96 MB is not going to cut it for anyone remotely serious about music.
Why carry a device that allows you to listen to roughly one (maybe two) CD's worth of music.
I know it's heavier (after all it is a hard drive), but solutions like the Archos Jukebox with 20 GB are so much more appealing. It hold approx. 500 CDs worth of music in MP3 format and it doubles as a portable USB hard drive, allowing you to store and transport any size/kind of file. And you can use it with a standard cassette adapter if you are so inclined. And obviously, there's the iPod which I hear nothing but greatness about.
Sorry to sound like a music snob or something, but I just don't understand who is buying all these MP3 players with such limited space. What is the point?
I read this article in print a while ago and found it interesting for sure (and yes fluffy since the tech details never went quite deep enough).
It was particularly interesting to me since we at Goofball.com went through the exact same process a while back ourselves. We initially were a free site and at our peek were doing close to a million pageviews a day - not including the Apache requests for video downloads (that amount to like 500 GB per month in bandwidth). We were actually leasing 7 Linux boxes (3 running HTML::Mason dynamic content servers, 3 plain Apache image servers, and a MySQL DB server) and paying through the nose for them due to the bandwidth. However, back in the good old days of the CPM advertising model, we were making plenty to afford the costs.
We were of course f----d when the "new economy" came to bear and we suddenly had no income for close to a year. Good thing we saved all that money we made on ad banners. We were eventaully forced to either close it all down or move to a payment model. We polled our viewers and decided to try the payment model based on their feedback.
The site is now 80% pay / 20% free. We're not just charging for access to specfic areas of content, but for the actual utility provided for by the site's various personalization services. We also decided that micropayment were not feasible. Can you imagine the headache of tracking pennies for pageviews and the associated overhead of dealing with people's questions/complaints about charges to their credit cards? A yearly fee of $19.95 (or a nickel a day) was the way we went and you know what - it actually saved the site.
Granted, traffic is at 10% of what it was, but that allowed us to drop off a few machines from the server farm and thus reduce costs further - keeping us slightly in the black each month.
HTML::Mason is the key to the site's success for sure. We can provide dynamic content on the fly pulled from the database, but a key element of the delivery machanism is Mason's built in caching. Only the first page request for a given URL (that uses the DB) actually requests the data from the database - subsequent requests are pulled from a GDBM replica of the DB's content that was cached by the first request. Mason also provides us with the ability to maintain a persistent DB connection during the life of the Apache daemon. Additionally, the same Apache/mod_perl/Mason binary also listens for requests on port 80 and 443 for SSL requests. All credit card transactions are handled through a Mason enabled API gateway. All of our back-end tools are HTML::Mason as well.
I didn't really get the part about "needing Java/JSP" in the Salon.com story. It sounded to me more like the author was not really in touch with the particulars of the technology at hand and was just repating what reasons he may have been given by the development team (who may have been looking to learn something new for the sake of it). I just came from a job where a decision was made to "go with a Java solution" simply because of the name of the programming language more than any other factor. I have nothing againsts Java believe me, but I'm so tired of buzzwords being used to influence decisions that are actually in dire need of pure business and software logic instead.
I'd encourage everyone - if they haven't already - to have a look at HTML::Mason. And also, for a good diversion, take a look at Goofball.com.
Well, unfortunately I have to disagree with Perl not being ecommerce suitable. Your issues likely stemmed from your choice of SSL library. We went with Apache, mod_perl, and Raven SSL in our Apache build. The ecommerce provider we use, Linkpoint, actually provides a.pm file as an API to their payment gateway. It was embarassingly easy to set up.
We also use HTML::Mason - the best mod_perl add on period.
Granted, we're not handling the volume of transactions as an eToys.com, but we use an extremely similar hardware configuration and have been running successfully without issue for quite some time.
I cannot recommend Raven's SSL and HTML::Mason enough.
Also realize that Echelon - even if it does exist and is fully functional - is likely not prepared to effectively deal with steganographic methods of communication reportedly being employed by certain key individuals.
Slashdot Mirror
There is a simple web based front-end that allows users to add and modify rules for accepting or rejecting mail based on a variety of factors - all saved in the datbase. Things like checking the subject, to, from, or the body of an incoming email for the presense (or lack) certain strings is a simple example.
All of this is done is Perl using Mail::Audit of course. I know there's Spam Assassin, but this was a little more fun (and customizable) for us.
The final check is the Realtime Blackhole List. When we first implemented this solution, we noticed in the logs that almost everything was on the RBL (even mail from yahoo.com). In fact, our own server was on the RBL. We'd never sent spam before, but I'm sure our relay was open at one time or another.
Since the system is configured to look for "accept mail" rules first, the solution came down to adding "accept" rules for pretty much everyone we knew, so that mail from known parties would be accepted even if on the RBL.
So now I get no spam at all - ever. I get very little mail at all in fact. It's really analogous to having an unlisted phone number. It's not the perfect solution by any means, but I'll take it any day over slogging through literally hundreds of spam mails every day ...
I may be off on what the other guy was referring to, but this is the only thing that immediately popped into my head when I read it.
They're arguably equal or (in most cases) superior to most other cards
They've always supported Linux
Installing a Geforce 4200i in my Mandrake box was a snap last year ...
BTW - it was interesting to see the comment by Tim Sweeney of Epic Games (Unreal), who was applauding nVidia for their support of Linux. If we could only get all the gaming companies to pay as much attention to the Linux platform as the consoles or the PC, I could see the entire desktop shifting towards Linux next. Ok, well maybe I'm just dreaming ...
Now come on, that was a cool show. Anyone remember it?
Did I just date myself on that reference or what?
That's what I'd do (if I ever bought a DVD from a street guy, which I haven't yet).
"Ah yes, thanks Mr. Salesguy, but could you leave me alone with this floor model for a while? I want to get familiar with it before I buy it. Thanks".
Not sure, but anything other than a SETI type application (i.e. non-proprietary data not worth stealing) seems to present a problem here for a PC simply left on a showroom floor.
I could be wrong of course if the grid computing app is written pefectly, but will it?
Now maybe Microsoft can do for Linux what it has done for Java!
Those of us who are in software development, particularly internet based, need to consistently support customers who use IE. This means we need to run IE ourselves for purposes of testing. And speaking of testing, another thing I dislike about IE is it appears to not expose errors in HTML (tables for example). This makes testing HTML generated by our systems even more difficult.
Of course, switching back and forth between browsers is easy enough, but I do admit to being lazy sometimes and just using IE instead of firing up good old Mozilla at work.
M$ - counting on our laziness ...
I was brought in to architect and deploy an ecommerce system. Did I have a staff? No. Could I contract out any of the development? No. It was like this - here's ONE server (running NT I might add), now go build us a system.
So I did. I wiped the machine clean, installed Linux, installed Perl and various libraries, Open SSL, mod_perl, Apache, and then compiled Apache with mod_perl and mod_ssl. I installed MySQL. I installed Tripwire and set up various accounts for people who needed to FTP graphics onto the machine.
Based on the user specs (not written, but vervbally communicated), I designed the entire database schema, wrote all the code for a web-based administration tool, and wrote all the code to launch the ecommerce system for external customers.
The system has been up and running for several months and bringing in over US $20K per day.
Do you think the company's cutting costs? One server and one person who acts as business analyst, system architect, system adminstrator, DBA, and lead developer. Ya think?
A more positive note: After close to a year, I've been granted additional resources (I was able to hire a junior developer) and additional servers. So maybe things are getting better???
I can see all the benefits, I just can't picture my impatient self sitting by watching someone code. It would be too frustrating!
Thanks for the reply though ;-)
The one thing I could never see anyone in upper management buying into (aside from the name Extreme Programming) is the concept of Peer Programming. Allocating two perfectly capable resources to one desk during all development time simply does not seem feasible (not to mention desireable) to me. How many of you true developers out there would like one of your co-workers over your shoulder the entire time you were writing code? Or better yet, how would you like to be relegated to being in the passenger seat and simply observing and offering verbal input to the development process? Not very many of you I'd imagine.
Extreme Programming does have quite a few refreshingly positive aspects to it however:
Come out with small releases and come out with them often. This keeps the customer very involved in the entire development process and goes a long to to ensuring they (a) get what they want out of the system and (b) take on a true partnership role in the project. This is especially helpful, since we all know that specs often will begin to change the minute they're committed to paper anyway.
Full testing of the entire system each time a release comes out. How many times has a small change in one area of the system ended up affecting another in some unexpected way? This concept takes care of that situation as well as gauranteeing comprehensive Q/A in general.
No fear of code refactoring. I love this one, because we all know what a pain in the ass it is to have to completely reengineer some piece of code or process that is in place and working, but is discovered to be unscalable or deficient in some way in regards to future use. Building around it only makes the situation worse though, doesn't it? Don't be afraid, rewrite it and make it right. There's usually no way of knowing everything a specific process may be called on to do from day one anyway.
We all own this code. The concept of all developers being able to work on any piece of the system makes much sense. I used to work in one shop where the brilliant mananger decided everyone would have one area of responsibilty, thus having him make statements to users like "Oh sorry the search engine is not working, but we can't get it fixed till tomorrow since Andy is out today and he is the Search Engine Guy". Everyone being able to change the communal code does require that you have a group of developers who are all competent of course - which is not always the case in the real world.
I guess my take on it is that you simply cannot apply the principals of Extreme Programming as a simple "black-and-white" practice. It's really got to be somewhere in the middle to make it work in the real world ...
G Force
The fiery Phoenix
Battling Zoltar
crazy robotic enemies
Oh man - I loved that show.
It would certainly be an advantage to be one of the first to market with something like this, not to mention the hordes of geeks (like myself) who would be compelled to go out and get one immediately.
Open SSL Security Advisory from July
When I first heard about this "virus", I must admit my sphincter clenched up a bit, being responsible for more than a few Open SSL ecommerce servers (and just having started a week off from work to boot). But after a looking into it for about 10 seconds, I realized I was ok since I upgraded in July.
Am I missing something here or are the people that did get affected by this people who simply ignored the July warning?
Remember he'd fly up and forcibly "trade" whatever object he had with yours? The worst was having your sword taken and being handed a dragon.
Or how about if the dragon ate you and you were in his stomach just as the bat came along and grabbed the dragon? So just as the game ended, you'd be watching yourself fly around the dragon's belly as the bat carried the dragon from screen to screen ...
All that fun and your character was a friggin square that you moved around the screen. Go figure!
God that brings back memories.
Of course I do appreciate good fiction now and then, but when it comes to anything computer related, I'd rather "keep it real". If we wanted fiction about computers or the internet, we need only to look at any movie where some "hacker" is prompted by some giant GUI password dialog box and after a few tries he cries "I'm in" after "hacking" his way into the "system".
Try Paul Taylor's Hackers before spending your time on this ...
The best drink to stay up - Red Bull. It will snap you to it real quick - ready to get your Quake on (anyone remember CTF Creeper) or of course Counterstrike. Red Bull tastes just like carbonated Sweet Tarts and has a great way of counteracting the effects of alcohol when you need to.
I've also heard that a couple of THC laden cookies will high-ten your mind set for a long night of gaming as well ;-)
He was the epidemy of a geek - short, skinny, coke bottle glasses, greasy black hair. He was a "brother" (not a priest, but someone pretty much living by the same rules) and wore the long black robe. He was brilliant and spoke at a hundred miles an hour.
We learned algebra out of pure fear, because you see, he would physically punish those who made it clear that they weren't paying attention or didn't do their homework. He'd box people's ears in, pull hair, grab you by the back of your neck, knock your desk over with you in it. I'd even seen him punch a kid in the chest and heard the infamous story of how he'd thrown a kid out the first floor window into the snow. I'd tell my mother that Brother McCaully dragged me to the blackboard by my earlobe and she'd say "good, you must have deserved it". There was little anyone could do about it (and this was not the 50's, it was the late 80's).
But we didn't need fear to learn of course. At least I didn't. The big complaint I've heard from people about algebra (and all it's silly trains going in different directions type problems) was "when will I use this in real life?" Well, all anyone could have told me at the time was that algebra is the quintessential skill to mastering computer programming and software development. Without a strong base in algebra, you really cannot be successful as a programmer.
I've since gone back to my old high school for Career Day. I gave a talk to about 50 of the 400 graduating seniors who wanted to go into software development. I explained the importance of algebra as well as the other applicable fields of math, but made it especially clear that if they didn't like algebra, they might want to choose another related field in computers aside from programming. Of course when I asked for a show of hands, 95% of them wanted to be games developers (which too is what had darwn me into programming back when I was 10 years old), but explaining the reality of the chances of success in that sector of the market was difficult. They'll learn on their own just like everyone else ...
BTW - It seems that good old Brother McCaully, the violent nerd, had since been forced to "retire from teaching in order to write textbooks" after one too many a violent incident.
When will companies that make MP3 players realize that no matter how light they make them or how many features they add - that 32, 64, or even 96 MB is not going to cut it for anyone remotely serious about music. Why carry a device that allows you to listen to roughly one (maybe two) CD's worth of music. I know it's heavier (after all it is a hard drive), but solutions like the Archos Jukebox with 20 GB are so much more appealing. It hold approx. 500 CDs worth of music in MP3 format and it doubles as a portable USB hard drive, allowing you to store and transport any size/kind of file. And you can use it with a standard cassette adapter if you are so inclined. And obviously, there's the iPod which I hear nothing but greatness about. Sorry to sound like a music snob or something, but I just don't understand who is buying all these MP3 players with such limited space. What is the point?
just so I can see what happens when it attempts to install the software equivalent of genital warts on my Linux box.
Now your life will be move up to a whole new level. Marraige gets better every day - as long as you put as much positive energy into it as you can.
;-)
Plus it certainly doesn't hurt that your fiancee is a hottie
Congrats -
It was particularly interesting to me since we at Goofball.com went through the exact same process a while back ourselves. We initially were a free site and at our peek were doing close to a million pageviews a day - not including the Apache requests for video downloads (that amount to like 500 GB per month in bandwidth). We were actually leasing 7 Linux boxes (3 running HTML::Mason dynamic content servers, 3 plain Apache image servers, and a MySQL DB server) and paying through the nose for them due to the bandwidth. However, back in the good old days of the CPM advertising model, we were making plenty to afford the costs.
We were of course f----d when the "new economy" came to bear and we suddenly had no income for close to a year. Good thing we saved all that money we made on ad banners. We were eventaully forced to either close it all down or move to a payment model. We polled our viewers and decided to try the payment model based on their feedback.
The site is now 80% pay / 20% free. We're not just charging for access to specfic areas of content, but for the actual utility provided for by the site's various personalization services. We also decided that micropayment were not feasible. Can you imagine the headache of tracking pennies for pageviews and the associated overhead of dealing with people's questions/complaints about charges to their credit cards? A yearly fee of $19.95 (or a nickel a day) was the way we went and you know what - it actually saved the site.
Granted, traffic is at 10% of what it was, but that allowed us to drop off a few machines from the server farm and thus reduce costs further - keeping us slightly in the black each month.
HTML::Mason is the key to the site's success for sure. We can provide dynamic content on the fly pulled from the database, but a key element of the delivery machanism is Mason's built in caching. Only the first page request for a given URL (that uses the DB) actually requests the data from the database - subsequent requests are pulled from a GDBM replica of the DB's content that was cached by the first request. Mason also provides us with the ability to maintain a persistent DB connection during the life of the Apache daemon. Additionally, the same Apache/mod_perl/Mason binary also listens for requests on port 80 and 443 for SSL requests. All credit card transactions are handled through a Mason enabled API gateway. All of our back-end tools are HTML::Mason as well.
I didn't really get the part about "needing Java/JSP" in the Salon.com story. It sounded to me more like the author was not really in touch with the particulars of the technology at hand and was just repating what reasons he may have been given by the development team (who may have been looking to learn something new for the sake of it). I just came from a job where a decision was made to "go with a Java solution" simply because of the name of the programming language more than any other factor. I have nothing againsts Java believe me, but I'm so tired of buzzwords being used to influence decisions that are actually in dire need of pure business and software logic instead.
I'd encourage everyone - if they haven't already - to have a look at HTML::Mason. And also, for a good diversion, take a look at Goofball.com.
Well, unfortunately I have to disagree with Perl not being ecommerce suitable. Your issues likely stemmed from your choice of SSL library. We went with Apache, mod_perl, and Raven SSL in our Apache build. The ecommerce provider we use, Linkpoint, actually provides a .pm file as an API to their payment gateway. It was embarassingly easy to set up.
...
We also use HTML::Mason - the best mod_perl add on period.
Granted, we're not handling the volume of transactions as an eToys.com, but we use an extremely similar hardware configuration and have been running successfully without issue for quite some time.
I cannot recommend Raven's SSL and HTML::Mason enough.
Jusy my 2 cents
Check this: Wired Article