2015-12-10

Do I need to remove the Server header from my HTTP responses?

You might have heard the recommendation that your web server should not return the Server header to reveal exactly what software is being used. It even says so in the RFC. Given how hard it was to remove the Server header when using .Net HttpListener you might wonder what is really the right thing to do here.

2015-12-03

Web service scale testing

When I say web service scale testing I mean testing to figure out how many instances of your service you need. This type of testing is really easy to explain but typically hard to get right.

2015-11-26

Yet another retrospective idea: Successes, Frustrations and Opportunities

During a training I was teaching recently we were talking about retrospectives and different ways to make them interesting. Afterwards one of the students came forward and suggested something interesting.

2015-11-19

Is logging raw HTTP requests ok?

When you are working on services that need to scale to millions of users you typically come to the conclusion that you will never be able to start a debugger on one of your live services. Instead you need instrumentation (also known as logging, tracing or diagnostics) to make sure you can figure out what went wrong. What I see happening a lot is that developers start logging the raw HTTP request to capture all data. And there are several problems with this approach...

2015-11-12

2015-11-05

Preventing DoS attacks with puzzles

So when a web service is getting too much traffic it starts returning the 503 status code. Well written services also return the Retry-After header hinting the client when it should come back again. Good behaving clients then respect that or will back-off by themselves to make sure the server is not getting too much traffic. However this is not enough if there are bad behaving clients in the mix. And how do you identify the bad behaving clients?

2015-10-29

Sprint forecast over commitment

Every team I've ever been on that did Scrum (or ScrumBut) have always used the term sprint commitment when it comes to describing the result of sprint planning. Commitment is however a bad word.

2015-10-22

What is the best time of day for stand-up meetings?

Daily stand-ups. Either you love them or you don't. I have tried a lot of different times of day for it and a lot of people wonder what is the best time to do it? But before I answer that I have to remind you that daily stand-ups is the daily planning meeting for the team - not a reporting meeting.

2015-10-15

Where does the Repository belong?

Historically I've always viewed repository objects as part of the storage layer fairly deep down. But I recently had an interesting discussion that made me realize I never really meant it to be that way.