2. Choose wisely
- Many web applications are notorious for having vulnerabilities. Does it have a good security record? What’s the number of vulnerabilities it’s had in the last year and how fast were patches available? Securityfocus and Secunia are great resources to find out this information.
- What kind of permission system does my web application have? Can I set up access control lists or do I only have a single login? What happens if I need to give access to other staff members? Can I limit their access? These are some good questions you should be asking yourself - not all web applications are created equal in this area.

3. Keep your web applications up to date
- Unfortunately web applications are rarely “set and forget”. A web application can have a vulnerability from the time it was installed to the time that your web site is actually launched! Make sure that in your working agreement with your web development company that it includes a section for web site security upgrades and maintenance.
- If your domain doesn’t have a security related email address then start one (). Use this email address to subscribe to security related mailing lists concerning any web applications you run on your site.

4. Don’t be a target
- Don’t store credit card information. Most third party payment processors can handle most or all of the credit card transaction. This will put your customer’s mind at ease and there is no financial gain for a hacker to target you.
- Insist that version information is removed from your web pages. Content management systems are notorious for listing version information in the header or footer. Unfortunately this information gets parsed and stored by search engines. Malicious users can then write automated scripts to search that information to find your site.

5. Protect your logins
- Use a password manager. This will allow you to use very strong (non guessable) passwords. Keepass Password Safe is a great open source password manager for windows, OSX, and Linux
- Make sure that your administrative login pages are protected with a SSL certificate. Expensive SSL certificates are a thing of the past. 256 bit certificates can be purchased for as little as twenty dollars a year.
- If you’re office or home has a dedicated IP address then your server admin can limit login access to that specific IP address or corporate subnet.
- Don’t login to your web site from an un-trusted computer. You have no idea what kind of malicious programs are installed on that computer (key loggers, etc). Also make sure that your own computer is up-to-date and has a virus scanner installed.

Enable The Universe and Non-Free Multiverse Repositories
Ensure the relevant repositories are enabled. Click System -> Administration -> Synaptic Package Manager -> Settings -> Repositories and then click Add. Check the Community maintained (Universe)’ and Non-free (Multiverse) boxes. When you close the window, click Reload.

Grab the Ubuntu Edgy binary package

Install Required Packages

Install Optional Packages (enable mp3 support, ipod support, directory watching, clear button to filters , lyrics, better tray icon, etc.)

Install Exaile!

Run Exaile!

I have never seen such a comprehensive list of features in a validation plug-in before!

• HTML validator
• An accessibility validator
• A spelling validator
• A broken links validator
• The ability to take screenshots with different browsers to see what your web pages really look like (27 different browsers supported!).

It also has the ability to upload local pages to the total validator service (great if the web site isn’t actually live yet).

Note: They also offer standalone versions for windows and OSX and a “pro” version that can spider through and validate an entire site. The Firefox extension works well on Linux!

1. Basket Note Pads
Basket Note Pads is a multi-purpose note-taking application that allows you to keep all your notes in one centralized place (think Linux version of Microsoft OneNote). Basket Note Pads is a KDE application but its worth installing no matter what window manager you are using. Make sure to grab version 0.60 as it has a lot more features and bug fixes from previous versions.

2. Revelation Password Manager
Being a web developer / system administrator I have to deal with a lot of passwords every day. From MySQL connection strings, server credentials, CMS logins - the number of passwords are almost ENDLESS! Revelation Password Manager is a user friendly password manager for GNOME which allows you to store and retrieve all your passwords in one application (protected with a single master password). All passwords are stored in an AES Encrypted data file with cipher block chaining.

3. Exaile!
I wasn’t really happy with the default GNOME media players (namely Rhythmbox and Movie Player). After scouring the Internet I came across a little gem of a media player that suited all my needs. Exaile is basically GTk’s answer to AmaroK! It supports a multitude of plug-ins (album art fetching, lyrics fetching, last.fm support, mini-mode) It’s also being heavily developed and the main developer seems like a really nice guy! (Don’t take my word for it - join #exaile on FreeNode and give him a shout).

4. GnomeBaker
What can I say? GnomeBaker is one of the best no-nonsense CD / DVD burning applications around. It has a clean interface and it “just works” out of the box!

5. Eclipse PHP Integrated Development Environment
I was a long time PHP eclipse user and was pretty excited when Zend announced official support for the Eclipse Platform. The eclipse SVN plugin is great when working on projects with multiple developers. While still being heavily developed, it’s finally reached the point to be my primary IDE for PHP development.

6. AVG Antivirus
While Linux is pretty resistant to viruses I still like to scan my home folder every once in a while to make sure I haven’t picked up any nasties. AVG for linux workstation is a great Linux virus scanner for GTK+ 2.x. Note: While AVG isn’t open source, they do offer a free version for non-commercial use.

7. MySQL GUI Tools
MySQL has bundled all their GUI tools into one download. I’m really excited about MySQL workbench. MySQL workbench promises to be one of the best visual database modelers around. One note however: MySQL workbench is still in ALPHA! I had a co-worker blow out a database with just a few clicks and MySQL workbench.

8. Quanta Plus
Nvu and Bluefish can’t touch Quanta Plus. It pretty much beats every other Linux web development program out there.

9. VLC Media Player
VLC pretty much plays every format right out of the box. I use it in conjunction with this plug-in for Mozilla Firefox.

10. Xampp for Linux
XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. Xamp will install and setup (in a single subdirectory): Apache, MySQL, PHP & PEAR, Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm, zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl, FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client. It also has a nice GUI for managing Apache, MySQL, and ProFTPD.