I am kind of scared of filling billing information on the Heroku website because of the automatic billing option in case I forget to remove an account.
Help me with your experience.
If you're still on free tier, it will not charge you. When I upgraded to hobby, I was only charged for how often the service was used (often less than $7). They were very honest - I have had no problems with Heroku. If you elaborate on your concerns, maybe I can provide a more tailored response.
You can stop charging at any time. If you're looking for specific information on how to remove your card/billing information, thus reducing down to the free tier you can change your dyno type in "Resources" on the Heroku web app.
Related
I want to integrate Stripe, PayPal or Braintree into django project, and I want to use 'django-rest-framework`, now I'm confused about one thing and that is - Should I "touch" my database?
What I mean, I want only to charge once to my customers, it's a fee and nothing more, so should I touch 'db' or not? I'm afraid it will distort PCI Compile way of handling things. I don't know where to start beside documentation for those mentioned payments systems.
Can someone help me understand what are best practices for one time payment.
(Disclaimer: I'm a Stripe employee, so I'll only talk about Stripe here.)
Stripe makes it easy to be PCI compliant. With a proper integration, you will never have access to your customers' payment information.
A typical payment flow with Stripe can be divided in two steps:
Collect the customer's payment information, using the prebuilt Checkout form, or a form of your own using Stripe.js.
In both cases, the card information is sent directly from the customer's browser to Stripe's servers, which return a card token. You then send this token to your backend.
On your backend, you use the token to create a charge.
The token represents a card, but hides the PCI sensitive information (i.e. the whole card number and the CVC) from you.
You can find a simple tutorial for creating charges here.
If you don't plan on charging the same customer multiple times (or if you don't mind asking them to provide their card information every time), then you don't necessarily need to store anything in your own database. When you create the charge, you will be immediately informed of the result (success or failure) and can take the necessary actions.
I guess you solved the problem.
On top of that, I wanna add some information about PayPal payments when working a REST API(DRF) and a frontend server.
In this case, you can use both servers to work to secure your transactions, how?
The frontend server will take care of displaying the PayPal checkout buttons, and creating an Order in the Paypal Servers when the order has gone through. And the backend server will check the validity of the order created in the PayPal servers (using an order ID passed from the frontend after the payment has gone through), and update the database based on the PayPal response to that.
Now you could simply update your database when the payment is successful, but that would cause a security issue: people can send requests to update the database without even going through the payment.
Here is an illustration of this:
Full tutorial: https://www.kowe.io/projects/accept-paypal-payments-in-your-vuejs-and-drf-app/
I have developed a python program that parses a webpage and creates a new text document with the parsed data. I want to deliver this new information to the web. I have no idea where to start with something like this. Are there any free options where I can have a site automatically call this python code upon request and update the new data to its page? Or is the only feasible solution here to have my own website/server that uses my code? I'm honestly pretty overwhelmed with many of the options when I try to begin doing a web-search for a solution like this. I have done a decent amount of application programming before so i'm confident in my ability to learn new things, but web protocols are all new to me so its hard to find a starting point.
Ultimately I want this python code to run automatically, or per request of a user, and deliver to the data to them. It could even be through an email, although that is probably less practical.
I personally have good experience using Google Appengine (and its free for a limited amount of requests). The downside is that it does not allow C-extensions or Python3.
If you want to host your own server, tornado is a good option I think. Tornado supports both Python2 and Python3.
There are a great deal of options available.. from 'traditional' virtual server or website hosts like a2hosting or godaddy to 'Cloud Application Hosts' such as Amazon EC2, Heroku or OpenShift.
For your case, and without knowing more, I would suggest that an application hosting is more appropriate, and that you should take a look at Heroku and Openshift in particular.
Define carefully what you want to achieve (how the users access your application, what they see, how they interact with it... etc..) and then evaluate these options based on those requirements.
Most offer a free trial, or even free services, depending on what you need! Good luck
If you've never worked with web technologies before this will be a overwhelming task, since there's a lot of different technologies involved, and many possible ways to combine them.
You'll probably want to start by familiarizing yourself with the very basics of the HTTP protocol.
Then you should read a bit on CGI server-side programming (the article also has a quick overview on HTTP).
Python can run both on CGI and WSGI (if the server provider allows such access), so you may also want to read about WSGI.
Once you grasp all these concepts, you should check this question for actual python techniques.
Also, since you seem to be under the impression you must pay to have a website/app deployed, you should know there are companies that host python apps for free
Say I have code written in python that analyzes files on my computer and returns a result. It works great locally on my HD, but now I'd like to turn it into a mobile app. This means I'll require a server of some kind (cloud for instance) where users can access it.
It is my understanding that all that would be required is a method to grant user credentials and permissions to the patrons so they can access the "run" command in my analysis program. But honestly, I have no ZERO visibility in this area and don't really know where to begin.
I only have two questions:
Users & their credentials are endless, but they all have to share the same analysis program. I don't know much about servers, but wouldn't this method cause long queue times? Generally-speaking what considerations would I have to make in my analysis code to avoid this?
Can someone just point me in the direction of what I'd need to learn in order to answer the above question? This topic is a bottomless pit of information and I don't wanna get trapped.
Thanks.
Django is an MVC Web framework which possesses all features required for doing Web applications with Python. Simply go through the tutorial and you should be up and running in no time, on your local machine.
To deploy there are various options, be it a cloud instance (a lot of providers here, including Rackspace and Amazon, Google for "django web hosting"), or "traditional" server machines (again a lot of providers here).
The "mobile" part is just the user interface. This affects decisions in the presentation part of your application, and you can restricted this to the View part in Django jargon (i.e. the HTML templates) of your Web application. You can look for frameworks which allow the production of aesthetically decent (or better) user interfaces HTML tailored for mobile/tablet devices, e.g. JQueryMobile.
Therefore direction: start with Django -> deploy on a server "somewhere" -> tailor your user interface for mobile devices.
I am thinking about implementing resource throttling in my application in google app engine.
My idea is checking whether I am running out of resources (for example, bandwidth) and disabling part of the website, using the final part of the available daily traffic to inform the user that the site is running in a "resources saving" mode.
I read the GAE documentation, but I just found that if I run out of traffic, it directly returns HTTP 403.
Is there a way to make my python application aware of the used resources and to try not to be so rude with my users?
Unfortunately this is not possible, there is no API that you can use for this.
Looking at the App Engine roadmap there is no such feature coming along any time soon.
The only thing i can recommend is you sign up for billing and recieve the 50$ free quota, it's here till 31 october. You can enable billing and disable it and keep the free 50$!
Hope this helped.
I'm in a rather peculiar situation right now. To make a long story short, I'm part of a (real life) volunteer organization of about 2000 members. Our current website was built and maintained by a member who is no longer part of the organization (he quit). Unfortunately, he was the only one that actually had access to the server, and hasn't been cooperative in handing over the reigns to someone else after he left. As a result, myself and a small team of people have been working on creating a new website for ourselves from scratch. The data on the original website would be awesome to have for the new one, so without direct access to the database we have been screen-scraping what we need.
Which brings me to my current conundrum. The screen-scraping script I was using was being really slow, so I had the brilliant (not) idea of parallelizing it. I assumed the bottleneck was caused by my slow internet, so I foolishly decided to run 250 threads at once. After I tried that, the web server mysteriously went down and hasn't gone up since (it's been about 30 minutes now).
I'm not any kind of hacker or security expert, but I'm pretty sure I just accidentally caused a Denial of Service attack on the server. Which brings me to my question - assuming the owner of the website does nothing to help us, will the server come back to life of its own accord? (it's being hosted by Django on Linode if that matters). How do websites typically recover from DoS attacks? Have I potentially misdiagnosed what's going on, and could there be an alternative explanation? Or is the website lost forever?
Edit: All 250 of the requests were simple http requests going to pages within the Django admin panel if that changes anything.
More than likely the system is not truly down for good, unless the guy might have gotten pissed or the hosting provider, etc disabled it due to the traffic load. But there are a number of things to think of. But 250 connections isn't that much load, even for a shared hosting account, unless you were just flooding the server with requests.
Depending on what technology is used, there are a number of things that "could" have happened.
You could have simply hit throttling limits on the webserver side for queuing, etc, that might need the application to restart. This could be automatic after a period of time or need intervention from the hosting provider.
You could have overloaded the application and had it use too much memory where it was forcefully shut down. Some hosting providers will do this, but typiclaly provider for small windows of time and will allow the application to start back up. (Give it an hour or so)
You could have pushed it over the monthly limit for bandwidth, in that case, it could be down until the next billing cycle...
WIthout knowing the hosting provider or environment these are just guesses.
I would strongly recommend though turning off your scraper!
You should stop your screen-scraping software if you have not already.
Depending on what part of the system is down (Either the database, the server, the network or all), there is a chance it will recover by itself when the loads come back down.
If your application cannot sustain 250 simultaneous connections, you will want to investigate why. The culprit is usually database load (no indexes, un-optimized queries).
Linode could also have restrictions in place to limit how much bandwidth can be used within a certain period of time. You should probably contact them (or whoever is in charge).