http://fscked.org/blog/fully-automated-active-https-cookie-hijacking a note from security ppl that session/login cookies that normally delivered via https have to be explisidly marked as “secure” so they only delivered via https. Otherwise bad ppl can hijack them.
http://projects.leisink.org/hiawatha Hiawatha is a webserver for Unix. It has been writting with ‘being secure’ as its main goal.
http://msdn.microsoft.com/en-us/library/aa479313.aspx the subj. soluton creates COM object in .net that then is used by classic ASP to store sessions. ASP.net object stores session in SQL database
http://code.reddit.com/ Interesting to look when u have a time. PS: looks like they are using git and found a way to integrate it into Trac, which is pretty cool
http://blog.emmettshear.com/post/2008/03/03/Dont-use-Pound-for-load-balancing another evidence that if u need a loadbalancer – ngnix is the answer these days [and maybe perlball]
http://www.infoq.com/articles/ebay-scalability-best-practices the subj says it. good article
http://search.cpan.org/~ceeshek/Apache2-UploadProgress-0.2/lib/Apache2/UploadProgress.pm module that allows u to make upload progress bars
http://blogs.gnome.org/jamesh/2007/11/26/openid-ax/ notes about what is Attribute Exchange (ax) in OpenID
http://www.cl.cam.ac.uk/~sjm217/papers/protocols08cookies.pdf [yet another one] proposal for secure session cookies
http://marc.info/?l=apache-modperl&w=2&r=1&s=threads%3A%3Ashared&q=b Links to some discussions and code samples, if you need to implement ‘use Threads’ in mod_perl apache (prefork MPM )