Woto is a white-label platform for creating, curating and sharing content. It comprises
Here is what the tech stack looks like:
Woto's flagship text editor is so simple to use that in 3 clicks and a few seconds users can publish their articles, blog posts, documents, etc. on the web.
Perfect for desigining pages, Woto's Design Editor is very simple yet very powerful; in fact, this page was designed using the design editor.
Perfect for creating pages on the go. Woto offers one of the simplest, yet most powerful, ways of mobile publishing.
We have guidelines for creating templates for both Text and Design editors.
Developers can use the tools below to code widgets and test how they behave in Woto Editors and the live environment
Woto comes with two dozen widgets out of the box
Woto widgets can connect to external data sources.
Say you run a travel site with an image database of destinations, and you would like to build a UGC community with Woto, you could build a Widget that allows users to pick images from your database and use on their Woto pages.
Here is a live example. The Restaurant Menu widget on the demo page below gets its data from this page on Hungry House.
Users can create collections and put both their and other users' pages in them. It is a very flexible and powerful way to organise content.
In Woto, users cannot follow other people, but they can follow others' collections. This is an extremely powerful tool for building communities around content.
When you create a new page and put it in a collection, the followers of that collection get a notification. They don't have to rely on noticing a post about it on social media any more.
Every user gets a profile, which makes it very easy to see the collections and pages that they have created and the collections they follow.
Woto works on a standalone domain name, so you could have community.yourcompany.com for example.
All the logos and colours in the system can be customised to fit in with your brand identity.
Want the system to say "article" instead of "page"? No problem. You can change every single word in Woto using our localisation tool.
You can change the design of your Woto instance homepage as you wish, still keeping the collection / page / user featuring functionality.
Each app instance on the Woto platform is fully cusomisable
You get a quick overview of the user activity in the system.
Woto Administration Portal also allows you to moderate content and manage pages flagged as inappropriate by users.
Users and Pages
You can search/filter your entire user-base and user-generated content.
You can manage the template(s) your users get. You can also customise the emails sent out to users.
The Admin Portal uses two-factor authentication for increased security.
Each App Instance gets an Admin Portal for content moderation and reporting
Woto has a Service Oriented Architecture so there is an endpoint for every OPERATION
You need to be logged in to Woto to access the API documentation.
WOTO COMPRISES VARIOUS CLOUD SERVICES, ALL HOSTED ON mICROSOFT aZURE
We use Pingdom to monitor our service availability. Thanks to the above setup, we have been running at > 99.95% availability since September 2014.
Auth: Woto runs an OAuth2 server.
Background services: Page views are logged into Table Storage. Worker Roles periodically crawl through social media sites to capture share-count of pages (shares, comments, likes, tweets, etc), store this data in Table Storage, and generate denormalised reports in SQL Server from this data. We also use Worker Roles for third party services, such as language detection, content tagging, DNS look-ups, etc.
CDN: Woto has implemented its own CDN on Azure, hosting static files as well as User files, which are stored in Blob Storage and served through the CDN Web Role.
Admin Portal: (Not Shown Above) There are dedicated Web Roles for the Admin Portal to allow redundant bandwidth for content moderators and system admins.
Azure allows Woto to be – in Microsoft’s words – a “highly-available, infinitely scalable application”. Azure handles the application deployment details - from provisioning and load balancing to health monitoring for continuous availability, so that we can focus on Woto and not the infrastructure. Microsoft backs their claims by an industry leading 99.95% monthly SLA. All of this helps to significantly reduce our maintenance costs for not a lot more than our in-house hosting costs.
Woto database and web applications are replicated automatically by Azure. For disaster recovery, Azure can further replicate the entire Woto system, with all its already replicated websites and databases, in six geographical locations around the world. This enables Woto to comply with local legislation such as the European Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. The data centres are located at:
Woto uses the SSDM Visual Studio plugin from Sibilo where code and database are automatically created/updated from UML diagrams. This creates a unified coding culture across the dev team which in return allows code continuity and increases reliability.
The licensing information for the 3rd party libraries utilised by Woto can be found here.
The threats mitigated by Windows Azure at the infrastructure layer are port scanning / service enumeration, denial of service (DoS), spoofing, eavesdropping / packet sniffing, and multi-tenant hosting and side-channel attacks. See the Security Best Practices For Developing Windows Azure Applications document for details on how Azure handles these threats.
Azure also has built in data security features including automatic patches and updates, as well as PaaS security for files, directories, services, registry, etc.
We manage user authentication and authorisation following the OAuth2 principles. We encrypt sensitive data on the Database.
Because Woto enables users to put code on their pages, we have been extremely diligent with front-end security too. Each Woto App Instance utilises various subdomains and various checks in order to prevent XSS attacks. SQL injection attacks are prevented by the middle layer created by SSDM (see above). There are numerous other security measures in Woto that we cannot publicly declare, which help us give maximum design flexibility to users without compromising their security.
FInally, all of this has been verified by comprehensive penetration tests carried out by Nettitude.