Hop Studios is Canada's top ExpressionEngine
Web consulting, design and development firm.

ask about your project

Work With Us!

Get A Quote


Job Opening - Web Developer

We have an immediate opening for a full-time ExpressionEngine developer.

We’re Canada’s leading ExpressionEngine design and development firm. You’ll be working on interesting and meaningful projects, using the latest tools and techniques.

The most interesting applicant will have many of the following skills at the “Very Fine”, “Near Mint” or “Mint” level, in something approximating this order:

  • ExpressionEngine
  • PHP (CodeIgniter)
  • Javascript (JQuery, JSON, AJAX)
  • HTML / CSS
  • MySQL
  • Common Web service APIs
  • Server administration (LAMP stack)
  • Web hosting and DNS management

In addition, experience using version control systems, doing unit testing, and building mobile / responsive websites will be considered a big checkmark in the “Pro” column.

Yes, that’s a long list and no, you don’t need to be expert in everything on it; we’re primarily looking for someone with experience focused on ExpressionEngine and Javascript and PHP—the rest will make you stand out and get noticed.

What are the other requirements?

  • Self-starter with healthy curiosity
  • Tenacious attitude towards problem solving
  • At least a few years of experience working in Web development
  • Good at hitting deadlines with a thump
  • Excellent written communication skills
  • A long-term interest in keeping on top of technology trends and tools

Who can apply?

  • you must want a permanent position i.e. not part-time or contract
  • you must be able to start immediately i.e. you can give notice now
  • you should live, or be willing to live, in Vancouver, BC, Canada
  • you should be able to work in Canada

Who are we?

  • We’re a 12-year-old company with a stable staff, established history and plenty of growth potential.
  • We’re fun to work with (if we’re allowed to say that about ourselves [we are -ed.]), and our deep client roster are all excellent to work with as well; there are no waterfall death marches here.
  • We are located in the Gastown district of Vancouver, and we offer an open, collaborative work environment.
  • We pay a competitive wage tied to experience.
  • We are an equal opportunity employer that values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Or anything else.
  • We work hard, but also have lives outside of work.

To apply, send a cover letter, your resume, and links to Web sites you’ve built. Send them to jobs@hopstudios.com.

And don’t send your resume as a Word document. We mean it.


One Touch Payment Using Apple Pay

Apple Pay iconWe got to do something exciting at Hop Studios last month: We set up Apple Pay for a client! (If that doesn’t sound exciting to you, maybe you’re not a Web developer with a giant crush on Apple. We’re hopeless here.)

Apple Pay is Apple’s new payment system. It’s integrated into all Apple devices that have a fingerprint scanner—phones, iPads, Apple computers. Once users set up their existing credit or debit cards in Apple Pay, payment can be made instantly by activating Apple Pay, either by holding the iOS device near a physical register, or online by using an Apple device and the Safari browser.

There are two major advantages to Apple Pay. First, it’s very, very fast. The transaction can literally be completed with a single finger touch. In person, that’s handy, but online, that means you get to skip filling out multiple form fields with credit card details, which is pretty great. So now, instead of the smartphone being a tricky way to get someone to pay, it’s actually a faster way. Second, because of how Apple Pay works, the user never shares their actual card information with the merchant: If the merchant gets compromised, no credit card number is in their system to be stolen.

Speed is great, security paired with speed is even better.

We built this Apple Pay donation system for our long-time client Sam Harris. Visitors to Sam’s site could already make donations using PayPal or a credit card. Now they have a third option: Apple Pay.

imageThe method is pretty obvious on a smartphone. And here’s how it works when making a donation from a Mac using Safari:

  1. After filling in your name and email, and selecting a payment amount, you chose Apple Pay as the payment method.
  2. A notification window pops up, where you select the card to use from those you’ve registered in Apple Pay.
  3. At the same time, your phone (always close at hand!), buzzes and displays a payment screen.
  4. One touch on the home button, and the transaction is complete.

The results have been encouraging. Visitors began using Apple Pay almost immediately. We don’t know how many visitors could use Apple Pay (but don’t). And we don’t know how many people use Apple Pay but would have been just as happy to use another system.  But we do know that Apple Pay donations are higher, on average, than Pay Pal or regular credit cards.  This could be simply a different demographic than the overall donation level, but we’re seeing a steady stream of users already.

Thanks, Sam, for the opportunity to try something new and innovative!


Will Better Security Warnings Mean Better Security?

These days, we do our banking, socializing, shopping, taxes and so much more online. It’s convenient, but every time we login to a site or type in a credit card number, we expose sensitive personal and financial information to risk. If you’re like me, each time you enter a credit card number in an online store or sign into your bank’s web site, you may wonder vaguely “is this safe?” You try to be careful, by using reputable merchants and not clicking on phishing email messages, but still… you wonder.

One way to know whether a Web page is insecure is to look at the full URL. Consider this address: https://www.hopstudios.com. The “s” in the “http” element means the page is being served securely. But some browsers hide “http” in the address bar (mostly because it’s kind of ugly to look at); meanwhile others offer warnings or show icons when a site isn’t served securely. It can be difficult to be sure if a site is or isn’t secure.

Recently, Google started notifying sites that they might trigger security “warnings” in the latest version of Chrome. The notification says: “Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as ‘Not Secure’ unless the pages are served over HTTPS.”

What does this mean? It means, Google’s Chrome browser has changed both the style with which it displays the https security notice, and the rules by which it decides what to display. Now, when a page that includes a field for a password or a credit card, you’ll see specifically that it is “insecure” (ie. http)  with a quick glance at the Chrome address bar. Compare:

Screenshot of an 'not secure' notification
An insecure site

Screenshot of a 'secure' notification
A secure site

This new look and rule for displaying it are part of a long-term plan to mark any pages served over the non-encrypted HTTP protocol as “Not Secure,” even if those pages don’t contain password or credit card fields.

I commend Chrome for doing a better job of letting users know when a site is or isn’t secure on pages that collect sensitive information.  But I’m less keen about Chrome’s plans to move toward a universal “Not Secure” warning for all http sites, regardless of what actual risk is present.

The move is almost certainly intended to serve the general Web audience by encouraging use of SSL certificates on all Web sites. While this is probably good for the overall safety and health of the Internet, I am concerned that applying these warnings to sites where security isn’t really a factor will actually create more confusion among Web users rather than less. I’m not sure the average Internet user understands the distinction between a site that is labeled “Not Secure” and doesn’t pose security risks, and one that does. The risk level of giving a non-secure site your credit card number is relatively high; the risk of browsing a non-secure site that doesn’t collect any personal data at all is fairly low. Of course, there are certainly factors other than having password and credit card fields that represent security risks. (There’s an excellent breakdown of this here.) But, labeling all http sites with the same warning weakens that warning when it actually represents trouble.

Aside from my Chrome qualms, however, it is true that any web site publisher who takes credit card numbers or has user accounts should absolutely be serving pages securely. If this is you, read on…

Let’s unpack what “securely” means. At base, a secure https site is one with an valid SSL certificate from a valid certificate authority, installed and set up correctly. Security certificates provide two layers of protection. First, the certificate validates the identity of the site (i.e. that you are actually accessing the hopstudios.com web site). Second, it ensures that the data exchanged between your computer and the server is encrypted during transfer, when it is most vulnerable. When a company serves their site securely, it’s a good sign that they are taking security concerns seriously, although it doesn’t mean your data is protected from all types of security breaches.

SSL certificates typically run from $150 to $300 per year, depending on your site’s needs and size—though there are several projects attempting to make SSL certificates available for free. You can expect a Web developer to need a couple hours to set up and test the certificate. Once the certificate is set up and working properly, you shouldn’t need to do much to maintain it beyond renewing the certificate annually.

As always, if you have questions or need help with SSL certificates, Hop Studios is here to help!


Meet Hop Studios’ New Senior Designer

Katie, by Katie
Katie, by Katie

We hired Katie Holmes! Ok, sure, not that Katie Holmes. This Katie Holmes is a talented graphic and interaction designer.

Katie joins Hop Studios after 10 years of agency and freelance design, where she worked with clients like LuluLemon, Skipper Otto, and Starbucks. She was one of the first to graduate from Simon Fraser’s School of Interactive Arts + Technology, but that wasn’t even close to the beginning of her work with design and technology.

“I got into design at 14 in order to make a [Ed: She doesn’t want me to tell you this, but hey, I’m the boss. -TS.] Harry Potter fan site,” Katie said. “I’ve always liked making things, so it was never really a decision to ‘go into’ design, it just kind of evolved.”

Actually, Katie tells us what she really dislikes is not knowing how to make things. You name it, and Katie has probably done it: knitting, painting, weaving, woodworking, drawing… the list goes on. Katie brings this same curiosity and application to her web work.

“I like looking at the bigger picture, being able to see the whole scope of the project and how it all fits together. To create consistent, coherent, intuitive sites, you have to understand the whole thing at the macro level, and also in the details,” Katie says. “User experience is all about finding the least painful route the user can take to achieve a result. Add good design, and you can create interactions that are enjoyable and seamless. You shouldn’t even notice the process, just move smoothly through the technology.”

And if that doesn’t match the Hop Studios approach—good. clean. fun.—well, then we don’t know what does.

Welcome, Katie!


DC Commuters Get Some Help On the Road

The new year is starting with a vroom for Hop Studios as we launch our newest news project: DC Commute Times!

Photo: DC Commute Times Web site screenshot

DCCommuteTimes.com provides news and traffic information for commuters in the metropolitan Washington, D.C. area. The D.C. area has the dubious honor of having some of the the worst traffic in the country. When I say it’s bad, it’s really bad. One recent study showed that the average commuter in this area—D.C., Virginia, and Maryland—spends up to 82 hours held up in traffic each year (PDF) as they struggle to travel between work, home, and every other place they want to go. We’re talking almost six hours of rush hour commuting.

Being stuck in traffic, of course, leads to people to thinking about one key question: How can a local commuter reduce the amount of time they are spending in transit?

DC Commute Times is the brainchild of Jeff Wong, who lives the horror himself as a resident of Arlington, VA. He believes real-time information updates are at least part of the answer. That might mean choosing a different mode of transport on really tough days, or taking a different route than usual, or just waiting a little while. Jeff’s goal is to provide that timely information commuters need to make these daily decisions for using roads, Metro, buses, trains, and even bikes.

The newly launched Web site uses many local commuter resources to present timely updates and traffic maps, along with hyper-local coverage of the commuter experience. On the site, Jeff also presents editorial content on everything from tips to stay on the road during icy conditions, to managing the fluctuations caused by the holidays.

If you’re a DC commuter, consider making DC Commute Times part of your daily routine before you head out the door!

more posts from December 2016 More From December 2016

Web Design and ExpressionEngine Development Consulting - Vancouver (BC) Canada