Hello world! ;)

Tobias is CTO and a partner at Sitewards in Frankfurt, who specialize in e-commerce solutions.

Previously he was well regarded as a freelance consultant and software architect. Over the past years he has built up a development team at Sitewards that thrives to be at the cutting edge of web development.

With passion of inspiring developers he takes part in and speaks at conferences worldwide. He also publishes articles in t3n, PHPMagazin, several blogs and is currently writing a book about web security.


Security in eCommerce

Tobias is currently writing a book, which is planned to be published in June 2014.

Security Patterns

A series of articles in the german PHP Magazin about security patterns and the OWASP Top 10.

PHP Magazin / 02 - 04.2014


Article in the german t3n Nr. 34 about the usage and implementation of BigPipe.


Magento Test-Suites

Article in the german PHP Magazin about Test-Suites in Magento.

PHP Magazin / 05.2013

E-Commerce goes Enterprise

Article in the german PHP Magazin about the installation and configuration of Apache Solr in Magento Enterprise.

PHP Magazin / 02.2013

PHP and Microsoft SQL Server

Guest blog article in the german phphatesme.com blog about the usage of Microsoft SQL Server in PHP.


From Dev To CTO

Tobias was featured with his "From Dev to CTO" session from the Barcamp Rhein-Main in a following sunday newspaper.

Frankfurter Allgemeine Sonntagszeitung 2014-01-05

Review 2013 / Forecast 2014

The PHP Magazin interviewed Tobias and his colleague Michael about the passed trends and hypes in 2013 and aswell tried to give a forecast for 2014.


OWASP Top 10 for developers

Maintaining the PHP section of the OWASP Top10 for developers.



An implementation of the module management tool modman written in PHP so it runs on every OS.


BigPipe for Magento

Implements a BigPipe option to Magento, so a block can be marked as BigPipe an will be rendered after the first flush appeared. Facebook uses that technique to avoid a blocking of the loading process by some slower components.


FireGento - Admin Monitoring

The admin monitoring logs nearly every save and delete call in the backend of a Magento shop.


Houston - a multi-threading micro-framework

A microframework to create multi-threaded php applications, built before it was cool to do that stuff. ;)


Magento Hackathon - Gamification

The Gamification module allows to track events stored by Hackathon_FrontendMonitoring and release actions like incrementing points, earn badges or cat stickers for a user.


OWASP Top 10

With the latest XSS and CSRF attacks on Twitter, PayPal and Facebook, security is still obviously a very difficult thing to get right.
Every 3 years, the open web application security project (OWASP) releases a new Top 10 vulnerabilities, this talk will walk you through 2013s list.
Presenting you the possible attack scenarios and how you can protect against them.
In addition we'll look at more security issues which are not part of the Top 10, but that you should definitely keep in mind.



@AndreCedik: Best slide of #dchh so far. By @airbone42 @t3sec: OWASP Top 10 - this session is fun joind.in - IPC @iDocIt: Sehr angenehmer Vortragsstil :).Vielen Dank @airbone42 #dchh @phpmagazin: Kudos @airbone42 für die tolle Session über OWASP


The loading time of a website is one of the most important factors for its success. The amount of abandoned page loads raises dramatically, the longer the user has to wait for the content.
Facebook invented a new technology called BigPipe which allows the user to already see the essential parts of a website, while long-loading content is still being rendered. This delivers a better user experience and less abandoned page loads.
This talk will show you the technical details of BigPipe and how it can help you to speed up your site and what you need to know to implement it.


Chrome DevTools Unleashed

Presentation about the not so famous features of the Chrome DevTools


Enterprise Search

The Magento search is usually set up with MySQL Fulltext, which is not only limited in amount of features, but also known as a performance bottle neck.
The talks shows from a technical point of view, how easy it is to set up a fast and efficient search incl. autosuggest-capabilities based on Apache Solr in Magento Enterprise with the integrated Enterprise_Search module.



@sheepfred: Good talk on apache solr by @mannersd and @airbone42 ... @bobbyshaw: Thanks very much for your talk this morning! Great stuff :) @avstudnitz: I like those new slides by @airbone42 and @mannersd :-) @wiktorjarka: #devparadise good job with Solr presentation! Enjoyed it! Magento: ... great presentations were given on Solr integration by Tobias Zander

Magento 101

An overview of the Magento ecosystem, Magento features and technical pros and cons.


From Dev to CTO

After beeing a freelancer for several years Tobias joined 2011 Sitewards as CTO.
He recognized very fast that the job in a full management position is some kind of different then developers think of.
In this talk he talks about challenges and problems, but also which steps and solutions helped to build a highly motivated and successful team.
Besides the technical and disciplinary leadership it's also about recruiting, motivation and team-development.


Magento Certificates

Zend Certificate

Stack Overflow

When there's some free time left, Tobias is an active member on the Stack Exchange network.

profile for Tobias Zander on Stack Exchange, a network of free, community-driven Q&A sites


Besides the private profile, you have to checkout the sitewards and firegento profiles.

Tobias Zander
Schillerstr. 80
63329 Egelsbach
+49 6103 270 10 98
+49 151 404 171 98