My favourite internet forum WebProWorld.com
I joined one of the best forums for ecommerce professionals, Webproworld.com in 2005. The activity was great and I learned much there. I hope that I also contributed something to the forum. As time passed by, more and more of the MVP and senior members left the forum. I don't know the reason why, but probably more and more spammers and spam bots registered on the forum. The site admins and moderators may have been tired of fighting the spam and unserious fluff stream of repeated subjects over and over again. Even if Spam-O-Matic was installed on the forum, that was not enough to fight the most advanced spammers and spam bots.
This site's forum and related bulletin boards.
You may find links in our mini network, this site included, with links to great WPW threads that are now borken. I regret that and hope that the forum will be reopened. I have not had so good experience on other internet forums with moderators and site admins (especially Norwegian) with an ego inversely proportional to their competence. So at present I have no intention of signing up on other forums. I am a sleeping member of some, the Norwegian W3Schools forum and the Sitepoint forum. I am very inactive there and have no intention to increase the activity. If WebProWorld.com reopens, I may participate as long as the forum get stricter rules for spammers and spam bots. I will also concentrate on my own forum on this site, with a very strict policy. You can read the forum rules, register and post one post that has to be accepted before it is published. In addition I have two bulletin boards with English text that may be reopened as forums if I get enough serious persons that are interested in participating. The two (three) forums are:WebProWorld.com the sunken atlantis
If you want a free, encrypted email service, our best advice is ProtonMail. If you mean you have a bette solution, you can sign in on our forum, read the forum rules and post your proposal. Note that it will not be published online unless it is a serious proposal.
Security by obscurity is no security.
but you can make it difficult for email spammers to find you. Sign up with more than one email account. Use a free email account from ProtonMail, Google (gmail), Microsoft (outlook), Yahoo (Yahoo mail) etc.
If you are a web consumer, and want to reduce (avoid) spam emails in your inbox on one account, you should only use this account for companies and people you trust. Don't use this account for subscriptions to news services, registration on fora, social media platforms etc.
If you are a web producer, don't even give this account away to people you trust. If you are a webmaster, you can (even if it is hackable) hide your email address by using a good and secure script, so this email account can be for your company contact online. But never send an email from this account. Don't answer an email from this account! You can automatically forward a copy of all incoming mails to another account and send an answer from this connected or mirror account.
Then what is the point of having this account? The obvious advantage is that all contacts from the internet to your company are stored in one single place. It is not mixed with other emails. First of all it will not be filled with spam that is found in other ways than through the form on your site. If you make this form relatively secure, it will not be filled with spam from bots. It will not be filled with emails from services, newsletters, advertising and offers you have consciously signed up for. It will not be filled with emails from blogs, forums and social networks where you have signed up. If you have the same form on more than one site, it should be clear from the subject line which site it is sent from. There are many sites in our network. I most often don't need to open the email to read it. More than 50 % of emails from the internet is spam even if it is sent from a relatively secure and advanced contact form. I have heard webmasters on forums complain that it is so difficult to fight spam to their company. I can tell you, my gmail and yahoo mail accounts are filled with spam, most of them in the spam folder. It takes me seconds to scan the subject field and move emails that I can not read immediately to an advanced system of folders. The spam folder and inbox are emptied with a mouse click. The inbox and spam folder of my gmail and yahoo account are empty at the end of every day. I have for years not got a single email to my obscure account from persons or companies that did not use the contact form on one of my sites. Send and email to kbleivik *AT|| gmail dot * com or put that address on an image. It is not good enough if the world of spammers love you and your sites.
The sender does not know the address of your account. (S)he does not know that you answer from another acoount. An email harvesting bot will not find this account unless it is able to hack your contact form. One single answer or question sent from this account, and you can be subject to the world of email spammers. In addition, the address of this account should be difficult to identify or guess by a third party.
Worse, your computer may be hacked. Never, never open an attachment from an unknown sender. Don't click on suspect links in emails. Best of all, don't open suspect emails. Ask a security expert if you are in doubt. If you open an evil attachment, a program may be installed on your computer and takes control over your computer. Such attacks have even been directed to banks in an attempt of executing a digital bank robbery. That can be avoided in different ways:
- Communicate via the internet on an islolated network that is not connected to any internal sensitive part of your company.
- Use auto updated firewalls and anti virus prgrams.
- Use an email solution that scans the email and attachments for malware.
- Require administrator rights to install software. Never surf the internet (and open your email accout) as an administrator.
- If you are a private person, never open an attachment in an unexpected email. That attachment may install a trojan that steals sensitive information and passwords.
- Stay updated on internet and network security.
Are Spam filters good enough?
My experience is that they are not, even if services like gmail and yahoo mail filters much spam and sometimes too much. There may of course be (professional) email services with better filters than those well known, and using a not so well known email service, can reduce the spam problem considerably. You should find some by putting a relevant term in the search field of a search engine and hit enter.
A hierarchy of accounts reduces your spam problem.
When I sign up for a news email from a company, email offers etc, I use gmail. I use Yahoo mail for registration on social media sites and forums. If I get a twitter, Linked In or FaceBook email in my gmail account, a single look at the subject field is almost always enough to state that it is spam.
There are of course more advanced solutions.
A good email service lets you
- Redirect emails to different folders, even the spam folder or the trash based on different criteria like subject, keywords, terms in the mail etc.
- Block a list of domains and email addresses.
- More sophisticated options.
We start the advice and many reccomendations on this page with the following cite from WHATWG's living standard
That is of course an advice for webmasters.
Every day, so many new sites and pages are put on the internet or the world wide web, that you will not be able to browse and read this information to the rest of your life. Even if you are young today, and become 100 years old you will not be able to read the headlines. You will not be able to read the news headlines published in one year.
Think of that for a moment. If you know what you are searching for, you put a query in the search field of a search engine and hit return, and in less than a second you may get many million terms. The resources collected in our mini network, are semantic, ordered and manually cultivated like a grape farmer cultivates his grape plants. As an example click links and then old links. They are old if they are some years old, most often more than five years old. Those links are manually checked from time to time. Stable semanic links of cool URLs don't change. If you find a broken link on this page, please send us an email. That will increase the quality of the link collections. If the links on this page i still relevant or semantic, it is a good indicator that this is a reputable site. It is an indication that the site has a good content policy. Evergreens don't change. Even if there is a technological evolution, old articles and tools have an interest. You don't find all old internet pages and sites on the internets, archives wayback machine that is listed with other similar tools on our ordered links page.There are a lot of broken links checkers. The World Wide Web Consortium (W3C) has their. Why not use that tool? Link cultivation goes far beyond checking for broken links. The reason why is:
- The content of a page can change so much that it is completely out of context.
- A resource or company is bought and the link is out of context. It is no longer a semantic link.
- The content may even change to a completly different language.
- The page or the site may redirect to a different site that is also out of context.
- The page or site is temporarily down for maintenace or update.
- The site that the link takes you to may use more or less advanced link schemes.
- You are only allowed to click the link once. The second time it is hidden.
- The article you linked to is hidden behind a payment firewall after a time interval.
- More advanced link schemes has taken the link out of context and is insemantic.
We don't claim that the links we have collected point to socalled evergreens, but we try to collect relevant and targeted resources for your journy through our sites. We have seen articles that we will call evergreens disappear from the internet. Authoritative articles written by Nobel Prize winners and finance professors have disappeared. The article may not be relevant any longer, but it has historic and sometimes pedagogic interest.
There is no lack of information on the internet.
I have been a member of the well known forum for eCommerce professionals, WebProWorld, for more than 10 years. There, I have started some threads that I hope will survive some years or decades, for the surfer that is looking below the surface. It is not easy to find these threads, among other things about the deep and the surface web.
The problem is to find the correct, relevant, semantic and unbiased information. That is not always possible. Some years ago I lost som videos from my video camera. The natural query to put in the search field was: best video recovery software. Today I get a relevant article, but the software I am looking for is ranked as no 3. I tested about 10 different tools before I found the correct one. That was the only software that was able to recover all videos on a disk that took 80 gb of movie clips. Since it takes hours to recover files from a video disk, it was a long and boring work before I found the correct software.
This site is made from experience, some bad. Read here and you may save time and money. You may avoid some pitfalls that have made us wiser, but not richer. There is a Norwegian saying, burned child avoids the fire. By using these resources, you can avoid the fire. The first free advice, is that there are many web browsers. There are many ways to surf the web with a browser on your, desktop, your tablet or smart phone. If you use a Pc, and shop online from that computer, it is not difficutl to find our preferred browser. The sublink with anchor text ordered links on the links folder, lists a lot of diffenent web browser for prom plain text browsers to browsers made for people that will surf anonymously. There are screen readers for blind and visibly impaired. A modern smart phone has an inbuildt sreenreader or a sreenreader app where text is translated to words. On one of the oldest web browsers, the Norwegian web browser Opera, you only drag a wheel in the lower right corner of the browser window to increase the size of the text and page elements. Our preferred browser if you shop online is Opera. Opera's son Vivaldi (made by the same persons that made Opera) was launced wit the motto:
For advanced users
Competitors Chrome, Firefox, Internet Explorer, Safari and Opera have in the past focused almost exclusively on creating an even smoother and faster browsing experience. Vivaldis goal is however to be a browser for a little more advanced and technologically interested users.
Try Vivaldi. It is generally our preferred browser. Since we don't have so long experience with that browser as Opera, currently we still recconmend Opera for the online shopper, even if Vivaldi's security model may be the same. If I use image seargh, I use Chrome and the Google search engine, since I can right clcik an image and searhc for copies or simlilar images. There is a Chrome plubin that makes this right click more advanced. Read about the in our ordered link collection. Great for a fast surface scan of the authenticity check of an image. As a web master I also use FireFox, since that browser has a lot of extensions or plugins that are seamlessly made for web masters. There are people that need to surf then internet anonymously for various reasons. Criminals of course do it. But also people that are threathened on their lifes or for other reasons must hide their name and identity use a proxy server. The Tor Project is a part of internet freedom. The Tor proxy server protect your privacy and defends you against network surveillance and traffic analysis. Part of the Tor project is the Tor browser. Mac users or users av Apple's different iProducts use safari when they surf online. Safari is a natural element in Apple's iCloud, iMac, iPad, iTv and future products and services from Apple. The other browsers mentioned above most often has a version for Apple's platforms.
That a site does not function in Opera or the more advanced browser Vivaldi, is an indication that you shall be careful. If you have a suspicion that something is downloaded in the background, turn off your computer, especially if you surf the web with administrator rights. If a site loads slowly, be careful. Check it with tools that you find in our link collections link collection. Our overall security principle is:
Don't trust any site on the internet.
at least before you have done your own Due Dilligence or have experienced otherwise. If you are in doubt. you can test a page or site with Google's Safe Browsing test that you find in our order link collection. I have that tool on my Vivaldi speed dial that you can also read more about in the ordered link collection. There are many online resources that constantly write about browser security and related problems. If you are especially interested in a topic, for instance browser security, you can set up Google or other alerts with terms like "Browser security", "What is the most secure web browser", "Browser vulnerabilities" etc. You can of course search for similar terms and refine the result even more.
Windows defender that is an integrated part of the Windows 10 operating system, is fairly good. The easiest way to start windows defender on Windows 10, is to put Windows defender in the search box in the lower left corner to the right of the Windows start menu and perform the query. When you have run a security scan, click on the log and click the three radio buttons to see if there are any bad software. If there is, you can remove them. There are third party security software.
MultiFinanceIT.com is a very important site if you search financial information and news. We have education on the Dr. Scientlevel in mathematical finance and the site owner worked 20 years in the research department of the Central Bank of Norway, developing many software programs for the bank, the ministry of finance and our central burea of statistics.
OopSchool.com is important for web masters that are looking for more advanced topics. Object oriented programming was invented in Norway in the mid 1960's so we should have the necessary background to collect links for those looking for information on this topic, too.
Advice for online shoppers
If you do it correctly, shopping online is becoming more and more secure as serious credit card issuers now require that you use a pin code or bank id when you shop online. That means that if your credit card is stolen, your pin code also has to be stolen to be used for online shopping. If your credit card number or other identity information was stolen, our first question is: Which web browser did you use? You may tell us that your computer was infected, with a trojan, a key logger and your credit card number was stolen or your bank account hacked. If your credit card number or other identity information was stolen, to repeat, our first question is: Which web browser did you use? For that reason we also recommend using the Norwegian Opera (or Vivaldi) Web browser. It is especially important to use that browser when you shop online for the following reasons:
- It has an extra security layer. You can set your own master password.
- It can warn you about old outdated SSL sertificates where other browsers are silent. You shop on such a site on your own responsibility.
- Opera is fast to upgrade its browser to meet better standards. It is very easy to upgrade to a new version
- Opera is a W3C DOM compliant browser. Test your browser here
- There are few third party plugins. You shall never use a browser with third party plugins and / or toolbars if you are concerned about security. You should at least not use it on a browser you use for your online shopping.
- Opera is not automatically installed on the computer you buy. For that reason the browser is less known and scam, malware and hacker targeted than other browsers.
Advice for the surfer written before Vivaldi was known, but still relevant
To repeat what we wrote in the introduction above:
Every day, so many new sites and pages are put on the world wide web, that you will not be able to browse and read this information to the rest of your life. Even if you are young today, and become 100 years old you will not be able to read the headlines. Think of that for a moment.
That means that you have to be very focused in your web browsing and surfing. When linking out to an external page or site, we have tried to avoid sites with bad behavior (in professional language, bad redirects, bad pop ups, sites starting automatic downloads of software, pages with suspect messages that you are a winner, pages with ActiveX controls, scripts and other code that can infect and in the worst case destroy your computer).
You can dramatically improve your surfing / browsing experiences if you configure your browser in a smart way and use keyboard shortcuts, socalled acceleration keys (combinations). If you use Opera, here are som hints to improve your surfing experience:
- Use a seamless home page.
- This site is good on large screens (tiling) and / or multiple screens (cascading)
- Install your own toolbar (View + Toolbars + Personal Bar). You simply drag the preferred URL's to your personal toolbar.
- Use "panels" (View + Toolbars + Panels). They can be (un)hidden by a mouse click.
- Use the "Wand" icon on the address bar / alternatively (CTRL + Enter) on the page - if the password is saved - to log into a site or a web application.
- Use "speed" dial to add favourite web pages.
- Choose your search engine in the upper right corner.
- Let us say that you use two browsers, Opera for online shopping because of security and the open source fast minimalistic Google chrome browser for surfing. When you have finished shopping using Opera, you can continue with Chrome by right clicking the page in Opera and select open with and then Google Chrome from the menu.
- Tiling pages on large screens and cascading them on multiple screens by dragging the page to the preferred screen(s).
- Note the icon to the right of the search field in the upper right corner.
- Click this icon that (de)activates an addtional toolbar with a page search field to the left and the author mode pane.
- Author mode has an accessibility layout for disabled people.
- Dev.Opera for webmasters.
- Opera Unite HowTo's
- For security reasons, don't rely on third party plugins or toolbars.
- Add an "Opera master password" for extra security when logging into your bank account.
- This is a short list. There are much more to learn, especially configuring the browser to your needs. Opera's "son" Vivaldi is even more advanced when it comes to fitting the browser to your personal needs.
Authentication using OpenID.
OpenID is a decentralized authentication system. It is a free and easy way to use a single digital identity across the internet. You will have only one username, and you will carry your identity with you across the web and your identity is secure.
OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience. You get to choose the OpenID Provider that best meets your needs and most importantly that you trust. At the same time, your OpenID can stay with you, no matter which Provider you move to. And best of all, the OpenID technology is not proprietary and is completely free.
The OpenID Foundation (OIDF) was formed in June 2007 to help promote, protect and enable the OpenID technologies and community. February 7th, 2008 OIDF announced that Google, IBM, Microsoft, VeriSign and Yahoo have joined the board.
Today’s announcement marks a milestone in the maturity and impact that the OpenID community has had. While the OpenID Foundation serves a stewardship role around the community’s intellectual property, the Foundation’s board itself does not make any decisions about the specifications the community is collaboratively building.
In the beginning of 2008 there are 250 million OpenIDs and over 10 000 websites to accept them. The First OpenIDDevCamp was a Success and a sponsor had the following message on their website in early 2008:
Passwords are the weakest link in online security. They can be guessed or stolen with surprising ease, manipulated and abused by computer programs, and revealed by unwitting users. So let's get rid of them. And while we're at it, let's turn the login into a profit center.
How do I get an OpenID? You may already have one.about responsive web design. Since this information is updated in february 2016, you should from the very start make your web site mobile-friendly or responsive. April 12 2016, I tested this page with Googles responsive web page test. The test concludes, Awesome! This page is mobile-friendly. No it is not, (try to shrink the browser window and look at the styling if you are in doubt) so our preferred speed test is to test it on hardware, smart phones, tablets and a omputer with a large screen. The best alternative is to reduce the borwser window on a large computer screen and observe how elements, text, images and videos respond when the page is reduced to a narrow screen of a smartphone. If you use the FireFox web browser, there is a shortcut key combination, CTRL + Shif + M (or Cmd + Opt + M on OS X) that will immediately tell you whether a web page is responsive.
Responsible responsive web design.
There are many ways to make a site mobile friendly and responsive. The easiest way is to style the site with different stylesheets and use the same HTML markup. That means that a mobile version of your site loads the same code as the desktop version. For obvious reasons that may slow down a site on a smartphone so much that many visitors leave before the code has loaded. Conditional loading of content is a related technique and combined with responsive design, it may speed up the mobile version. As an example, a large image that is loaded on the desktop version should not be loaded on the mobile version. The mobile version should have a compressed (mobile optimized) image. If you search for "conditional loading responsive design", you get a lot of hits worth studying. Site speed is so important that Google has its own PageSpeed Insights with subjects as "Mobile Analysis" and "Best Practices" with additional categories. Google has also made a tool for testing page speed. We reccomend that you read this article Why responsive design shouldn’t be your goal in mobile
We’ve explained before on this site how performance is so important for mobile, and that you will lose traffic and revenue if your site is slow. The quick explanation is that users don’t like to wait around, and especially when on mobile.
The longer explanation ...
Which tests shall I use?
There are a lot of resouces in our collection of Webmaster resources on the main menu. There you also find our preferred tests for page speed, more precisely in the category Site and pagetests, debugging and HTTP info
Google has so much foccus on pagespeed for mobile sites, that the company has launched the Accelerated Mobile Pages Project that was explained in an article published on Google's official blog October 7, 2015 under the heading: Introducing the Accelerated Mobile Pages Project, for a faster, open mobile web
Today, after discussions with publishers and technology companies around the world, we’re announcing a new open source initiative called Accelerated Mobile Pages, which aims to dramatically improve the performance of the mobile web. We want webpages with rich content like video, animations and graphics to work alongside smart ads, and to load instantaneously. We also want the same code to work across multiple platforms and devices so that content can appear everywhere in an instant—no matter what type of phone, tablet or mobile device you’re using.
If you search for accelerated mobile pages in 2016, you get a lot of hits and CMS platform providers like Wordpress have made an AMP plugin. You should be able to keep up with the development by searching for AMP or accelerated mobile pages on the Wordpress plugin page.
The AMP project has defined its own HTML standard the socalled AMP HTML.
AMP HTML is basically HTML extended with custom AMP properties. The simplest AMP HTML file looks like this:
I copied that code into a new html (php that is marginally slower than pure html) file and tested it with Google's page speed test on february 21 2016. First of all, the user experience could not be improved since it scored 100 / 100 on that part, but on speed it scored 90 / 100, so there is room for improvement on that part of the test. The test concluded:
1. Prioritize visible content
Your page requires additional network round trips to render the above-the-fold content. For best performance, reduce the amount of HTML needed to render above-the-fold content.
The entire HTML response was not sufficient to render the above-the-fold content. This usually indicates that additional resources, loaded after HTML parsing, were required to render above-the-fold content. Prioritize visible content that is needed for rendering above-the-fold by including it directly in the HTML response.
None of the final above-the-fold content could be rendered even with the full HTML response.
2. Leverage browser caching
Setting an expiry date or a maximum age in the HTTP headers for static resources instructs the browser to load previously downloaded resources from local disk rather than over the network.
Leverage browser caching for the following cacheable resources:
The conclusion is that that code gives good enough user experience, but page speed could be improved. Page speed is also dependent of how fast the server the page is served from is, and how fast the users network is. My server has a flash or SSD drive, so that should not be the bottleneck unless Google requires even faster servers. My network is faster than standard broadband. So how much should you tweak and fine tune your code? There is always a tradeoff. You should not concentrate so much on code and markup that you don't produce fresh and updated content on your site. You may loose more visitors on that than going form 90 to 100 on the page speed test.
Is it possible to be more specific on this point? Then we have to get an idea of how important speed is as a ranking signal.
People need to wake up to how serious the need is for quality signals, and where speed is one of those signals. Now, with "basic" and AMP being driven so intently by Google, it's no more a case of the few of us in the industry who have been pushing these topics - the house is now on fire.Don't think that if you speed up your site, you will get a boost in search ranking.
AMP doesn't mean adopt AMP and get a massive boost in search ranking. That is not the case. All of the other signals need to be satisfied as well. But without question speed matters. If we had two articles that from a signaling perspective scored the same in all other characteristics but for speed, then yes we will give an emphasis to the one with speed because that is what users find compelling.
So how probable is it that two articles will score the same? Very low in my opinion.
User experience is important, and your site may be so slow on mobile phones that people leave and don't bookmark or link to the page. That can have indirect SEO effects that may be more important.
More about ranking signals where you also get an idea of how important it is to have a mobile friendly site. You will also note that page speed is supposed to become a more important signal in the future.
Look at my favicon and Google's brand for their AMP project. That icon has been online and visible in most browsers for years on OOPSchool.com. This site has the icon too. Only the colours seem to differ on sites that use it to brand Google's AMP project.
If you look at the HTML markup for ACM HTML, you will note that it starts with the HTML doctype, and then a new element html ⚡ that is similar to the lightning of my favicon. You will also note that a lot of authoritative sites like moz use this icon to comment on Google's new AMP project.
Is it possible to beat amp pages for speed? Of course it is possible to write faster code, especially since AMP html documents load the AMP libraries (what is the point without?). You can in order of decreasing minimalism (increasing complexity):
- Restrict yourself to minimalistic modern HTML
- Not load any external or big internal resources above the fold. (Search query above the fold content)
- Use inline minimalistic CSS less than 50 Kb's
- Use minimalistic internal or external CSS stylesheets less than 50 Kb's
- Pure.css a tiny css framework with minimal footprint.
- Minify your CSS
- Use less, a CSS pre-processor.
- jQuery Mobile (or a compacted minimalistic version)
- Express Fast, unopinionated, minimalist web framework for Node.js
- Moment.js (or better moment.min.js (13.7 Kb))
- Bootstrap HTML, CSS, and JS framework
- Last, but not least, analyze your site and make it faster
- Test your website's performance
The Google AMP Cache is a proxy-based content delivery network for delivering all valid AMP documents. It fetches AMP HTML pages, caches them, and improves page performance automatically. When using the Google AMP Cache, the document, all JS files and all images load from the same origin that is using HTTP 2.0 for maximum efficiency.
For more information, visit our ordered links collection. We have also written a short note on BlogNorway.com, HTML AND HTML ⚡. If you wan't to comment on this, you may register on our forum or comment in the thread we started at WebProworld or a related thread Ampifying your site, not difficult at all.
Older text edited in 2016.
In 2016 it is not difficult to set up an advanced (multi)site in a few minutes. Some hosters offer click install of platforms like WordPress, Elgg, drupal, etc. etc. You don't even need to create a database for a databasedriven site. If your web hoster has tools like softaculous you only specify the setup and the software create the database for you. You can make a great responsive website without coding a single line. All you need is to learn is how to style your site using templates and putting content on the site. If this is all you need to know, you can stop reading further.
The forum on this site was set up in less than 10 minutes. I made an empty SQL database, uploaded the zip file, put my browser in the forum subfolder, installed and configured the files in a few minutes. Then, in the forum ACP, I made my first forum and copied the previleges of the default installed forum to my new sub forum "forum rules". That is done, so the forum is visible. If I visit the forum, I am not able to post, since so far I have not set any user (group) previleges. I return to the forum ACP, and since I am an administrator and forum owner, I have to let forum admins have posting previleges in that sub forum. You must set the previleges for every user group for every sub forum. You can refine that and set the previliges for individual users. When the previliges are set to post for forum administrators in the ACP panel, I can return to the forum and start the first thread in the forum rules subforum. Since those rules were copied from another forum, the whole process took less than 10 minutes.There are four layers of a web site:
- content (markup)
- presentation (styling)
- and security
If you use a good framework or CMS system, you only need to think of writing content. The CMS platform cares for the rest. A good hoster has good backup systems and server rewind possibilities. You may of course take your own backups on the hard drives of your computer or on external media. If you rely on cloud services, you may put a backup in the cloud, that is availlable all over the world where there is a internet connection.
Some CMS systems are more vulnerable than others. Our experienc is that you have to update your Wordpress system as soon as there is a new (upgraded) version. Unless, there may be vulnerabilities that can harm your site. For that reason, be careful when you use third party styling, plugins or other extensions. How often are they updated? Which updating policy does the producer have? In other words, use extensions that is forward compatible.
Everything on the web is about semantics
- Semantic content
- Semantic markup / tagging
- Semantic linking. For that reason, avoid broken links on your site.
Note that Web Science Research Initiative (WSRI) tries to create a science of the web. Also note that webstandards are set at The World Wide Web Consortium (W3C) and The Web Standards Group. WHATWG mentioned above and W3C keep an updated version of HTML. It is a good idea to keep up to date by visiting these resources regularily. Keeping up with the latest technologies and browsers can be hard work. Therefore westciv has collected a load of resources to make your life easier. You should have an understanding of how search engines see and index your site. Canonical issues are one example of an important topic related to search engine Bots. Much traffic (e. g. for an ecommerce site, that means customers) can be lost by changing the structure of your site. Broken links, give a bad impression. In short, that is about your ePropery, your brand and your business. Cool URIs don't change. Years of hard work can be lost in seconds by introducing a broken link. There is a solution, redirection. But that can also be done in a bad manner. In our view a broken link is better than a redirection to a site / page with different or unrelated content to the original site / page. You risk being reported as a spammer and in the worst case a scammer. It is of utmost importance that you give the surfer or online shopper a good experience and (s)he will bookmark, index and remember your site and return. It is also important that you make your site accessible for disabled (like visibly impaired ) persons. If you intend to cover the global market, also note that a lot of surfers use mobile devices and shop online by smart phones, or other mobile devices. If you intend to cover this market, also make your site available for mobile devices from the very beginning. That is make your site responsive, so it shows good on any screen size.
Good and bad bots will visit your site. CAPTCHA is a type of challenge-response test used in computing to determine that the user is not run by a computer. There are tools to help you identify bots that crawl your site. You can make spider traps and set up a crawl wall. Your complete website may be downloaded and copied in seconds. There are methods to prevent downloading your web site and you can track down a spammer. If you follow the advice below when you start your online web business, design a new site or redesign an old, you may save yourself days, weeks and (if the site grows enough) months of trouble:
- Order the domain name through a reliable hoster, preferably in your own country that you can drive and complain to if something is wrong. Handle the domain name services, DNS yourself by that hoster or "registrar". Check that it is a possible option with your hoster in case that is not your local registrar. That may save you time and irritation. Dealing with someone that has their DNS set to my IP. Is that possible and how do you know if a competitor is using Negative SEO against your site? Here is a good site to study if you have problems, namely Lori's web design and website evaluations.
- If the above hoster is relatively expensive (it may be expensive to buy cheap), find a reliable hoster where you want most traffic. That may be in another country. Check which tools and software he offers and how fast he upgrades to new versions of e.g. PHP and MySQL. Does he offer Linux hosting if that is what you want or Windows hosting if that is your preferred option? Is he able to set up an Oracle database server if you think you may need that in the future? How much will that cost?
- The security layer. Start by building a firewall around your site if you are on an Apache server using the configuration file .htaccess. By denying IP (regions)'s access to your site in .htaccess, you can set up an informal extranet (that is a network for your customers). Do that before you start uploading content and code. This ultimate htaccess article may be valuable reading. When you are working on a new site, you may want to restrict access to your own IP address, so no other can view your site before it is ready for production.
This is easily done by putting the following lines in your .htaccess file:
deny from all
allow from yourIP
Then it is easy to add friends to that list by allowing their IP's. There are some related resources that is valuable if you want to block IP regions:
- Use CIDR/Netmask to look up Ip regions related to an Ip that can be allowed or blocked as above.
- Use IP Range Lookup to block a country
- Look up Ip regions related to one or more countries that can be blocked or allowed in the same way.
- Geolocation technology etc.
- You can also use whitelisting. Whitelisting imply that you start with a trusted IP list that you allow access.
- This has clear advantages for companies with limited resources.
- If your site gets bandwith problems, the same technique can be used to concentrate traffic from the most important IP-regions.
- It is fast and efficient to comment out a blocked region in .htaccess with the # operator.
- If your web server is upgraded so it handles heavy traffic better, you remove the # operator for the allowed region.
- In the last line, you can allow the whole world access. If you go on holiday, or you have more important tasks to do than look after your forum, you comment out that line. This way, you don't return from holiday with your forum full of spam posts.
- We can call this hiearchical security. Very efficient and fast.
- Cross-site scripting (XSS) can be avoided using the same origin policy. Also study the related topics under the heading related vulnerabilities in the first Wikipedia article. So if you want to start your own web business, much time and frustration can be avoided by getting a firm understanding on security. I got a lot of spam signup's on my own forum, ForumNorway. After I have used .htaccess to allow access, I have not had a single spammer signing up. My bad experience with that forum was. You give away free information to the world and what you get back is noise, an infected database, irritation and extra work to clean the database.
- OWASP: The free and open application security community.
- Chris Shiflett's: Essential PHP Security site.
- Look for books like: Ilia Alshanetsky - php|architect's Guide to PHP Security.
- You find that book on the books page of the site.
Now php 7 is available, and much has happened to php since the first version of the last mentioned book, so look for updates or more up to dateinformation.
Make your site user friendly and accessible and separate content from design and coding. In his book "The principles of beautiful web design", Jason Beaird says it like this:
"Good design is about the relationship between the elements involved, and creating a balance between them."
Make it simple, as simple as possible but no simpler. Validate and test your site with tools that you find in our ordered links collection.
- Users that browse without using a mouse
- Users that browse using a screen reader..
Use site-wide stylesheets. That is, use CSS and separate design from content by putting the styles in separate files that you may share across your complete site. Remember, journalists and authors write content, designers design and programmers program. Different persons may have a comparative edge on these three skills. In addition, digital branding and web advertising may be the most important element in your overall web business. Today you can set up a simple site in less than an hour. Bringing traffic to your site may be the most difficult part and you may need to hire a specialist. It is a good SEO (see below) advice to separate content, styling and code in different files. That makes the job easier for the SE bots, your site is easier to modify and refactor. You may even do more specific SEO with robots.txt, by directing the bots to specific parts of your pages.
In a minimalistic language, we can say the an HTML site pluss an HTML browser is a web 1.0 site. Often a static web 1.0 site is all you need for your business, so you can stop reading here.
If you want a dynamic database driven site and / or a web 2.0 (application) site, as a minimum defined as an XML powered site plus an XML browser, you should continue reading. You may even need a 3-D site like Second life. Three dimensional sites and grid search in 3D may be the start of Web 3.0. AVForums, UK's biggest and best home cinema discussion forums and audio visual home consumer electronics resource can be a good place to start if you want to build a 3D site or an online cinema or puppet theatre site.
Think ahead. Do you need a static ad site for your company or do you need a larger dynamic database driven site? PHP and MySQL are good enough even for many large company sites. The top of laziness is to do everything correct from the very start. Read what Matt Zandstra writes in his book, "PHP Objects, Patterns and Practice" about being too fast:
"The problem is that PHP is just too easy. It tempts you to try out your ideas, and flatters you with good results. You write much of your code straight into your Web pages, because PHP is designed to support that. You add the heavier code to functions in library files, and before you know it you have a working Web application. You are well on your way to ruin. You don't realize this, of course, because your site looks fantastic. It performs well, your clients are happy, and your users are spending money."
That means that if you think of efficiency and code reuse etc. you ought to learn design patterns and object oriented programming.
XML can be used to standardize data description, publishing, data storage and retrieval and distributed computing. An XML document must be well formed. The XML family have the following related technologies where some important sites are listed, too.
- Clean up your Web pages with HTML TIDY
- PHP XML Parser Functions
- EXSLT a community initiative to provide extensions to XSLT
- Introduction to libiconv
- Using Regular Expressions in PHP
- Regular Expressions (Perl-Compatible)
- XInclude Processing in XSLT
- RELAX NG Specification
- Beware of XHTML
- RELAX NG
- STYLUS Studio
Together these technologies are aimed to make a better standard to present content on the web. XML is not a programming, but a meta language. By using XML you can define your own language. The World Wide Web is more and more used for application to application communication where the programming interfaces made available are referred to as Web services. Companies deploy these services and other companies or web sites consume the services. XML has a very wide application and is used to make content manage systems, CMS and Native XML databases, NXD. You can also build a XML driven site, where the document is transferred to the preferred format, be it (X)HTML, RSS; Atom, PDF, Wap etc. by XSLT that is part of the extensible stylesheet language family (XSL).
It is much easier to get a site up and running than getting it known and visited by the SE bots. Bringing traffic to a site is a never ending Marathon race where competition is fierce. There is a never ending intensive competition among webmasters to get the best position on the SERP's (Search Engine Result Pages). This competition is named SEO (Search Engine Optimization). There is an alternative, paid advertising named PPC (pay per click) where Google AdWords are the best known. That is an electronic auction where the highest bid for a key word or some key words, get the best position. If you are always at the top of Google ad words, you pay too much for your key words. You can also sign up by an affiliate provider like TradeDoubler, Commision Junction or LinkShare. There are many. SEM (Search Engine Marketing) is another element in web marketing. This is an art, science and profession.
If you need advanced program and application development tools, my favourite platform is (was) RAD studio from Embarcadero and my favorite database platform is (was) Oracle, that is in the front on grid computing and secure enterprise search. You do not need that to develop simple and even advanced web sites. But it sets a standard and as Web Services, hosted applications and cloud solutions increase in number and popularity, you may need it in the future if you need real horse power. Nobody would compare a Porsche carrera gt to a Volkswagen. It has been said that C++ is the next generation assembler. I once wrote letters with Andrew Koenig, the project Editor of the C++ Standards committee. I think it was him that wrote in a letter that life is too short to program in assembly, and then he meant assembly and not C++. But today, C++ may be the de facto assembler, and life is not too short to learn and program in C++. That is also the first processor independent "assembler." I personally view C# and Java as simplified C++.
Imagination is more important than knowledge.
If you wan't to make your own site, there is no lack of resources on the internet. The sky is the limit, but it is not easy to get attention. You are competing with millions. Every day there is 4 billion searches on Google. That tells you something about the magnitude. There are more than 7 billion people on earth, but only 3 billion with internet access. So the internet is still in its infancy.