Technorati
Jun 11
Website Security
Jun 10
For developing a secure website in PHP or in any other language a developer must remember the following points:
1. User Input Validation (Server Side): Input validation is the “key” to application security.
User input fields are the major entry points for most of the attackers. Parse the user input field as it is already defined (E.g. integer, float, and string) and if the parsing fails then display a proper error message to the user.
If the application has a cross site scripting vulnerability they can steal the cookie and thereby have an un-authorized access to the system or inject a malicious SQL query to launch an SQL injection attack or can cause buffer overrun and thereby execute a remote code or in the worst case can launch a denial of service attack (DoS)
2. Write Permission Off: This is also one of the most important factors for a secure web development. On completion of the website, when you will host the site on your web server, you must ensure that the files and directory in the webroot folder are WRITE protected from the outside world.
3. Error Reporting Off: Error reporting creates a security risk for hackers. A standard attack tactic involves profiling a system by feeding it improper data, and checking for the kinds, and contexts, of the errors which are returned. This allows the system cracker to probe for information about the server, coding styles and to determine possible weaknesses. For example, if an attacker had gleaned information about a page based on a prior form submission, they may attempt to override variables, or modify them.
4. Restrict User Permission Role: The permission role for the user should be restricted from the user perspective. Suppose there is no option for creating table or drop table statement in your application. So the user access should be restricted from creating or dropping a table.
5. File Extension and MIME Type Checking: It is important that you check the MIME type of the file instead of just checking that it is an acceptable file extension. Let’s say you allow user to upload a zip file and it gets extracted at the server by running it. Hackers can take this opportunity to rename a .exe file to .zip and upload in your server. So keep checking the MIME type of the file at the time of uploading it.
6. Use HTTPS: Use https (SSL certificate) instead of http if possible.
7. Client Request Response Handling: Implement a script to handle this type of request problem. At times, requests start coming from the same client very frequently. Then just ignore those type requests as most of these requests are auto-generated.
8. Use Captcha: It is recommended to use Captcha for each form submission to protect against spamming.
9. Unformatted Client Side Code: Use unformatted code for client side like HTML, JavaScript so for hacking it will be tuff to understanding. Means don’t give the variable and function name as their meaning. (But it is tuff to do code like this way. Find a tool which will do it for you).
10. Protect Directory Listing: Place a blank index.html in your directory thereby protecting listing of files. Some servers do it themselves but it is recommended to be implemented at the time of development.
These are some basic steps to prevent your website from hackers. Lots of issues are still left unaddressed for website security.
LinkedIn is a pioneering business social networking website. One of the most popular social networks for business professionals to connect with contacts and on some occasions make new contacts.
Groups on LinkedIn provide a way for you to connect and collaborate with other members who have common interests. Many brands and businesses use LinkedIn group as an uninterrupting way of marketing. Users can choose to keep track and participate in the discussion when they feel it’s most appropriate.
Promoting your group through Linkedin:
Create a LinkedIn group with a good description and your logo.
Make sure to tell users if it is an official or unofficial group for your Brand or Business. Users should know if they can raise their voices on this group and more importantly if it is worthwhile their time
Send Invitations to your current LinkedIn contacts. Simultaneously, add discussions/topics to the group
Add content to the site via Announcements, Discussions, News and Jobs. Use Announcements if you want all your members to get an email instantly about something important to your group. Discussions is where you can start a conversation with your members and get them to add content to your group. News as the name suggests allows users to keep track of the latest, although the neat feature here is that you can update users by including a RSS feed of another site.
So for instance if your company/brand has a blog you can post the URL. SO use Linkedin Groups to market yourself, your ideas, your brand, your products or your company.
Benefits Of Using CMS
Jun 9
A CMS or Content management System uses a database to store, retrieve, and edit the content of your website. Each page of your site is stored as simple text - making it easy to edit, search and manipulate. The bottom line for these systems is managing content and publishing, with a workflow if required. CMS aims at easily modifing the website templates as well as editing the content. Moreover, the CMS database allows for additional features to be easily integrated into the website: user login and passwords, events and calendars, blogs, news feeds, and much more. Content Management Systems cover everything from Document Management, to Knowledge Management, to Digital Asset Management and a range of other related and unrelated fields.
Now a days, most website owners realise that building a website using CMS is beneficial to their website but very of them actually know what these benefits are. The following are the benefits of using a CMs:
- Empower non-technical users to update the website
- Organize your knowledge - manage all content, images, documents from a single point
- Support and encourage collaboration between multiple users
- Rapidly deliver up-to-date content to end-users
- Control site updating and publishing easily
- Easily add forums and other community building features, set up RSS feeds for your growing content, have users subscribe to newsletters, and much more.
- The separation of content from design allows you to easily include keywords in the URL of each page thereby ensuring a better chance to list in the search engines.
- Authors and editors can access the site from any computer with an internet connection. This means users can update the site at the same time from any location in the world.
- The backend administration panel not only provides the ability to add content but also to add modules such as polls, banners,forums, shopping applications, news management and menus.
- Deploy multilingual and localized site content
So if you are planning to develop a site that contains loads of pages and needs to update the contents regularly then consider using a content management system or CMS. As the CMS is used to increase the efficiency of the website and is quite successful in the task.
The importance of internet marketing lies in the fact of its mass appeal. Search Engine Optimization (SEO) is the primary tool for generating user for your website. So, optimize your site for the search engines. Keywords play a major role for optimizing your site. When selecting a keyword, it should be kept in mind that the selected keywords should not only drive traffic but it should also convert it to the sales of a product or a service. The choice of key words should be capable of attracting the prospective customers and thereby converting it into the sales.
Another method to drive in traffic is through Search Engine Marketing. Effective and successful search engine marketing connect consumers with the service providers and help to find exactly what about the client requirements.
Different search engine marketing methods are used to promote your site online.
If you are looking to launch your website and want to make a real good business out of it then develop an effective marketing strategy to generate traffic for your website. Successful internet marketing will also lead to the exposure of yours business to the world and this in turn leads to the expansion of business opportunities.