EARTH MOVIN' MEDIA

Web Design Blog

Category: Web Hosting

Designing A Secure Website? These Five Linux Distros Can Help.

Every now and then, perhaps we should remind each generation of web developers about Linux. Although even the staunchest Linux advocate will admit that the Linux desktop lags behind on gaming (unless you’re a Minecraft junkie!) and can’t run Photoshop for beans, Linux is a powerhouse for the average web developer. Linux is baked into the backbone of the Internet, after all. And how much flash and polish do you need to slap together Javascript, XML, and PHP?

Continue reading

Web Designers Bandy About NoSQL, Everyone Else Baffled

The least sexy word in the English language is “database.” You could just have the wildest party in the world happening, and run in and yell “database!” and it would take the fizz out of the champagne, make the DJ pack up his rig and go home, stop the dancing cold, and make everybody run away. Databases are the exact point where a CS major quits studying to be a web developer and decides to become a web designer instead. It’s still used in Catholic school to punish unruly students.

SQLSo everybody’s supposed to be very excited about this new NoSQL thing. Now we have to pretend to be excited too. We also have to pretend to understand what NoSQL is all about. Yes, horizontal scaling!

And we’ll also nod along with the important-sounding acronym ACID, which stands for “A Completely Important-sounding Designation,” and something about what databases should do. Of course, all this is drawing fresh ink because Oracle bought out Sun, and… wait a minute, what does Oracle make again?

Join us next time for the thrilling conclusion, when the backlash movement “YesSQL” makes an even more obscure ripple of hype!

Web Design – The Ten-Minute .htaccess Guide

On any website using Linux website hosting, chances are good that you have the Apache web server software at your command, which puts you in charge of the most useful file on the Internet, the .htaccess file.

If you haven’t peeked into this file and learned what’s going on in there, you’re missing out on a powerful tool for disciplining your website (and unruly users!). You can edit it with any text editor – even Notepad! Below, a hint list:

Block directory listing:

“Options -Indexes”
What it does: Stops visitors from being able to view a directory in raw form. You might do this to prevent paid content being viewable for free, or for security reasons.

Block referrers:

After the line that says “RewriteEngine on” put:
“RewriteCond %{HTTP_REFERER} badplace\.com
RewriteRule .* – [F]”
What it does: Stops visitors who follow a link from a specific site. Usually you’ll want to do this to stop a referrer spammer.

Have a custom 404 page:

tb_sign1“ErrorDocument 404 /my404.html”
What it does: Lets you override the default ‘file not found’ page built into the web browser with your own custom page. This is great for catching the visitor so they don’t go away discouraged. Explain the error, and offer them a link to your home page, a directory listing, a search box, or even just a silly picture so at least they smiled.

Redirect URLs:

“Redirect permanent /oldfolder http://www.yoursite.com/newfolder”
What it does: Makes all calls to http://www.yoursite.com/oldfolder/index.html go to http://www.yoursite.com/newfolder/index.html instead. This is a common problem if, say, you changed a major part of your site and will have a bunch of incoming links getting lost if you don’t redirect them. This is also called a 301 redirect and can be set up the same way as the above,
ie: redirect 301 /oldfolder/index.html http://www.yoursite.com/newfolder/index.html


Stop image hotlinking:

After the line that says “RewriteEngine on” put:
“RewriteCond %{HTTP_REFERER} !^http://(www.)?your-domain.com/.*$ [NC]
RewriteRule \.(gifjpgpng)$ – [F]”
What it does: Prevents outside websites from embedding your images in their webpages. Stealing other people’s bandwidth is a huge Internet etiquette no-no, but some idiot out there never gets it. What this string actually says is: If the file is an image (ending in gif, jpg, png) and the link is not from my site, deny it.”

Block bad bots:

Again after the line that says “RewriteEngine on” put:
“RewriteCond %{HTTP_USER_AGENT} ^BadBot
RewriteRule ^.* – [F,L]”
What it does: Prevents visitors based on the user agent (the identifying string) instead of where they came from. You would only want to do this if you think some sort of automated program is crawling your site for some nefarious purpose, such as harvesting email, downloading content to steal, or just plain being a nuisance. You *don’t* want to do this to a legitimate site crawler like googlebot! That’s Google’s own site indexer.

Make PHP executable from any file:

“?AddType application/x-httpd-php .html .htm”
What it does: Allows you to include PHP in a file with any extension, not just .php. By default, Apache only calls the PHP engine for files ending in .php. A warning: You want to think twice about doing this with some forms – For instance, if you have a blog running PHP and a comment form on that blog, a scripting attack could be initiated by typing PHP code (along with other code, such as Javascript), into the comment form.

Websites: The Big Five Web Hosting Backend Tools

When picking your web hosting company for the first time, it’s easy to get overwhelmed when you look through the options for what the host offers. Here, we present the top five most-used back-end technologies – and what they are good for!

1. PHP

The number-one server-side scripting language. Probably 90% of all the web applications you’ll find on the Internet are written in PHP, from blogs to bulletin boards to galleries to shopping cart applications. PHP is designed with the web enterprise in mind. In the case of Linux website hosting, it’s a lead-pipe certainty that this will be included.

Continue reading

YouTube: What really is the bandwidth Bill?

A great new insightful article over at wired.com suggests that YouTube may pay less to be online than you do.

The story goes on to say that “the extraordinary fact that a website serving nearly 100 billion videos a year has no bandwidth bill means the net isn’t the network it used to be”

More technical tips for increasing your website loading time

Website design and page loading speeds

The total number of HTML files on each page should be as low as possible although most browsers can multithread. Minimizing HTTP requests is a key to web page loading.

The total number of objects & images should be a reasonable number. Combine, refine, and optimize your external objects. Replace graphic rollovers with CSS rollovers to speed display and minimize HTTP requests.

Keep external CSS files per page to a low number and should be in the HEAD of your HTML document. They must load first before any BODY content displays. Although they are cached, CSS files slow down the initial display of your page.

Consider reducing total page size of your web page to less than 30K to achieve sub eight second response times on 56K connections. Pages over 100K exceed most attention thresholds at 56Kbps, even with feedback. Remember you still need to cater to dial-up connections.

Make sure external script files are either one or two. Combine, refine, and optimise your external script files.

Total size of your pages HTML file should be less than 20K which will allow your page to display content in less than 8 seconds, which is the average time users are willing to wait for a page to display without feedback.

Some technical tips for increasing your website loading time

Coding should be clean as possible, free of structure and CSS files should be off page where possible.

HTTP compression, otherwise called content encoding using gzip should be considered.

Consider compressing your textual content ie javascript etc with mod gzip or similar products.

CSS alternate style sheets should be referenced in the HTML but are not actually downloaded until they are needed and therefore reduce the total page size.

 

Windows 7

By Andy Patrizio September 12, 2008

Publicly, Microsoft has said Windows 7, the successor operating system to the firm’s much maligned Windows Vista, will not ship until early 2010, but its internal calendar has June 3, 2009 as the planned release date, InternetNews.com has learned.

Also, Microsoft will use its Professional Developer’s Conference in late October as the launch platform for the first public beta of Windows 7. Microsoft plans to release the first beta on October 27, the first day of the show, when Chief Software Architect Ray Ozzie will be the keynote speaker.

More at www.internetnews.com/bus-news/article.php/3771391

What’s New in the World of CyberSquatting?

Cybersquatting is the ugly-sounding name of an ugly, but borderline-legal, practice of registering a domain name with the intent to profit from the goodwill of a trademark belonging to someone else. The problem is, as is usually the case with gray laws, the proving of intent.

icon-domainICANN has the “Uniform Domain Name Resolution Policy”, which it applies as a sort-of rule-of-law for resolving cybersquatting cases. But you’re probably heard where their rulings are controversial, no? There does seem to be some huge corporations out there who win a lot of exclusive rights to domains that shouldn’t have anything to do with them, while small businesses are lucky if they can get their case heard at all.

Take the case of “Microsoft vs MikeRoweSoft” that was settled recently. This one is almost anyone’s call. On the one hand, there’s no way you could confuse the two domains when typing them into a web browser. On the other hand, Mike Rowe admitted that he’d done it as a joke. On another hand, even Microsoft spokesman Jim Desler admitted that they may have been too aggressive in their defense of the “Microsoft” trademark. The case got settled for what amounts to a treasure chest of party favors and Mike Rowe made some money off the deal, so all’s well that ends well?

In a world where we have Linux paper towels and MicroSoft laundry detergent, proving who has the rights to a particular trade name can be a slippery task, especially with the international market. Is anybody out there finding new sound-alike domains, such as those recently recovered by the group CitizenHawk?