Category: WebFoundation

Announcing Web Platform Docs

A great new resource for learning web design was announced at webplatform.org. It’s a wiki and participation by knowledgeable web designers and developers is needed. That said, it’s already a huge resource of the best information available.

Congratulations to everyone involved in this effort. The group calls itself the Web Platform Stewards, and includes

  • Adobe
  • Apple
  • Facebook
  • Google
  • HP
  • Microsoft
  • Mozilla
  • Nokia
  • Opera
  • W3C

Paul Irish has a lot of good ideas about how you can contribute to the site in Why I’m So Excited about Web Platform Docs.

Useful links: Long-tail keywords, girls and CS, Dreamweaver

Jill Whalen published an outstanding explanation of what long-tail keywords are and how to discover them in High Rankings Advisor this week: Using Keyword Research to Find Long-Tail Keyword Phrases.

Meet the High School Girls Who Had to Take CS. Interesting comments about what they expected, and what computer science turned out to mean to them.

Why I Madly Love Dreamweaver Today. A programmer’s point of view.

Basic Knowledge for Bloggers

You don’t need to know anything technical to have a blog beyond how to get around on a website and follow instructions. It’s no more complicated than setting up an account on Amazon and ordering a book. But you could be a better and more effective blogger if you did take the time to learn some of the basics of how your website works.

blogger
Blogger by Virginia DeBolt via Flickr

Why would you be better and more effective, you ask? Here are a few reasons.

  • You would have more control over your website
  • You would be able to customize your website
  • Your website would work better in all devices
  • You would be better able to handle the inevitable technical issues that would arise
  • When you wanted to try something new, you would understand how to do it
  • You could avoid newbie mistakes

It’s worth a moment to explain the newbie mistakes item, and how it relates to the item about your website working better in all devices. The cleaner and simpler your HTML is, the better it’s going to work in all devices – from big old computer monitors to tiny smart phones. The biggest newbie mistake is forgetting that not everyone is looking at your website on your monitor, at your resolution, under your circumstances. Using those lovely tools above your text entry box on your blog dashboard to center text or images, to change the colors of text, to use several different fonts and text sizes, to add extra lines of space – all those things add complexity to your HTML. Adding complexity to something that works best when its simple and basic means that things may not work so well for someone who is not looking at your website on your monitor, at your resolution, under your circumstances.

If you want to start learning more about what goes on behind the scenes on your blog, here are the steps to take.

  1. Learn some HTML (Hypertext Markup Language). HTML is very simple, but it’s the foundation of everything else on the web. Using it right makes everything on your web page work better in every browser and in every device.
  2. Learn something about CSS (Cascading Style Sheets). Styles are what make your correctly marked up text look beautiful on a page.
  3. Learn a little about programming languages such as JavaScript and PHP. You don’t have to be able to write a program, but you should have a glimmer as to what’s going on when you try to customize things.

What I want to share with you in this post are pointers to places where you can get started with the basics of HTML, CSS, and programming. Just knowing the basics will be enough to make your blog more your own and more what you really want it to be.

Where to Learn the Basics of HTML

HTML is used to format text. Text is marked as a paragraph or a heading or a link or a list. When the text stops being a paragraph or a heading or whatever, the formatting is turned off. This works with tags that open and close the formatting – or you might think of it as turning on and off a section of formatting. Here are a few places to learn some HTML:

Where to Learn the Basics of CSS

CSS is used to control the appearance of everything you formatted in your HTML. It can set backgrounds, colors, fonts, positioning, whitespace, line height, widths and heights, how lists look, and much more. CSS doesn’t use tags, but it selects tags using a system of selectors. Once something is selected, a rule for how it will appear is written – and bingo bango, the way the selected item appears on your page is changed. CSS is more complicated than HTML, but you can start slowly with it until you get the hang of what you’re doing. Here are a few places to learn some CSS:

Where to Learn the Basics of Programming

Programming languages abound, but the most common ones bloggers run up against are JavaScript and PHP. The programming behind your website does the heavy lifting of making in interactive, making it possible to receive comments, and sending in mail from your contact form. Programming is the most complicated thing you need to learn about in understanding how the web works. Get a grip on the HTML and CSS first, before you start learning about programming. Here are a few places to learn something about programming:

What are you waiting for? Go get started on being a better blog owner.

[Note: Cross-posted at BlogHer.]

5 Great Websites to Help You Inform Your Design

5 great sites

When you are attempting to create a unique and creative website design, you can always use some extra inspiration or tips to help you come up with fresh new design or code snippets no matter how advanced your web design skills may be. The techniques that go along with designing web pages are constantly changing and improving therefore it is important that you are always in the know when it comes to the latest methods and newest forms of coding that you can use in order to make your website or the site or a clients’ site, stand out and get noticed.

Many web designers turn to online resources when they are busy strategizing and trying to find new things to add to their design process. Listed below are our five favorite design and coding websites – full of tips, tricks and other helpful resources that will allow you to create a website exactly how you imagined.

1. Alistapart.com

Alistapart.com has plenty to offer web designers and coding experts. Hundreds of helpful articles are listed by category and neatly organized so that you can find the information that you need when you need it. Some of the resources that can be found on this website include nearly 300 articles about coding as well as over a hundred on the topics of Culture, Design, User Science and Process. The A List Apart Magazine explores the most innovative ways to design and develop unique web content. It also focuses on the best practices that web designers have to go by and concentrates on the importance of web standards. The source code on the ALA website may be protected by copyright, however designers and coders who visit the website are allowed to use the code for free if they wish since it is available to everyone.

2. WebDesignerWall.com

This web design blog or ‘wall’ is full of brand new website design ideas for you to check out. It also contains a wide range of design and coding tutorials as well as information on all the latest web trends so that your website will have a design that is always up to date. The Web Designer Wall is very easy to navigate and features hundreds of helpful articles all in one convenient location. The articles featured on this website are based on topics that are about everything from creating CSS social media buttons to add to your site to fun giveaways that you can take part in. The creator of Web Designer Wall is a Toronto based web designer and illustrator that has years of experience creating stock icons, CSS websites and WordPress Themes. Some of the suggested offline reading material that Web Designer Wall has been featured in includes Web Designer magazine and .Net magazine.

3. Netmagazine.com

Where can you find the most professional and opinionated web design and coding related articles on the Internet? Look no further than Netmagazine.com. This well organized and up to date website is full of helpful articles that are on the cutting edge of everything that has to do with website design. Get access to the best tutorials and all the latest news about new developments in coding when you visit .net magazine’s website. This website is unlike all the other web development blogs and sites out there because it features more opinionated topics while still giving you access to the some of the most technologically advanced advice out there. You can also find the same helpful information offline by picking up the latest issue of the .net magazine.

4. Smashingmagazine.com

This website features a wide range of website design and coding topics with links broken down into sub-topics for more convenience. This site can provide you with CSS, HTML and JavaScript coding tutorials as well as all of the essentials that you will need to design your own WordPress theme, information on UX Design and a special Community area where you can share your opinion, discuss new web designs with others and spark creativity. As far as reading material goes, The Smashing magazine recommends that you pick up Redesign the Web, The third in the Smashing Book series that goes over how the Web has changed over the past few years and how it has completely renovated the world of web design.

5. Elated.com

Known for being one of the largest archives on the web when it comes to help with design and coding, Elated.com has been helping designers create high quality websites since 1997. It features a long list of articles on practically every topic you can think of along with innovative web templates, a large collection of stock images, Photoshop information, and a community forum where you can discuss all of the latest web design ideas with others. Learn more on Elated.com about how to get started with your own unique web design as well as gain more knowledge on how to fine tune your high tech site with a few helpful tweaks that will make your webpage better than it ever was before. If you are looking for one of the most trusted web design websites out there that can offer serious technical information as well as fun and creative template designs, Elated.com is the place for you.

Guest Author: Kimberly Clark is a Content Strategist who enjoys helping clients navigate through web design Louisville and beyond. From planning to ongoing content strategies, she has a deep understanding of the tools of the trade like social media and SEO. Kimberly is also a data fiend and uses it to develop unique, original and interesting web content that keeps visitors engaged and interacting. She works at: www.VIAStudio.com.

Secure your Server-Side Scripting

Locks for Sale

There is no web server existing within our society that proves fail proof. Web servers are often targeted in organizations because of the sensitive information they contain. Securing a web server proves as momentous as securing web or website applications and the networks surrounding them. If you have a secure web application that is paired with an unsecured web server or if this is reciprocated, your business will remain a substantial risk.

Securing web servers can prove frustrating and tedious along with requiring expertise, but it is not an impossible task. Ensuring the company web servers are secured will save your company from various headaches and data breaches in the future. No matter the operating system you have or web server software you are using, an out of the box configuration is always unstable. Companies should implement necessary tasks to increase the security of their web servers.

The following is a list of steps that should be taken to protect business web servers:

1. Remote access

Server administrators should always log onto local web servers. If remote access is warranted, you must ensure that the remote connection is properly secured. This is achieved by tunneling and following encryption protocols. It never hurts to use security tokens and other sign-on equipment. Do not use public computers or networks when you are accessing business servers remotely. This means that when you are enjoying a cup of java in the cafÈ, do not try logging onto business servers.

2. Remove services that are unnecessary

Default configurations and operating system installations are never safe. In standard default installations, network services that will not be used in web server configurations are installed. Some great examples of this are printer server services, RAS and registry services. When your operating system has an abundance of services running on it, this leaves open more ports, thus leaving more ìbackdoorsî for hackers to take advantage of. Disable and turn off all unnecessary services and this will ensure the next time you boot up your server, they will not start automatically. This task will also provide that extra boost to your serverís performance with freeing up hardware resources.

3. Server-side scripting and web application content

Web applications and or website scripts and files should always be on separate partitions and not that of your operating system, system files or logs. Hackers can easily gain access to the web root directory and exploit vulnerabilities.

4. Separate testing/development and production environment

It proves faster and easier for developers to develop new versions of web applications on production servers. It also proves standard that testing and development of these applications are performed directly on the production servers. Because these types of web applications are in early development stages, they usually have different vulnerabilities, cannot handle exceptions properly and they lack input validation. These applications can easily be exploited and found by hackers with using ordinary, free tools found on the Internet.

To deal with this issue, developers have begun to develop internal applications that allow access to the databases, web servers and other resources. The applications typically do not have any restrictions because they are merely testing applications that normally are only accessed by developers. If testing and development is not performed on a production server, they can easily be found by hackers which can help them gain access to the production server.

Testing and development of web applications should be performed on remote servers from the Internet and should never connect to or use real life databases and information.

5. Installment of security patches

Just because your web server contains fully-patched software does not assure its security. Ensure that you pay close attention to updating the operating system, and software running on it. Any hacker will admit that one of the easiest ways to take advantage of operating systems is through unpatched software and servers.

6. Audit and monitor the server

Logs should always be stored in a segregated section in web servers. Network services logs, database server logs, operating system logs and website access logs should be monitored regularly. If you see suspicious activity occurring on the server, the action should immediately be investigated to see what exactly is going on.

7. Privileges and permissions

Network and file services play a vital part in the security of web servers. If a web server becomes compromised through network service software, hackers can use the account where the network service is running from to carry out their evil deeds. It proves necessary to assign privileges warranted for network services to run. It is necessary to backend databases and information.

8. Use scanners

Scanners prove to be practical tools that aid in automating and easing the process of web application and web server security. Scanners that include port scanners can enable port scans on the web server hosting web applications being scanned. Scanners will initiate various security checks in reviewing network services and open ports that are running on your web server.
Remove software extensions and unused modules

Default Apache installations contain various predefined modules that are enabled. Ensure that you turn off these modules to prevent attacks to these modules. This also applies to Internet Information Services (Microsoftís web server). By default, IIS is configured to serve various large application types such as ASP. NET, ASP and more. The application list extensions should only contain the extensions the web applications or website are using. Each application extension should be restricted to using HTTP verbs only, whenever possible.

User accounts

Any default user account creating when an operation system is installed should be immediately disabled afterwards. It proves necessary to examine the long list of softwareís that have been installed on the server. This software should be checked regularly and frequently. The admin account should be renamed and should not be used; the same applies to the root user on a Linux/ Unix install. Any admin accessing the server should have their own user account with privileges. It is also highly recommended not to share your user account information with anyone.

Conclusion

In our modern era, tips and information on software and operating systems can easily be found on the Internet. It proves useful to stay informed while educating yourself about new tools and malicious attacks. One easy way to accomplish this task is by reading security-type magazines, forums, newsletters or other types of communities. Knowledge is power and the more you learn, the more you will be able to protect the security of server-side scripting.

Guest author Alfred Richards an experienced web designer and has profound knowledge of web hosting and web marketing, to know more visit his site VPN service.

Htaccess Magic: 4 Tips for a Better Website

 Congratulations! You have a website! Now that you have one, you also have the responsibility of taking care of one. Website optimization is not always easy, but it can be with basic knowledge of how they work. One tool you can use to optimize your website is an .htaccess file.

Web servers that use Apache HTTP Server to publish websites have an override feature that allows web hosting users, even ones with shared hosting accounts, to change some web server settings on a local level. If the host has the AllowOverride setting enabled on the web server, the user can use .htaccess files to enable any desired Apache directives. The following are four directive types that can bring a little magic to your website.

1. Custom error docs

When a user mistypes a URL to a page on your site or visits one for a page that no longer exists, one of two things will happen. Either the user will end up at a plain white page with the words “404 Error. File Not Found” or at an error page created by your web host, promoting their services. Neither is good for your services or your site.

By creating custom error documents, you can let users know they did actually make it to your site but might have made a wrong turn. You can also use it to suggest a better starting point for them to navigate through your site.

To create custom error docs, the first step is easy. Make normal HTML files for each error you want to include. You can find a list of Apache error codes on the web.

The next step is to create a file called .htaccess and place it in the root directory of your website – the directory that holds your HTML files. In the .htaccess file, place the error code redirects:

ErrorDocument 500 http://your-domain.tld/docs/500error.html
ErrorDocument 404 http://your-domain.tld/docs/404error.html
ErrorDocument 403 http://your-domain.tld/docs/403error.html
ErrorDocument 401 /local/path/401error.html

As you see, you can use a local path or full URL to each error HTML file that you have created.

2. Rewrite rules

You can use rewrite rules for a wide variety of purposes, the most common purpose is for search engine optimization. Dynamic web apps use very long URLs, and you can use Apache’s mod_rewrite engine to make them shorter. If you are running a content management system like WordPress or Joomla, it will likely add the correct rewrite rules to your .htaccess file for you. If, however, you are creating your own web app, you should also create some rewrite rules.

Rewrite rules follow a simple pattern:

RewriteRule Pattern Substitution [Flag]

For example, a simple rewrite rule is:

RewriteRule ^killer-whales.html$ orcas.html

In this example, people who access the page “killer-whales.html” will be redirected to the actual page: “orcas.html”. Apache also offers many more rewrite options you can try to make your site easier to access.

3. Restrict access

Htaccess files can also have security benefits. One example is that you can restrict access to a particular file or directory. For example, to deny access to a single IP address, you would enter:

Order Allow,Deny
Deny from 155.55.555.5.
Allow from all

Anyone attempting to access your site from that IP address will be denied. More information about mod_access is available in the Apache documentation.

4. Allow or Prevent Directory Browsing

When an index file is not present in a directory, Apache will display the contents of the directory. Many file repositories will use something like this by default to make it easy for people to browse the files. If, however, you do not want people to browse the files in a directory, you can easily disable browsing.

Options All -Indexes

On the other hand, if your web host has disabled browsing but you want it enabled, you do so with this directive:

Options All +Indexes

Taking Control

The whole point of .htaccess is to give the user some limited control over the server without affecting the other users who share it. This is only possible if your web host has enabled the “AllowOverride” setting in the web server’s configuration. The best hosting providers usually do, but even if yours does not, you may be able to convince them to make special arrangements for you. It will make your website better and make your job as web administrator easier.

Guest Author Tavis J. Hampton is the author of the upcoming book KDE for the Graphical User. You can find more of his writing at TavisOnline.com.

Supporting Web Standards Today?

Virginia in a blue beanieIt’s Blue Beanie Day, the day on which we all show our support for web standards by wearing a blue beanie.

Jeffrey Zeldman started this event several years ago. It’s been successful in getting all sorts of people to add blue beanies to their various avatars and standing up for web standards on a particular day each year.

It needs to be an every day event to support web standards. For many people it is. Those people are keeping up with the standards, writing web pages that show that they understand what it’s all about, and – for educators – showing others the way to create web sites using web standards. Really committed web standards people are working with browsers, following browser updates, and contributing to the writing of new specs and new browser engines.

Check out the Web Standards Project and Web Standards Sherpas for information about how you can make a contribution to web standards all year long. There’s a new project in the works (I’ll supply the URL when it’s available) that is meant to answer the question “I’ve got my blue beanie on. Now what? What can I do besides wear a toque?” That will help you find ways to learn, participate, and contribute.