If you're new here, you may want to subscribe to my RSS feed. So that you can read the latest updates about Web2.0 tools, Making Money Online, Tips in SEO, Ajax and many more. Thanks for visiting ProgramimiCOM!

Referrer logging is used to allow web servers and websites to identify where people are visiting them either for promotional or security purposes. You can find out which search engine they used to find your site and whether your customer has come from a ‘linked site’. It is basically the URL of the previous webpage from which your link was followed.

By default, most hosting accounts don’t include referrer logs but may be subscribedd for an extra monthly fee. If your web host does not provide a graphic report of your log files, you can still view the referrer logs for your website by logging into the host server using free or low-cost FTP software, like these:

FTP Explorer: http://www.ftpx.com/
LogMeIn: http://secure.logmein.com/dmcq/103/support.asp
SmartFTP: http://www.smartftp.com/
FTP Voyager: http://www.ftpvoyager.com/

The log file is available on your web server which can be download into your computer later. You can use a log analysis tool, like those mentioned below, to create a graphic report from your log files so that the files are easier to understand.

Abacre Advanced Log Analyzer http://www.abacre.com/ala/
Referrer Soft http://www.softplatz.com/software/referrer/
Log Analyzer http://www.loganalyzer.net

You can view the files using Word, Word Perfect, txt or WordPad files even if you don’t have the right tool. This information is very crucial to your business and marketing plans and is not advisable to neglect it.

In addition to identifying the search engine or linked site from where your visitor arrived, referrer logs can also tell you what keywords or keyword phrases your client used for searching.

As referrer information can sometimes violate privacy, some browsers allow the user to disable the sending of referrer information. Proxy and Firewall software can also filter out referrer information, to avoid leaking the location of private websites. This can result in other problems, as some servers block parts of their site to browsers that don’t send the right referrer information, in an attempt to prevent deep linking or unauthorized use of bandwidth. Some proxy software gives the top-level address of the target site itself as the referrer, which prevents these problems and still not divulging the user’s last visited site.

Since the referrer can easily be spoofed or faked, however, it is of limited use in this regard except on a casual basis.

• 0 Comments

It is worth cataloguing the basic principles to be enforced to increase website traffic and search engine rankings. 

• Create a site with valuable content, products or services.
• Place primary and secondary keywords within the first 25 words in your page content and spread them evenly throughout the document.
• Research and use the right keywords/phrases to attract your target customers.
• Use your keywords in the right fields and references within your web page. Like Title, META tags, Headers, etc.
• Keep your site design simple so that your customers can navigate easily between web pages, find what they want and buy products and services.
• Submit your web pages i.e. every web page and not just the home page, to the most popular search engines and directory services. Hire someone to do so, if required. Be sure this is a manual submission. Do not engage an automated submission service.
• Keep track of changes in search engine algorithms and processes and accordingly modify your web pages so your search engine ranking remains high. Use online tools and utilities to keep track of how your website is doing.
• Monitor your competitors and the top ranked websites to see what they are doing right in the way of design, navigation, content, keywords, etc.
• Use reports and logs from your web hosting company to see where your traffic is coming from. Analyze your visitor location and their incoming sources whether search engines or links from other sites and the keywords they used to find you.
• Make your customer visit easy and give them plenty of ways to remember you in the form of newsletters, free reports, reduction coupons etc.
• Demonstrate your industry and product or service expertise by writing and submitting articles for your website or for article banks so you are perceived as an expert in your field.
• When selling products online, use simple payment and shipment methods to make your customer’s experience fast and easy.
• When not sure, hire professionals. Though it may seem costly, but it is a lot less expensive than spending your money on a website which no one visits.
• Don’t look at your website as a static brochure. Treat it as a dynamic, ever-changing sales tool and location, just like your real store to which your customers with the same seriousness.

• 0 Comments

Your website is the hub of your online business; it is the virtual representation of your company whether your company exists physically or not. When you are doing business online, people cannot see you physically like how they could if they were dealing with an offline company. Hence, people do judge you by your covers. This is where a good design comes in.

Imagine if you are running an offline company. Would you allow your salespersons to be dressed in shabby or casual clothes when they are dealing with your customers? By making your staff wear professionally, you are telling your customers that you do care about quality. This works simply because first impressions matter.

Similarly, the same case is with your website. If your website is put together shabbily and looks like a 5 minute “quick fix”, you are literally shouting to your visitors that you are not professional and you do not care for quality.

On the opposite, if you have a totally professional looking website layout, you are giving your visitors the perception that you have given meticulous attention to every detail and you care about professionalism. You are organised, focused and you really mean business.

On the other hand, you should also have anything related to your company well designed. From business cards to letterheads to promotional brochures, every little bit matters. This is because as you grow your business, these items become the face of your business. Once again, think of the “salesperson dressed shabbily” anology, and you will get my point.

• 0 Comments

A sitemap is often considered redundant in the process of building a website, and that is indeed the fact if you made a sitemap for the sake of having one. By highlighting the importance of having a well constructed sitemap, you will be able to tailor your own sitemap to suit your own needs.

1) Navigation purposes

A sitemap literally acts as a map of your site. If your visitors browses your site and gets lost between the thousands of pages on your site, they can always refer to your sitemap to see where they are, and navigate through your pages with the utmost ease.

2) Conveying your site’s theme

When your visitors load up your sitemap, they will get the gist of your site within a very short amount of time. There is no need to get the “big picture” of your site by reading through each page, and by doing that you will be saving your visitors’ time.

3) Site optimization purposes

When you create a sitemap, you are actually creating a single page which contains links to every single page on your site. Imagine what happens when search engine robots hit this page — they will follow the links on the sitemap and naturally every single page of your site gets indexed by search engines! It is also for this purpose that a link to the sitemap has to be placed prominently on the front page of your website.

4) Organization and relevance

A sitemap enables you to have a complete bird’s eye view of your site structure, and whenever you need to add new content or new sections, you will be able to take the existing hierarchy into consideration just by glancing at the sitemap. As a result, you will have a perfectly organized site with everything sorted according to their relevance.

From the above reasons, it is most important to implement a sitemap for website projects with a considerable size. Through this way, you will be able to keep your website easily accesible and neatly organized for everyone.

• 0 Comments

Is it disturbing to you when every other Web page you visit has a different font size?. One web page’s font is too small, and another web page’s fonts are too big… Well here’s a way to fix that and set each web page’s fonts to just the size you want.

In Internet Explorer, select: Tools-Internet Options, choose the General tab, click the Accessibility button, and check Ignore font sizes specified on Web pages (the wording varies depending on your IE version).

In Netscape 6 and 7, choose Edit-Preferences, select Fonts (double-click Appearance if you don’t see ‘Fonts’ listed), and then either check Use my default fonts or uncheck Allow documents to use other fonts, depending on your version (the wording of these choices also varies).

Now all Web page fonts should be of uniform size on all pages.

• 0 Comments

Anyone who has been marketing online knows that the lifeblood of a business is the traffic of a site. More visitors equal more sales. However, here are some ways that you can tweak your sites with to improve sales without the need to get more visitors.

The first method is to weave in your personal touch in your sales message. Nobody wants to be sold to by a total stranger, but many people will buy what their close friends recommend to them. If you can convince your audience that you are a personal friend who has their best interest at heart, they will be convinced to buy your products. Remember to speak to an individual in your salesletter, not to your whole audience.

The second method is to publish testimonials and comments from your customers. A good idea would be to publish both good and bad comments; that way prospects will be really convinced that these testimonials are real. When prospects see testimonials on your website, they will have the confidence to buy from you because human beings follow the herd mentality; when others have bought and proven it authentic, they will jump on the bandwagon and buy too.

Use visual representations for the problems and solutions that your product offers. Not everyone will read your text copy from the head to the tail, but most people will pay attention to images on your website.

Offer quality bonuses to accompany the product. When you offer bonuses that complement your product, your prospects will feel it’s a very good deal and it would be stupid to miss it. Be sure to state the monetary value of your bonuses so that people will be even more compelled to grab your good bargain.

Lastly, ask for the sale! Many people entice their prospects with the benefits of their product, sell to them with stories of how it has solved many problems, even offered killer bonuses but forget to ask for the sale. Give a clear instruction on how to buy your product (e.g. “click the button to buy now!”).

• 0 Comments

Masking or anonymizing a Web server involves removing identifying details that intruders could use to detect your OS and Web Port80 Software has developed an IIS server module called ServerMask to combat the majority of issues explored here for the Windows Web Server.

The Server Header Tells All
Most Web servers politely identify themselves and the OS to anyone who asks. Using a network query tool like Sam Spade or this Header Check, you can discern the HTTP Server header. Just request a Web site’s home page and examine the resulting HTTP headers or “banners” sent back by the server. Among them, you will likely find something like this:

Server: Microsoft-IIS/5.0

There is not much mystery here. Apache’s default settings make it no less identifiable:

Server: Apache/2.0.41-dev (UNIX)

You can remove or obscure this HTTP Server header in a variety of ways, depending on your platform. Apache 2.x users who have the mod_headers module loaded can use a simple directive in their httpd.conf file, as follows:
Header set Server “New Server Name Goes Here”

Unfortunately, mod_headers cannot alter the Server header in prior versions of Apache, so 1.3.x users will have to resort to editing the defines in httpd.h and recompiling Apache to get the same result. IIS users can install IISLockDown and use the configuration option in URLScan’s INI file for removing or replacing the header. Be careful with URLScan if you are using Cold Fusion application server — the way the current version replaces the Server header wreaks havoc with CFM pages. In fact, removing the header is the way to go when using URLScan, since if you try replacing the header it moves to the bottom of the header order — which pretty much gives away that you are running URLScan on IIS.

Unsightly File Extensions
Displaying file extensions like .asp or .aspx in a site is a clear indication that you are running a Microsoft server and, in general, hiding file extensions is a good practice to mask the technology generating dynamic pages. You can change your application mappings (.asp becomes .htm or .foo, etc.), but such one-to-one mapping can make mixing server-side technologies painful and does nothing to alleviate headaches during site migrations. Doing without file extensions altogether is an even better idea, not only for security but also for ease-of-migration and content negotiation. Apache people will want to take a look at mod_negotiation. Watch out, though, for the Content-Location header in the server’s response, which can give away the file extension that is not shown in the URL. You might have to suppress this header separately using mod_headers. In a similar vein, Port80 offers a tool called PageXchanger that allows file extension hiding in IIS.

Half-Baked Cookies
The ASP session ID cookie, used by the Session object to maintain client state, is another dead giveaway:

Set-Cookie: ASPSESSIONIDQGQGGWFC=MGMLNKMDENPEOPIJHPOPEPPB;

You can disable ASP Session State so that this cookie is not placed, but you lose the convenience of using the Session object to maintain client state. You could also create an ISAPI filter to change the names of any session ID cookie. On the other hand, ASP sessions are resource intensive, and turning them off improves the performance and scalability of your ASP application, while also helping to anonymize your server.

Send These to the Recycle Bin
WebDAV: Another way of identifying Microsoft servers is their implementation (from Windows 2000 and IIS 5.0 on) of WebDAV — the HTTP Extensions for Distributed Authoring and Versioning. WebDAV itself is not unique to Microsoft or IIS; it is a proposed standard (RFC 2518) with an IETF Working Group. Microsoft’s WebDAV support, however, adds a lot of information to the headers sent back by the server, especially when an HTTP OPTIONS request is made. If you are not using WebDAV (to support Outlook Web Access or Web Folders, etc.), you can disable it entirely by editing the registry or by using IISLockDown and URLScan.

Public Header: Certain Web servers betray their identity by displaying the Public header in HTTP responses. Few popular Web Servers send this header in response to OPTIONS requests (while almost all respond with the similar Allow header). The presence of Public is a good indication you are connected to either an IIS box or Netscape Enterprise 3.6. The Public header can be removed with a custom ISAPI filter (IIS) or NSAPI plug-in (Netscape).

Integrated Windows Authentication: IIS users should not rely on “Integrated Windows Authentication” — especially not as a way of hiding anything on the server. This method betrays the very secret it would keep, since a script or visual hacker can identify the Windows box by means of the WWW-Authenticate headers sent by the server. When a file or directory is protected by NT Challenge-Response authentication, one of the authentication headers contains the string “NTLM” (NT LAN Manager) — a Microsoft-specific form of HTTP authentication.

Get Your Headers Straight
The number and sequence of your HTTP headers and the presence or absence of certain platform-specific headers provide handy ways for more sophisticated hackers to fingerprint your Web server. A relatively unexplored area of server profiling, this will become a more common exploit as administrators start to implement countermeasures against obvious HTTP vulnerabilities like the Server header. For IIS users, a custom ISAPI filter can alter the Microsoft-specific header order or sequence to emulate, say, a default Apache installation. Apache users can accomplish any header order emulation they wish by experimenting with the location and order of Header directives in mod_headers.

Whose Default is That?
Default messages, pages and scripts of all kinds often contain clues to server identity, and these should be removed or modified accordingly. Software behind the Web server often bubbles error messages back through the HTTP request/response cycle, and customized HTTP errors can mask application server, database server, Web server and OS identity. For IIS, CustomError makes it easy for developers to deploy custom 404 and other HTTP error pages. This article shows how to implement custom HTTP errors in Apache. Avoid this on a development server, since, when done properly, it prevents database and server-side scripting errors from being seen — making it tough for developers to debug their applications! Remove or hide any Web or application server administration pages, scripts or documentation installed under your server’s Web root, and make sure to replace those default home pages.

• 1 Comment