Subscribe to our Monthly Newsletter

Mobile Friendly Web Design – How to Survive Mobilegeddon

mobilegeddon_readyAnother Google algorithm update has been rolled out. Has your ranking been impacted? Does Google find your website to be Mobile Friendly? If you aren’t sure, there are a number of ways you can find out if your Google ranking is doing well for smartphone users, or if you have some work to do. Should there be a need to modify the design of your website for smartphones, you’ll find a number of resources here about mobile friendly web design.

April 21st, 2015 was a red letter day in digital marketing circles, after Google announced it would be rewarding websites which it deemed to be mobile friendly. Unlike the Panda, Penguin, Pigeon and Hummingbird updates before it, Google provided some detailed SEO guides about preparing for the date many inbound marketing experts termed “Mobilegeddon”.

Fundamental elements of a mobile friendly website include:

Responsive Web Design (RWD)

RWD means a common web experience across smartphones, tablets and desktop computers, where page content expands and contracts to fit the size of the user’s device. This means having adequate open space on your site surrounding your content, collapsible sidebars, dynamic images and graphics and other elements which automatically configure themselves based on the device which calls up your website. Many web Content Management Systems (CMS) such as WordPress, Sitefinity and Drupal make deploying a responsive website much easier.

Mobile Friendly Navigation and CTA Buttons

Many consumers are making online purchases from smartphones these days, or making their decisions of what to buy in store on their mobile devices. Making it easy for visitors to find the buttons or links to get to the information they want is critical. Having high-contrast, thumb-friendly “Click-to-Call” or “Order Now” buttons is critical to reaching the iPhone, Android, Windows Phone or yes, even Blackberry user. If you want to see how your website looks on most of these devices, use a mobile device emulator or, better yet, Google’s Mobile-Friendly testing page.

Robots.txt, Page Loading Speed and Content Overload

Some of the errors you might get from the Google Developers’ Console (formerly Webmaster Tools) include

  • txt blocking the Googlebot from measuring page loading speed
  • Content not fitting the screen,
  • Links being too close together
  • Text being too small to read
  • The mobile viewport (viewing area) is not set

If some of these errors occur on your site, fear not! Google provides you with advice on how to fix your site to resolve these issues. We checked the ServerMania website for mobile friendliness, and you’ll be happy to hear we passed!

If you are using one of the popular web CMS software applications, or e-commerce engines which are available in the marketplace, you are quite possibly already mobile friendly, or there may be quick and easy ways for you to adapt your site for smartphones. If you built your site from the ground up with HTML or a more “development intensive” website builder, you may have more work ahead of you.

One caveat to keep in mind about the Google mobile-friendly web design algorithm is that it really applies to smartphone searches only. It doesn’t apply to searches from tablets, laptops or desktop PCs. Mobile SERPs (Search Engine Results Pages) are small as it is, so getting on to page one is a challenge in itself. If you don’t have a site which is deemed mobile friendly by Google, no amount of blogging, back linking or social signals are going to get you on to “Page One Jr.”

For further insights on getting ready for Mobile SEO, the web presence optimization wizards at gShift have a great webinar on the topic. Servermania offers a number of Cloud hosting packages for websites and applications, let’s talk!

Continue Reading · Comments { 0 }

Mobile Marketing for Your Business – 2015 Trends

Mobile Advertising StrategiesStatistics show, mobile web browsing and searches have eclipsed that of laptops and desktops. There are nearly 1.9 billion mobile users, compared to about 1.8 billion desktop users. Capturing the hearts, minds and wallets of mobile device users takes deep expertise. Mobile marketing for your business is vastly different than traditional marketing, digital or otherwise.

Not only are your prospects using a smaller screen, you also have to consider:

  • Environmental distractions around the viewer
  • The propensity of the ad to be skipped, ignored or closed mid-stream
  • Rapidly changing user preferences for apps and platforms
  • Declining installation of apps on tablets and smartphones, increased use of mobile friendly browser based websites

Increase Ad Engagement

Getting the attention of a game player, video viewer or other mobile user means getting your “hook” early and sinking it deep. The best mobile ads, just as with other traditional advertising media, include characteristics or attributes like:

  • Videos which tell a compelling story, either focussed on the product being promoted, or explaining key messaging from your brand
  • If you can afford it, connect a celebrity, popular music, or other theme into your ad which incites an emotional response from your viewer. Kate Upton doesn’t work on the  cheap!
  • Interactivity – give the viewer of the advertisement a chance to get into the driver’s seat of your ad. Some mobile ads are allowing the users to choose the outcome of a video sequence. If you can make the simulated use of your product result in a positive outcome, and not using it results in a “not-so-happy ending”, you can win your prospects over.
  • More funny, more money – Mobile ads with an ironic twist, a winning catch phrase or a knee slapper of some kind can help your ad go viral, increase engagement and make your ad more memorable. Instead of mobile ad impressions which get fast forward or ignored, viewers will stick around for a laugh and thank your ad for a little levity in their day.

Mobile Calls To Action

Whether you are looking to get your audience to download your app, click on your landing page link, or call your 800 number, getting a mobile conversions to paid customers means providing clear, simple methods for your audience. A clear “Book Now” or “Click-to-Call” button takes up very little space, but is more effective than providing a phone number or other “passive” invitation for a user to go to your physical or online store to take action. Taking as much of the thought process out of your call to action as possible can increase your conversions. Make the size, colour and wording of “Buy Now” or “Add to Cart” buttons bold, unique and concise.

For big ticket items, this “hard sell” approach isn’t as effective. Have your mobile ads invite your audience to learn more about your product on a focused landing page on your website. Have your mobile friendly landing page welcome the user from the source page, and where it makes sense, tailor the content of the landing page based on the content of the website they connected from.

Optimizing on Limited Ad Real Estate

If you are working with a mobile display ad, you want every pixel to count. If your brand isn’t a

household name, focus more on getting users to react to your products or services, and leave your company name off the banner. If you can squeeze in a logo, or match the colouring of the advertisement to your website for continuity. If your brand is a compelling enough trigger for users to take action to find out more, swap out the focus on the CTA to focus on your product or company name.

Create a Sense of Urgency

When you are trying to connect with an audience on a mobile device, create a compelling reason to act now! If your ad contains a “mobile only” discount on a product or service, it can help to move more products, and test the effectiveness of your mobile ad targeting as well. Don’t leave it to fate for your audience to move on to an article or take action – instill the fear of missing out on a great deal or opportunity!

Since mobile users aren’t chained to a desktop, or burdened by a laptop, mobile marketing for your business means making the most of a small space to incite emotion, evoke curiosity, and stimulate excitement about your products or services.

Contracting the services of an effective digital agency is the difference between turning mobile ads into a goldmine for your business, or wasting your time and money on marketing which gets overlooked and can’t convert!

Continue Reading · Comments { 0 }

What Publishers and Ad Networks Can Do To Ensure Mobile Advertising Is Fast and Effective

0073In recent years new development practices and hosting technology have helped websites deal with the performance issues of delivering media-rich online experiences, but the delivery of third-party ads has been something that has consistently affected page load times for years.

Modern websites rely on a patchwork of third-party code to operate ranging from code libraries (like JQuery) to social sharing buttons to external ad networks. Most of these code requests are useful and execute reliably, but they aren’t always necessarily tuned towards performance.

Because many targeted ad networks work on a model where advertisers bid for placement on certain websites, many sites have code that queries multiple ad networks to find the highest paying ad. Between loading a page and actually serving the ad on your page, an ad call can touch as many as 500 different servers.

Mobile devices add further complications to content delivery under this model. For instance, mobile browsers may render content differently, and they also might have to contend with slower or intermittent internet connections.

However, the speed at which full mobile websites and applications are delivered is vitally important because any delay experienced by users will cause them to give up on your website or app. For a content publisher, this means losing out on ad revenue, and even causing site visitors to abandon the site out of frustration. When mobile ad networks cannot deliver ads effectively, they’re not promoting their clients effectively, and causing their publishing partner sites to be less effective as advertising venues.

What Content Publishers Can Do

There are various coding practices that ensure mobile ads have a minimal effect on load speed. A good first step is to eliminate any unnecessary scripts. Another step is to determine what elements (including display ads) can be loaded after the main site content has loaded, and schedule scripts to asynchronously execute the code after the initial load.

Developers can also serve multiple ad placements on a page with a single server request that’s forwarded to a proxy server that handles the request, and also records impressions, clicks and other metrics.

It could be wise to limit the number of ad networks the site calls upon. You might not get the absolute highest payment per ad, but you will gain in latency. It could also be important to avoid certain targeted ad networks which have been known to slow page load times by almost two seconds.

What Ad Networks Can Do

The mobile ad network provider plays a really important role not only in facilitating relationships between content producers and advertisers, but they also deliver the ads that appear on the consumer’s device.

Mobile ad networks should have lean and effective algorithms for finding relevant ads. But on a server side, they should also have enough capacity to deal with spikes in demand, and ensure that requests from sites are delivered with extremely low latency. And ad networks are increasingly incorporating data-intensive media such as video and interactive content.

This means that the ad network doesn’t contribute significantly to end-user load times.

Conclusion

Mobile ads are becoming enormously important for online businesses. When it comes to mobile ads, companies have reported major increases in brand spend, rising cost-per-impression, and more interest in video and rich media ads. Advertisers excited by the potential of mobile ads to reach new audiences, so it’s vitally important that mobile ad networks delivering ads as quickly and efficiently as possible.

When everything works together, advertisers get visibility, publishers get revenue, and end-users get ideal experiences.

Continue Reading · Comments { 0 }

Enact The “Principle of Least Privilege” for More Secure IT

security camera on wall

Image courtesy of Ervins Strauhmanis.

The Principle of Least Privilege is one of the most fundamentally useful security concepts. It basically states that every part of a system must be able to access only the information and resources necessary for its legitimate purpose – but nothing more.

This is extremely important when it comes to securing your organization’s IT environment, and it applies equally to applications as to people.

In short: the fewer people with access the better.

But this blog post will go deeper into this concept. Continue Reading →

Continue Reading · Comments { 2 }

EMC’s VNXe Server Architecture – A Primer

Image Copyright EMC Corporation

Image Copyright EMC Corporation via their Flickr

As I’m sure you all well know by now, EMC is a pretty big name in the hosting space, responsible for producing some of the most acclaimed and often-used products in the industry.

Among their most popular pieces of hardware is the VNX Series – specifically, the recently-developed VNXe3200.

Let’s talk a bit about that, shall we?

Today’s piece is going to be strictly informational.

We’re going to tell you a bit more about the VNXe Series. By the end, you’ll understand how it works, who should use it, how to install it, and how you can take on some of the most common issues you’ll come across. Continue Reading →

Continue Reading · Comments { 0 }

4 Reasons VPNs are Essential for Modern Mobile Businesses

Mobile-business-woman-using-tablet

In order to stay competitive, businesses are being forced to become more flexible and mobile. But allowing certain data and applications to be accessed outside of the office presents a new set of security risks for organizations.

Virtual Private Networks provide a secure tunnel that lets a device connect to corporate resources to make remote interactions more secure. This provides more assurance that corporate resources are only accessed by approved individuals and devices. Traffic is also encrypted end-to-end, making networks less susceptible to attacks ranging from Man-in-the-Middle and message replay attacks designed to get access to a network, to Denial-of-Service tactics aimed at flooding a server with requests to block legitimate connections.

Because they’re often more susceptible to these sorts of attacks, connections to sensitive files and applications made remotely on mobile devices should be done through a VPN tunnel.

VPN tunnels are essential for employees and other individuals to access sensitive files and applications. And if your organization wants to remain secure and competitive, it should adopt a VPN strategy.

Employees Demand Mobile Functionality (and Will Do Risky Things To Get It)

Whether administrators like it or not, employees are likely already using their smartphones and tablets to do their work. They often use mobile devices to access corporate resources simply because it’s more convenient than logging onto an approved PC or laptop.

Further still, in order to access resources like files on mobile devices, employees might “mobilize” corporate content by copying files over to a cloud-based storage service like Dropbox. In this scenario, IT administrators have no idea that corporate data is residing on an unapproved service, so it has no oversight over that data or how it is used. An attacker that gets access to this employee’s Dropbox account will now have access to corporate files.

If organizations don’t provide ways to access corporate data securely, employees can often engage in risky behavior in order to make data available to them on their favorite devices.

Data Breach Risks from Compromised Mobile Devices

The portability and small size of mobile devices make them very convenient, but it also means that they are easily lost or stolen. They can also be hacked or otherwise compromised.

A VPN can ensure that secure connections to corporate resources are no longer possible once it becomes known that an end-point device is compromised. And because a VPN can allow greater monitoring of individual connections, helping detect suspicious behavior from devices, giving IT a chance to revoke privileges and stop a data breach from happening.

Increased Capabilities

Giving employees the capabilities to remotely access corporate information quickly allows them to be truly mobile employees. With secure remote access, they can more quickly respond to business needs even while not in the office. A corporation can offer mobile applications that allow employees to be more productive wherever they happen to be.

Also, by not tethering employees to their workstation, this added flexibility can counteract burnout, and lead to a better work-life balance.

Meeting Compliance Obligations and Avoiding Fines

Especially in highly regulated industries, there are certain cases where secure end-to-end remote connections can be a legal requirement.

In the healthcare industry, for instance, IPsec and SSL VPNs can be used for securing remote users accessing records in compliance with the HIPAA rules that govern U.S. patient health records.

In addition to losing customer confidence, corporations can face risk penalties and fines if sensitive data is lost or stolen.

Conclusion

Employees are increasingly doing work using mobile devices, which is a desirable trend for organizations that want to be more flexible and agile, but they should also be prepared to deal with the new security risks. To provide secure connections, VPN tunneling should be considered when implementing remote access for mobile devices.

Continue Reading · Comments { 0 }

Doing Page Redirects the Right Way

redirectDoing Page Redirects the Right Way

Redirecting webpage requests is useful when you’ve deleted outdated pages, or when moving your site to a new domain. Rather than give site errors to visitors, and tempt them to leave your site, you should make sure they are redirected to a page on your website.

There are several ways of doing this. We recommend server-side 301 redirects in most cases but there’s also a method that uses HTML that could be used in a pinch, and especially when you don’t have full server access.

HTML Meta Redirect

The HTML meta element can be used to redirect the user to another page after a specified number of seconds.

Place the following in the <header> tags:

<meta http-equiv=”refresh” content=”5;URL=’http://www.example.com/newPage‘” />

Within the “content” field, the first number specifies the number of seconds it takes to redirect, with “0” being an immediate redirect. Having a delay could be helpful if you want to let visitors know that a certain page or site has been removed, and that they’re being redirected to another location.

But there are many reasons to avoid HTML meta redirects. They are not particularly good for maintaining search engine ranking. They also often break the “back” button, so when the user tries to go back, it triggers the refresh, sending them back to the original page. Also, it might not work with all user agents such as screen reader software according to W3C.

Server-Side 301 Redirect Scripts

Server-side scripts or configuration file can send an appropriate redirect status code (for instance, “301” means that a page has permanently moved to a new location) and a location header specifies another URL for redirection. When the browser receives this response, the location bar changes and the browser makes a request with the new URL.

There are several ways of doing 301 redirects.

PHP Header Method

In PHP, developers can send a raw HTTP header with the header method. The code below sends a 301 status code and a new location. If no status is explicitly set, it sends a 302 status code, which basically specifies that it’s a temporary redirect and the new path is not cached in a visitor’s browser.

Example Code:

<?php
header(“HTTP/1.1 301 Moved Permanently”);
header(“Location: http://www.example.com/newPage.php“);
?>

It’s important to note that the header() function must be called before any actual output is sent for the redirect to work.

You can also use PHP’s power as a programming language to automatically redirect pages such as pages not found on your website. For that particular situation, SitePoint provides a tutorial on creating a PHP script that sends the site visitor to the correct page or similar content.

The Apache Redirect Method

If you have access to make changes to the .htaccess file on your Apache server, you can do simple Apache redirects. You need to locate the .htaccess file and open it in a text or code editor.

You’ll be making the redirects using the following basic syntax:

Redirect [status] URL-path URL

Example Code:

redirect 301 /oldPage.html http://www.example.com/newPage.html

After “301”, specify the file or the folder to be redirected, and then the destination.

For more elaborate Apache redirection, you might want to look into how to do URL rewrites. Apache also provides a guide to common rewrite scenarios.

Other Languages

W3 describes how to do server redirects in Java Servlets or JavaServer Pages (JSP), and in Active Server Page (ASP) with VBScript in its online documentation. And 301 redirects can be done in other languages such as Ruby on Rails.

A Note on Staying Search Engine-Friendly

In terms of keeping pages optimized for search engines, Google says that 301 redirects are the best way to ensure that users and search engines are directed to the correct page. They capture the intended traffic from that link for the page it redirects to.

According to Google’s Matt Cutts, there is no limit to how many 301 (or permanent) redirects you can do between one page and another. But redirecting multiple times (ie. hopping from page 1 to page 2 to page 3, etc.) can cause the Google crawler to give up after a few hops and also increase the overall page load time. Cutts recommends limiting redirects to a maximum of around 4 or 5 hops.

To redirect people who access your site through several different URLs, for instance, . http://example.com/home, and http://home.example.com to a preferred (or “canonical”) destination, then you would also set your preferred domain in Google Webmaster Tools.

Conclusion

Page redirects can send visitors to the most current resources, but also help when, for instance, someone sent out an incorrect link URL. For these reasons alone, page redirects can be very common. And when it’s necessary to redirect pages, it’s best to use server-side 301 redirects because they’re less likely to confuse users as well as search engine crawlers.

Continue Reading · Comments { 3 }

What Exactly Is “void 0” – And What’s It For?

nullHey there, folks! Today, we’re going to talk all about one very specific command in JavaScript: “void (0)”, also seen as “void 0”. It’s a quirky command; one whose purpose many aren’t entirely clear on. To confuse things even more, there’s also an error message: “javascript:void(0)” that is basically unrelated. We’ll talk about both to clear up the confusion.

Let’s see if we can clear things up a bit.

Shall we begin?

The “javascript:void(0)” Error Message

Right. According to Tech-Faq, this is a fairly unique error, primarily because it can be encountered by users of pretty much any operating system.

There are quite a few issues which might cause this troublesome little error prompt to pop up:

  • Conflicts with ad blockers/popup blockers
  • Poorly-written JavaScript
  • Disabled JavaScript
  • An Outdated Web Browser
  • Use of a proxy server

As I’m certain you’ve noticed, the error is caused by the user in all but the second case, where it’s usually caused by “web page authors who don’t check their script for compatibility.” In that circumstance, the user has no choice but to use the browser that the script was written for.

If you’re a developer or sysadmin, this is a reminder to test your scripts in as many browsers as possible.

And now for something completely different…with a very similar name.

The “void” Operator and “void 0”

“void” is an operator that can be applied to any argument in a script. The syntax goes a little something like this:

<head>
<script type=”text/javascript”>
<!–
void func()
javascript:void func()

or

void(func())
javascript:void(func())
//–>
</script>
</head>

When “void(0)” is applied to an expression or argument, the value returned is always “undefined”, regardless of the other values present. That may seem somewhat useless at first glance; and more than a little obtuse. After all, why not simply use “undefined” itself?

For that matter, why do you need any of this stuff at all?

A couple reasons. Let’s start by explaining why the “undefined” value is important in the first place. Believe it or not, there’s actually a ton of different reasons one might use it.

Why Use “void”?

According to Tizag, one of the most common uses for “void” is so that JavaScript can be executed in a web browser without having to load a new page. See, most browsers allow you to run scripts by entering it into the URL bar. With “void (0)”, you can do this without having to switch pages – it effectively cancels out the page load.

This allows you to build a link whose sole purpose is the execution of JavaScript code (though some might argue that isn’t really the purpose of a link).

“Web browsers will try to take whatever is used as a URL and load it,” reads Tizag’s tutorial. “The only reason we can use a JavaScript Alert statement without loading a new page is because alert is a function that returns a null value. That means that when the browser attempts to load a new page it sees null and has nothing to load.”

“The important thing to notice here,” the tutorial continues, “is that if you ever do use a JavaScript statement as the URL that returns a value, the browser will attempt to load a page. To prevent this unwanted action, you need to use the void function on such statement, which will always return null and never load a new page.”

What’s The Difference Between “void (0)” and “undefined”?

The problem with simply using “undefined” instead of “void (0)” is that the former isn’t a reserved word – it’s generally a variable, rather than an operator; in some JavaScript environments, it’s actually a global. It may occasionally have the value of “undefined”, but that’s not guaranteed, because somebody can always assign it a value that isn’t “undefined.”

On the other hand, “void” always returns the value of “undefined”. As far as the difference between “void (0)” and…well “void” with any other characters; that’s kind of irrelevant. “void “dingleberries”” would work just as well as “void (0)” or “void 0”.

Image credit: Andreas

Continue Reading · Comments { 0 }

A Complete Guide To chmod: recursive, force, and More

What Is chmod?

The purpose of chmod – which stands for Change Mode – is to change access permissions for files and directories. It’s also able to modify special mode flags, such as sticky bit mode, SUID, and SGID. It’s been present in Linux and other Unix-like operating systems since the 70s, in AT&T’s Unix Version One, but in the time it’s been in use, a number of access_control_lists have been added to increase the flexibility of the command.

How Is chmod Used?

(Advice in this section is courtesy of Computer Hope).

The proper syntax for chmod, depending on how you want to use it, is as follows:

chmod [OPTION]… MODE[,MODE]… FILE…
chmod [OPTION]… OCTAL-MODE FILE…
chmod [OPTION]… –reference=RFILE FILE..

Options

In all cases, you start by defining which options you want to implement. The most common options include verbose (-v or –verbose; shows the items you’re processing), recursive (-R or –recursive; includes objects stored in subdirectories) and force (which ignores errors and continues applying chmod). In the event that a symbolic link is included, chmod includes the file or files specified in the link.

Additional chmod options include…

  • -c or –changes: Describes the action for each file whose permissions change.  
  • -f, –silent, or –quiet: Instructs chmod not to print out error messages.
  • –preserve-root: An option that can only be applied with –recursive; this prevents any attempts to recursively change the root directory.
  • –no-preserve-root: Ignores any preceding –preserve-root options. Again, only relevant when using –recursive.
  • -reference=ref_file: Changes the mode of each file so that it’s the the same as the reference file specified.

Modes

(The majority of the information in this section is provided courtesy of freebsd)

Absolute Modes

There are eight different file permission modes in Linux: read, write, and execute; read and write, read and execute, read only, write and execute, write only, execute, and none. With chmod, these modes are defined in an octal format, using 0 through 7. There are four digits in the command; the first digit is optional and used to define special flags while the second to fourth are used to set permissions for the file’s owner, the user group, and other users outside that group.

These octal values represent absolute modes, which are put together from the sum of one or more of the following:

4000: (setuid): Sets executable files to run with the effective uid of the file owner. Directories with this bit will force all files/subdirectories created in them to be owned by the directory owner.

2000: (setgid): This will run executable files with the effective group id of the file owner.

1000: (sticky bit): Used to indicate special treatment for directories. Read more about it here.

0400: Allows read exclusively by the file owner.

0200: Allows write exclusively by the file owner.

0100: Allows execution exclusively by the file owner.

0040: Allows read exclusively by group members.

0020: Allows write exclusively by group members

0010: Allows execution exclusively by group members

0004: Allows other users to read

0002: Allows other users to write

0001: Allows other users to execute

Symbolic Modes

Modes can also be defined symbolically, with the following syntax:

mode ::= clause [, clause …]
clause ::= [who …] [action …] action
action ::= op [perm …]

who     ::= a | u | g | o
op ::= + | – | =
perm    ::= r | s | t | w | x | X | u | g | o

Who specifies the user, group, and other parts of Mode. Perm represents portions of mode as follows:

  • r: Read
  • s: Setuid and Setgid
  • t: Sticky
  • w: Write
  • x: Execute/search
  • X: Execute/search if the file is a directory or execute/search is set in the original mode Only used in conjunction with the op symbol +
  • u: User permission bits in the original file
  • g: Group permission bits in the original file
  • o: Other permission bits in the original file.

Further, op represents the operation performed, taking into account the following:

  • “+” Only works if ‘perm’ has been specified. If no value has been specified for who, each bit specified in perm is set. If both who and perm are specified, the mode bit represented by them is set.
  • “-“ Has the opposite effect of ‘+;’ clearing values instead of setting them.
  • “=” Clears the who value. If no who value is specified; clears owner, group, and mode. Following that, if who still is unspecified, sets perm values.

Finally, clause represents operations to be performed on the mode bits, in the order specified.

What chmod Operations Should You Generally Avoid?

There’s really only one chmod operation that you should generally avoid, as using it can cause some pretty significant security issues on your server. This is chmod 777.  There’s a very good reason you shouldn’t use this one – it gives full permissions to anyone who accesses your server.

That represents a pretty significant security risk. Instead, it may be better to simply use chmod 775, or have whatever script you’re creating run as the owner of the files with the SUID flag.

In addition, where directories are concerned; avoid using 664 for your permissions. You need to execute permissions on a directory in order to access it; removing that permission will break whatever you apply it to.

A Few Additional chmod Tips

We’ll wrap up with a bit of extra advice related to chmod:

    • Remember that you need read permissions in order to list directories and subdirectories.
    • You can set all files in a folder or directory to writeable with chmod -R 775 [directory]
    • Files and directories can have permissions applied independently through the find command. For example:
  • find . -type f -exec chmod 640 {} \; for files and find . -type d -exec chmod 750 {} \;
  • Generally, “site chmod” through ftp has only basic functionality – it’s not the full Linux command, so what you can do with it is extremely limited.
Continue Reading · Comments { 0 }

Why You Can’t Afford Not To Protect Yourself From DDoS Attacks

ddos

Image Credit: Thierry Ehrmann

On February 11, 2014; Cloudflare’s European and U.S. data centers very nearly had their networks taken offline by the largest Distributed Denial of Service attack in history. Directed at one of Cloudflare’s customers, malicious traffic at the time of the attack topped 400 Gbps, taking place over a new – and previously undefended – attack vector. Worse still, many have pointed to this attack as a sign of worse things to come.

“Someone’s got a big, new cannon,” said Cloudflare CEO Matthew Prince over Twitter, talking about the attack. “Start of ugly things to come.”

He’s not wrong. DDoS attacks are on the rise, and it’s going to get worse before it gets better. As groups like Derptrolling and Lizard Squad parade about liberally shelling websites and networks, other, more insidious criminal groups operate behind the scenes, using DDoSing as a cover for theft or fraud. Continue Reading →

Continue Reading · Comments { 0 }