09 December 2014
09 December 2014
04 December 2014
Siege is one of many website stress testers. It spawns multiple processes and begins requesting the pages from the target website as rapidly as it can. There is no attempt at obfuscation; it’s very obvious, traceable and blockable, but it is good for seeing how your server will handle under load. You can get the source code from http://www.joedog.org/siege-home
30 November 2014
Sqlmap is a tool for automating SQL injection discovery and exploitation on your websites, or your clients. Fortuitously it works well via cygwin, though it requires some setting up.
22 November 2014
05 October 2014
Just a quick update for those living in Cygwin-land.
02 October 2014
The need to promote companies on the internet is pushing many traditional marketers to re-brand themselves as digital marketers, but there is going to be a while before gap between traditional and digital marketing is closed. After spending time optimizing my project site cygwin.rafaelhart.com (Now offline), and other research I’ve come to the following conclusions:
All the optimization in the world won’t move a bad page up the search engine rankings, people need to actually want to read it. Good quality content lends itself to being optimized. The benefit of this is that traditional marketing techniques apply here - targeting, tone of voice, etc, and ‘digital marketing’ skills aren’t as relevant.
A great deal of thought has gone into search engine algorithms, and the ability to alter content according to set rules and have the page rank increase dramatically are over. You can write non-optimized content, and it will hit the top of the page rankings if it is popular. Over time we can expect to see the algorithms altered to reduce the effectiveness of SEO that doesn’t add to the content in some fashion. A quick google will bring up dozens of articles decrying SEO’s downfall because structuring and optimizing content will never cease to be relevant, but it’s days of disproportionally altering page rank are over.
Just that really. By my measures, 60% of my page views resulted from minimal social media promotion, where the other 40% was from organic search.
Many people charged with improving a website make decisions based of their own usage habits, and how they access webpages. One of the key differences between traditional marketing and digital marketing is that where in the old days you could only roughly gauge customer opinion through inferential statistics, feedback forms, and so forth, you can now track them in exacting detail, down to the size of monitor or device they are looking at your page through.
Like any professional field, digital marketing comes with it’s own terms, and Conversion Rate Optimization is one of these. A/B Testing is probably the best known CRO technique, but the fundamentals are to measure your baseline conversions, make a change, and see how that baseline is effected. You revert changes which aren’t successful, and you keep the ones that are.
Most unoptimised websites look like a brochure, because that’s what they are intended to replicate. In some cases, that’s all they need to be, but in the majority of cases, each page on the website needs a goal. These goals are conversions - the aim of each page, whether that’s to sign up for a newsletter, create an account, or simply read several pages of content. Once you have established that goal, the website needs to be designed to funnel visitors towards achieving that conversion.
I can’t help but wonder if I consider this primarily because of my involvement with webapp & server security, but a company’s digital presence is one a high profile manifestation of its brand. A digital team may implement dozens of changes a month, and security should be considered with these, rather than bolted on or palmed off to an external company. There should also be a communication plan in place for when there is a breach.
Having experienced these kinds of breaches before, it helps to be prepared. Happy optimizing!