How ToNewsfeed

11 Things every Zambian webmaster should be thinking of

Webmaster Web Trends
Webmaster Web Trends

We can all agree that platforms or frameworks like Google Sites, WordPress, Joomla, Drupal, etc have not only made the process of getting a website up and running a lot easier than before, but have also made it more enjoyable to manage content.  However, while that may be the case, there are some essentials in my opinion that are essential, hopefully we can grow this list with your comments below:

  1. Always have an offline test environment identical to your live site to test plugins, and other features. I do a lot of UX design work for a variety of clients that are predominantly Windows and Office, and as is the case, Microsoft rolls out a lot of patches to fix bugs in SharePoint, IIS or even their server Operating systems.  In some rare cases, these updates do break some functionality of SharePoint sites.  In having this separate test environment, I can test the implications on the live sites for each site.  By avoiding surprises, I minimize downtime and have a solid and thorough understanding of what’s running with the site and the possible implications.  For those of you running blogs and actual company websites built on popular platforms like WordPress, Joomla, Drupal, etc., I am sure you know of XAMPP or WampServer, that come bundled with an Apache Web Server, PHP and MySQL to allow you to simulate your website on your localhost
  1. Caching is king. We all complain that a site is slow and a lot of times the provider of our Internet service takes the blame, but in all honesty, some sites are just outright slow.  Picture a Magento ecommerce website built off a GoDaddy shared hosting for K65 a month, what would you honestly expect performance-wise?  Unfortunately, with the weak kwacha, going for a Virtual Private Server or even a dedicated server to host your site is quite a steep amount to fork out and that’s okay, because for most sites, a tweaked shared host is enough.  On WordPress for example, you can speed up the delivery times of content to users using known plugins like W3 Total Cache or WP Super Cache that simply convert any dynamic content, which requires more processing, into static pages.  What kind of performance boost you see really depends on how minimal your design is.
  1. Defaults admin user name and back-end links are lazy mistake. When an attacker is staging an attack on your website, the most likely place they’ll start is your back-end, can they load the /wp-admin, /administrator or /admin pages depending on your platform and run a brute force attack on usernames like administrator, admin, root, webmaster, etc?  For most sites, these defaults are kept by most developers quick to want to go live.  Always change those URLs to customer titles, and use user account other than the defaults.
  1. Have a site map, your logic is not always the most logical. I accept, it is an old way of designing websites, but it does serve its purpose, in this age of layers upon layers of content, it is easy to get lost poking around.  I always like to keep one around for anyone that would have time to want to get directions.
  1. Always have a security policy and an account lockout policy. Above I spoke about how default accounts can be brute-forced.  Until recent updates, most platforms didn’t have an account lockout policy, which meant an attacker could continue trying a username and password combination indefinitely.  A simple library attack of say, a thousand accounts trying say, 50,000 possible passwords could spell doom for your site and probably lead to a Denial of Service (DoS attack).  I always like to have a 3-strikes and you’re out policy for any account. For admin accounts, I’ll ensure they are locked out for 1 hour after 3 unsuccessful login attempts and for user accounts, say, 10 minutes.  And because I have setup alerts, I can keep track of what IP addresses are polling my sites and block them if need be. Another unrelated issue to account lockout policies but in the same lane as rogue IP addresses are rogue bots sniffing my sites.  I only allow official bots from say Google to index my content.
  1. Analytics are also king. Know who your audience is, where they are and what content they are reading.  I don’t have to worry about this bit, but for a lot of you with blogs and actual websites that rely on user traffic, analytics mean the world.  Understanding what your users are clicking, when they are clicking and for how long they looking at a piece of content is an important way of knowing if you’re making any impact. There is nothing as feature rich as the Google Analytics platform out there that’s also free.  Tap into its power and gain an in-depth understanding of your site’s readership with its readership.
  1. Tag your content. There’s a whole trade that many have built around this activity and the web has lovingly named it “Search Engine Optimization”, and of course I am being sarcastic here, so please don’t quote me.  Basically when a search is run on your content, it doesn’t happen line-by-line, your page’s metadata where the run is first run, and if a keyword corresponds with a user’s search, that page is presented as a search result.  Properly optimized websites know what people search for, and arrange their content around those popular search terms, which is why we see some sites at the top of the search tree than others.  Categorising and tagging your content makes it possible for your content to search better
  1. Have a maintenance-mode strategy. One thing that frustrates me the most about Zambian websites is the fact that you’re not guaranteed of finding it tomorrow and if you do, it might not necessarily look as it did the day before.  Some admin might have moved things around breaking the site or even changing the “ergonomics” of the site without knowing it.  I love to schedule downtime months before for major changes, weeks before for mimor changes and days or hours before for critical changes.  A minor change would be anything that doesn’t affect the performance or security of the site, say adding a new menu.  A major change would be say, changing the theme, while a critical change would be say, a security patch with a high severity.  There after I like to outline what I will change and why the change is necessary, think of it as a “Change Request” for those of you into ITIL terminology.  This CR is both for myself, and for the users.  It helps serve as a guide for me, and also set user expectation.  There is nothing more annoying than a user calling in asking what time everything will be up and running because you promised that everything will be up “soon”.  Unless you get into the habit of being systematic, your site will continue to be a pile or disorganised content and colours.
  1. Understand what host works best for the platform you choose, Going willy-nilly into a Godaddy hosting just because they have a vigorous marketing campaign doesn’t translate to the best performance. I touched on this when I talked about caching, however caching will not solve all your performance woes.  As your site grows, you want to look at hosting providers that meet the volume and performance needs of your site.  A good example would be the hosting of a Magento site, any one that’s developed on the platform knows how resource hungry it can be, making a shared hosting solution quite useless even with caching.  There are hosts for blogging websites, others for e-commerce, etc. Understand what you’re getting not in terms of only bandwidth, but also in terms of sheer processing power, memory and latencies.
  1. Stop using pirated templates, there is a high chance of them exposing you. I know getting out of torrent addiction is hard, but trust me, there are no shortcuts when it comes to the important things in life.  Most pirated website templates have exploits integrated into the code. I once discovered a code block within a PHP file that logged each login attempt to a log file, initiated an ftp connection to a remote site and uploaded it, all nicely tucked away.  While, this is not always the case, it’s not worth it.  I would rather you got by with a WIX site, a free template available on a legitimate site or even your own static html pages.
  1. An FTP site is your friend, and yes, I know I might have scared some of you above, but there is nothing more annoying than wanting to transfer 200 files between your test bed and your live site using a browse/upload button. And yes, most platforms have some fancy multi-file functionality built in, but nothing beats good old FTP’ing with say Filezilla.

Source: ICTZM
Img Source: www.jlbworks.com

2 thoughts on “11 Things every Zambian webmaster should be thinking of

  • very informative, thanks.

  • Just to provide an alternate perspective — I’m a big fan of migrating away from things like wordpress and joomla, and rather going to a “serverless” environment. A great example is github-pages, which hosts your site for free. Along with the fact that your content goes into git (and thus becomes version controlled), github-pages also puts your content on their CDNs worldwide.

    Github-pages + Jekyll (a static site generator) has been marvelous for me and my business!

Comments are closed.