Its been while since I have done much blogging about Joomla SEO, almost a year in fact. I thought I would do some research and see how the collective wisdom of the industry has changed with what matter to get a page search engine optimized (SEO). Use this top ten list if you already have a site ranked and want to see what you can implement to get your ranking higher.
How to search engine optimize your Joomla website in 10 easy steps.
Its been while since I have done much blogging about Joomla SEO, almost a year in fact. I thought I would do some research and see how the collective wisdom of the industry has changed with what matter to get a page search engine optimized (SEO). This isn't exhaustive, for that you should check out my Complete guide to Joomla SEO or Alledia's SEO guide. Use this top ten list if you already have a site ranked and want to see what you can implement to get your ranking higher. Much of the information here is based on two 2007 studies about ranking in Google from SEOmoz.org and Sistrix.
1. Keyword Use in Title Tag
and appear in the blue bar of your browser.The number one factor in ranking a page on search engines is the title tag. These are the words in the source of a page in
Choose the title of an article very carefully. Joomla will use the title of the article in the title tag (what appears in the blue bar). It will also be the text used in any insite links (see #5 and 6)
2. Anchor Text of Inbound Link
Anchor text is the text that appear underlined and in blue (unless its been styled) for a link from one webpage to another.
Try to get some inbound links to your article using the keywords you want to be ranked for. Two ways are to do this are through online press services such as PRweb.com or simply by networking.
3. Global Link Popularity of Site (PageRank)
How many pages are linking to your page is called link popularity, or in Google, PageRank.
The more sites link to you, the better. Joomla is a CMS that helps you add content quickly. Create one quality content page per day. Quality content is the most important factor to getting bound links. For a site that will perform well, you eventually need 200 odd pages of content. This is the important point. QUICK SEO IS DEAD. The only way to perform well in SEO now is to have a rich content site.
4. Age of Site
When was the domain of the site registered?
Nothing you can do about this, but there is evidence that suggests that how long you have your domain registered for makes a difference (spam sites are not registered for long). Go and extend your domain registration for a couple of years.
5. Link Popularity within the Site
This is the number of links to the page from inside your own domain.
6. Topical Relevance of Inbound Links and Popularity of Linking Site
Its important that you get quality inbound links. This means they have to be from a site that is topically related to your, and one that has a high PageRank.
7. Keyword Use in Body Text
The keyword density of the phrase you are optimizing for in the content of the page. Still important, the German study from Sistrix identified some interesting results.
A couple of other factors at the bottom of measured/estimated influence.
8. File Size
The file size doesnt seem to influence the ranking of a web page on Google although smaller sites tend to have slightly higher rankings. Optimize those images!
9. Clean URL (Joomla SEF)
Although Keywords in the file name (URL) dont seem to have a positive effect (based on the German study), a URL with few parameters (?id=123, etc.) is important. Turn on Joomla SEF but dont get anal about it.
10. Utilize Your Error Pages.
Too often companies forget about error pages (such as 404 errors). Error pages should always re-direct "lost" users to valuable, text-based pages. Placing text links to major site pages is an excellent practice. Visit www.cnet.com/error for an example of a well-utilized error page. To make the error page fit with the rest of the theme of your site, create an uncategorized article and then copy the source as viewed on a webpage, and put that into the 404 file.
Some hints and tips on security issues in setting up a web server. Some of the suggestions will be general, others specific to Apache.
- Keep up to Date
- Permissions on ServerRoot Directories
- Server Side Includes
- CGI in General
- Non Script Aliased CGI
- Script Aliased CGI
- Other sources of dynamic content
- Protecting System Settings
- Protect Server Files by Default
- Watching Your Logs
Keep up to Date
The Apache HTTP Server has a good record for security and a developer community highly concerned about security issues. But it is inevitable that some problems -- small or large -- will be discovered in software after it is released. For this reason, it is crucial to keep aware of updates to the software. If you have obtained your version of the HTTP Server directly from Apache, we highly recommend you subscribe to the Apache HTTP Server Announcements List where you can keep informed of new releases and security updates. Similar services are available from most third-party distributors of Apache software.
Of course, most times that a web server is compromised, it is not because of problems in the HTTP Server code. Rather, it comes from problems in add-on code, CGI scripts, or the underlying Operating System. You must therefore stay aware of problems and updates with all the software on your system.
Permissions on ServerRoot Directories
In typical operation, Apache is started by the root user, and it switches to the user defined by the
User directive to serve hits. As is the case with any command that root executes, you must take care that it is protected from modification by non-root users. Not only must the files themselves be writeable only by root, but so must the directories, and parents of all directories. For example, if you choose to place ServerRoot in
/usr/local/apache then it is suggested that you create that directory as root, with commands like these:
mkdir bin conf logs
chown 0 . bin conf logs
chgrp 0 . bin conf logs
chmod 755 . bin conf logs
It is assumed that
/usr/local are only modifiable by root. When you install the
httpd executable, you should ensure that it is similarly protected:
cp httpd /usr/local/apache/bin
chown 0 /usr/local/apache/bin/httpd
chgrp 0 /usr/local/apache/bin/httpd
chmod 511 /usr/local/apache/bin/httpd
You can create an htdocs subdirectory which is modifiable by other users -- since root never executes any files out of there, and shouldn't be creating files in there.
If you allow non-root users to modify any files that root either executes or writes on then you open your system to root compromises. For example, someone could replace the
httpd binary so that the next time you start it, it will execute some arbitrary code. If the logs directory is writeable (by a non-root user), someone could replace a log file with a symlink to some other system file, and then root might overwrite that file with arbitrary data. If the log files themselves are writeable (by a non-root user), then someone may be able to overwrite the log itself with bogus data.
Server Side Includes
Server Side Includes (SSI) present a server administrator with several potential security risks.
The first risk is the increased load on the server. All SSI-enabled files have to be parsed by Apache, whether or not there are any SSI directives included within the files. While this load increase is minor, in a shared server environment it can become significant.
SSI files also pose the same risks that are associated with CGI scripts in general. Using the
exec cmd element, SSI-enabled files can execute any CGI script or program under the permissions of the user and group Apache runs as, as configured in
There are ways to enhance the security of SSI files while still taking advantage of the benefits they provide.
To isolate the damage a wayward SSI file can cause, a server administrator can enable suexec as described in the CGI in General section.
Enabling SSI for files with
.htm extensions can be dangerous. This is especially true in a shared, or high traffic, server environment. SSI-enabled files should have a separate extension, such as the conventional
.shtml. This helps keep server load at a minimum and allows for easier management of risk.
Another solution is to disable the ability to run scripts and programs from SSI pages. To do this replace
IncludesNOEXEC in the
Options directive. Note that users may still use
<--#include virtual="..." --> to execute CGI scripts if these scripts are in directories designated by a
CGI in General
First of all, you always have to remember that you must trust the writers of the CGI scripts/programs or your ability to spot potential security holes in CGI, whether they were deliberate or accidental. CGI scripts can run essentially arbitrary commands on your system with the permissions of the web server user and can therefore be extremely dangerous if they are not carefully checked.
All the CGI scripts will run as the same user, so they have potential to conflict (accidentally or deliberately) with other scripts e.g. User A hates User B, so he writes a script to trash User B's CGI database. One program which can be used to allow scripts to run as different users is suEXEC which is included with Apache as of 1.2 and is called from special hooks in the Apache server code. Another popular way of doing this is with CGIWrap.
Non Script Aliased CGI
Allowing users to execute CGI scripts in any directory should only be considered if:
- You trust your users not to write scripts which will deliberately or accidentally expose your system to an attack.
- You consider security at your site to be so feeble in other areas, as to make one more potential hole irrelevant.
- You have no users, and nobody ever visits your server.
Script Aliased CGI
Limiting CGI to special directories gives the admin control over what goes into those directories. This is inevitably more secure than non script aliased CGI, but only if users with write access to the directories are trusted or the admin is willing to test each new CGI script/program for potential security holes.
Most sites choose this option over the non script aliased CGI approach.
Other sources of dynamic content
Embedded scripting options which run as part of the server itself, such as
mod_python, run under the identity of the server itself (see the
User directive), and therefore scripts executed by these engines potentially can access anything the server user can. Some scripting engines may provide restrictions, but it is better to be safe and assume not.
Protecting System Settings
To run a really tight ship, you'll want to stop users from setting up
.htaccess files which can override security features you've configured. Here's one way to do it.
In the server configuration file, put
This prevents the use of
.htaccess files in all directories apart from those specifically enabled.
Protect Server Files by Default
One aspect of Apache which is occasionally misunderstood is the feature of default access. That is, unless you take steps to change it, if the server can find its way to a file through normal URL mapping rules, it can serve it to clients.
For instance, consider the following example:
# cd /; ln -s / public_html
This would allow clients to walk through the entire filesystem. To work around this, add the following block to your server's configuration:
Deny from all
This will forbid default access to filesystem locations. Add appropriate
Directory blocks to allow access only in those areas you wish. For example,
Allow from all
Allow from all
Pay particular attention to the interactions of
Directory directives; for instance, even if
<Directory /> denies access, a
<Location /> directive might overturn it.
Also be wary of playing games with the
UserDir directive; setting it to something like
./ would have the same effect, for root, as the first example above. If you are using Apache 1.3 or above, we strongly recommend that you include the following line in your server configuration files:
UserDir disabled root
Watching Your Logs
To keep up-to-date with what is actually going on against your server you have to check the Log Files. Even though the log files only reports what has already happened, they will give you some understanding of what attacks is thrown against the server and allow you to check if the necessary level of security is present.
A couple of examples:
grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log
grep "client denied" error_log | tail -n 10
The first example will list the number of attacks trying to exploit the Apache Tomcat Source.JSP Malformed Request Information Disclosure Vulnerability, the second example will list the ten last denied clients, for example:
[Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied by server configuration: /usr/local/apache/htdocs/.htpasswd
As you can see, the log files only report what already has happened, so if the client had been able to access the
.htpasswd file you would have seen something similar to:
foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1"
in your Access Log. This means you probably commented out the following in your server configuration file:
<Files ~ "^\.ht">
Deny from all
Media files, data synchronization, and remote backups, oh my! Home computing has advanced to a point where it's practical to run your own home server, and we're running down the five best tools for the job.
Earlier this week we asked you to tell us what software you used to power your home servers and add that extra kick of convenience and power to your home networks. After tallying up the votes we're back to share the top five contenders for the home server championship belt. The following server implementations cover a broad spectrum of solutions ranging from install-it-and-forget-it to tinker-your-way-to-perfection and everything in between.
FreeNAS is by the far the most bare bones home server software in the top five. More specifically, FreeNAS is an extremely minimal distribution of FreeBSD. How minimal, you ask? You can run FreeNAS off a 32MB flash drive. Designed to be an absolutely skeletal operating system to maximize the resources devoted to storage FreeNAS is great for when you want a simple operating system that leaves every hard drive bay and disk platter wide open for file storage goodness. Despite being so slim, FreeNAS is still feature packed, including support for BitTorrent and remote web-based file management via QuiXplorer; it even serves as the perfect iTunes music server. You can boo FreeNAS off nearly any media: hard drives, optical discs, floppy disks, and flash-based media. It has support for both hardware and software based RAID, disk encryption, and management of groups and users via local authentication or Microsoft Domains. Even an old dusty Pentium III can become a headless file-serving powerhouse with the addition of a basic $20 SATA PCI card to pack it full of modern hard drives, thanks to FreeNAS's scant 96MB of RAM requirements.
Ubuntu Server Edition shares the ease of use that has catapulted its desktop-edition sibling to popularity. The automated LAMP (Linux, Apache, MySQL, and PHP) installation makes installing the core components of a robust server a walk in the park compared to manually configuring each component on your own. While configuring Ubuntu isn't going to be as easy as grabbing a pre-configured Windows Home Server off the shelf at your local Best Buy and plugging it in, there are a wealth of applications to help you integrate your Linux based home server with the rest of your network. It won't be as straight forward as using Windows Home Server or a Time Machine backup, but Ubuntu is more than powerful and capable enough to handle all your media streaming, remote back up, and file serving needs. We've covered using Ubuntu as the basis for a home media server before, so if you're considering trying it out check out how to build a Linux media server and build yourself an affordable media server to get an idea of what you're in for.
Apache is the only entry in the top five that isn't a completely stand alone server package. Apache is, however, open source and cross platform; it support a dozen operating systems; and it's the backbone of many of your fellow readers' home server operations. Because of its widespread adoption and extreme compatibility with a variety of platforms, we're including it here. No matter what operating system you throw on your home server, you're almost guaranteed that you can run Apache on it. Nearly four years ago we covered how to set up a personal web server using Apache, and it's still relevant and worth a look for getting an idea what the setup entails. While you're at it, you may also want to try setting up a home Subversion server with your Apache installation for keeping track of file revisions.
Why use Debian for a home server? There are over twenty five thousands software packages available for Debian, and the operating system supports 12 unique hardware architectures. There's a a slim-to-none chance you've got a computer that can't run it. Like Ubuntu—a Debian derivative by the way—you can configure this flexible operating system to do nearly anything you can imagine, from serving media and remote backups to running your own web server with a wiki and running your own mail server. Like other Linux distributions, Debian can be used to run a low-power and headless server when run without a GUI and using remote administration. Along with FreeNAS, Debian is a prime candidate for turning an aging computer into a quiet, tucked-in-the-basement server.
If your home is filled with Windows-based computers—which the average American home certainly is—it's tough to go wrong with Windows Home Server. It isn't free, and until recently you couldn't even buy it separately from the home servers sold by Hewlett Packard and others—but even though it has the distinction of being both the only commercial and closed-source software package on the list, that doesn't mean you should dismiss it out of hand. Windows Home Server stands definitively as the most Average Joe-friendly server implementation on the list. Not only is it the only server package you can buy pre-configured and installed in a ready to go off-the-shelf server, but Microsoft has gone out of their way to make the experience of using Windows Home Server as transparent and painless as possible for the end user. In fact, many Lifehacker readers expressed the "It just works" sentiment when logging a vote for Windows Home Server. Once you have all your computers connected to your Windows Home Server, you'll have a centralized backup location that supports up to 10 remote PCs and indexed remote file storage. Printers are shared and there is easy to use remote server access to log into your archives from anywhere in the world. Files are no longer lost in a mass of drives, add a few terabyte drives to a Windows Home Server and you'll never wonder if that movie file is on the F, G, or H drive again. Windows Home Server spans drives using Drive Extender so that files are located in a single folder namespace, sans drive divisions. The most recent update of Windows Home Server even adds an option to backup the server itself to external drives for extra data redundancy. Since the Microsoft site for Windows Home Server is heavy on promotion but low on actual screenshots, check out our screenshot tour for more.
A web server is software that continuously runs on a computer and allows other computers to download documents from it. This text that you're reading right travelled over a network connection from Lifehacker's hosting web server to your browser. Web servers are usually loud, scary, headless machines in cold windowless rooms, but you can run one under your desk at home.
Why would you want to run a home web server? Maybe you want to download files on your home computer from anywhere. Like, say, your digital music collection. In this how-to, we'll set up a home web server that lets anyone (with the right password!) connect to your computer and download your MP3's from it, for a nice way to share your music collection with friends, or play a song from your home machine at the office for co-workers.
Please note: Running a server on your home computer is a risky undertaking, and before you start, make sure your computer has all the latest patches and security updates, and that you've done a thorough spyware and virus scan. This tutorial is for advanced users who feel comfortable editing textual configuration files and exposing port 80 on their home computer to the internet. As always, a strong firewall with explicit user-set rules is recommended. Still game? Carry on.
Let's get started.
What you'll need:
A Windows PC 
An always-on broadband (DSL or cable) internet connection
Step 1. Install Apache HTTP server. 
First and foremost, disable and stop any other firewall or server software you may have running, including Windows Firewall, Skype, Trillian or any other instant messaging applications. This is extremely important, and if it's not done, can cause the server installation and startup to fail miserably. These programs and services can be started and used again as usual once we're done setting up the web server.
Download Apache HTTP Server from here, using the link next to "Win32 Binary (MSI Installer)." Start the installation wizard. Accept the license agreement and use the default location for the Apache files, in C:\Program Files\Apache Software Foundation\Apache2.2\. When you reach the screen prompting for server information, enter your own email address and homeip.net  as the domain information, like so:
Complete the installation wizard using the "Typical installation" setting.
When it's done, open your web browser and go to http://localhost/. If the page you see reads, "If you can see this, it means that the installation of the Apache web server software on this system was successful," you're golden. 
Step 2. Configure Apache to share documents from the right folder.
Say you want to make your music collection downloadable using your new web server , and all your music files are located in C:\Gina\My Music. Using a plain text editor like Notepad, open the C:\Program Files\Apache Group\Apache2\conf\httpd.conf file. This is Apache's configuration file, which looks long and scary, but most of the defaults will work just fine for us. We just have to change a few things.
In this httpd.conf file, comment out the line that starts with DocumentRoot and add another with your directory, like this:
#DocumentRoot "C:/Program Files/Apache Group/Apache2/htdocs"
DocumentRoot "C:/Gina/My Music"
Then, comment out the line that starts with <Directory "C:/Program... and add another with your directory, like this:
#<Directory "C:/Program Files/Apache Group/Apache2/htdocs">
<Directory "C:/Gina/My Music">
Last, about 20 lines below that <Directory line, there is a line that reads:
Change it to:
When you're done, save httpd.conf. Then, click on the Apache icon in your taskbar and choose "Restart." If Apache restarts successfully , you edited your the file correctly. Visit http://localhost/ in your web browser. This time you should see a listing of your music files. Woo-hoo!
Step 3. Password your web site documents.
But we don't want just anyone to be able to download your music. Your bandwidth is precious, and we want to secure things a bit. Let's create a password prompt.
First, open a command prompt (go to the Start menu, choose Run, then type cmd.) Change to the Apache bin directory by typing:
cd "C:\Program Files\Apache Software Foundation\Apache2.2\bin"
Then create a password file by typing:
htpasswd -c "C:\Documents and Settings\Gina\my_password_file.txt" gina
Replace the path with the path of your new password file (which should in any folder EXCEPT the web server's document root.) Replace gina with the username you want to use. When prompted, enter the password you want to set up. Once you've done that, a password file will be created.
Now we want to apply that login to your music directory. Open up a new file in a plain text editor like Notepad. Copy and paste the following into it:
AuthName "This is a private area, please log in"
AuthUserFile "c:\Documents and Settings\Gina\my_password_file.txt"
<Limit GET POST PUT>
Make sure you replace "C:\Documents and Settings\Gina\my_password_file.txt" in the text with your own password file created above. Save this new file IN YOUR WEB SERVER DOCUMENT ROOT (in this case, C:\Gina\My Music) and name it .htaccess. Don't forget the dot in the beginning, before .htaccess. So, in this case, we're saving the file as C:\Gina\My Music\ .htaccess.
Note: If you're using Notepad to create your .htaccess file, when you save the file, put quotes around the filename - ".htaccess" - so that Notepad doesn't automatically put a .txt extension on the file. If there's a .txt file extension, your password won't work!
Now, using your web browser, go to http://localhost/. You should be prompted to log in. Enter your username and password you set up in your password file. Rock!
Step 4. Congratulate yourself. You've got a home webserver running.
If you are NOT behind a firewall, you can access your web server from other computers by typing your computer's IP address into a web browser's address bar. If you're not sure what your IP is, visit What Is My IP to find out. If your IP is 12.34.567.890, then type http://12.34.567.890 into a browser's address bar. 
If you ARE behind a firewall (like a wireless router), you'll need to open up port 80 on the firewall and forward it to your computer. This part is beyond the scope of this article, but will be covered in a future Lifehacker feature is covered in Lifehacker feature How to access a home server behind a firewall.
Enjoy your new home web server!
Further reading on running a personal home web server:
How to assign a domain name to your home web server
How to access a home server behind a router/firewall
Ask Lifehacker: Multiple subdomains?
Ask Lifehacker: Host my web site at home?
Automatic .htaccess generator
 Sorry Mac folks, but OS X comes with a web server all set up, so this tutorial's not for you. [back up]
 There are other web servers out there, but we're going with Apache HTTP server because it's free, stable, and my favorite. [back up]
 It doesn't matter what domain you put here. I chose homeip.net because it's descriptive, and one of DynDNS's home domains. [back up]
 A common during-installation error with Apache reads, "Only one usage of each socket address (protocol/network address/port) is normally permitted. : make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down. Unable to open logs." This means that some other server program (like Skype) is interfering with Apache. To figure out what program it is, open a command prompt and type:
netstat -a -o
Find the PID (Process ID) of the program running on your local machine on port 80 (or http.) Then open the Windows Task Manager (Cntl-Alt-Del). In the View menu, choose Select Columns, and check off PID. Then match the PID to the running process to find out what server program is running, and stop the program. Then retry the Apache installation. [back up]
 There are tons of uses for your personal web server beyond a password-protected jukebox. Publish your blog at home, host a personal wiki, share video files and photos. Basically any file you want to publish as read-only is a good candidate. A home web server has the advantage over special server/client software because it only requires a web browser to connect to it. [back up]
 If Apache doesn't start correctly, it's because it can't read the httpd.conf file, which means you probably had a typo in your changes. Check your changes very carefully, save and restart Apache to try again. [back up]
 Keep in mind that depending on your internet service provider, your computer's IP address may change. There's an easy way to set up a memorable name that doesn't change. but that topic will be covered in an upcoming Lifehacker feature. See Lifehacker feature Assign a domain name to your home web server for details. [back up]
When building a website, the design, functionality, search engine optimisation and branding might be the most important factors governing the development process. However, how many managers give a thought to how accessible their website might be for disabled users? Looking at several court cases brought about in America against certain inaccessible websites and the potential that this could become reality over here with the new Equality Bill, the reasons to look at accessibility more seriously are beginning to mount up. However, not only does it make sound business sense not to cut out a proportion of your potential customers, but it could actually help your SEO campaign.
The first and probably the most important point to tackle first is providing some sort of alternative text for any non-text elements of your page. This is useful for those disabled users who are using a screen reader to navigate the page. Include ‘alt’ tags on all your images and make sure that the language you use is easy to understand without the image to back it up. Try to build a site so that as far as possible it can be read without style sheets.
Is the page you have built able to function sufficiently if scripts are not supported or turned off? If this is not achievable then consider directing a user to equivalent information. Simple details, such as having the company telephone number appearing near the top of the code of a page and making sure that this is readable can make a big difference.
Providing the user with a sitemap to help understand the layout of your site not only helps all users regardless of disability, but is also good for the search engines. Try to provide a good contrast between the text on a page and the background colour or image. This is not only better for those with a visual disability but could also stop your site being seen as having hidden content and penalised.
So as you can see the overlap between SEO and Accessibility is obvious, building for all users in the most accessible way makes commercial sense and means a superior web experience for all.
Thu, 11 Mar 2010
Thu, 28 Jan 2010
Thu, 28 Jan 2010
Thu, 10 Sep 2009
Thu, 13 Aug 2009
Thu, 2 Jul 2009
Thu, 2 Jul 2009
Thu, 2 Jul 2009
Thu, 2 Jul 2009
Thu, 2 Jul 2009source: http://www.webuser.co.uk/products/software-reviews/web-design