Just a quick note for those looking to buy the new Office 2010 suite for their home or small business. There are two primary options you have here; Home and Student, and Home and Business. Both are lower-cost alternatives to the more complete Professional and higher editions.

Home and Student is meant for non-commercial use only, and comes with Word, Excel, PowerPoint and OneNote. The key selling point for this edition is that for around $150, you get the most important Office programs, and can install them on up to three computers in your household.

Home and Office is directed at the small business professional. It adds Office Outlook to the included products, and permits commercial usage. This edition is meant to be used by only a single person, but it permits installation and activation on two computers; your desktop and your mobile computer. List price is $279.

Both of the above come with 90-days of technical support from Microsoft.

For those who need more, Office Professional adds Access and Publisher, for a notably higher price tag. It also comes with 1 year of technical support.

Finally, if your computer came installed with an Office 2010 Evaluation, you can also save a little by getting a key card only.

I have a love/hate dislike/hate relationship with web statistics report generation tools. I'm using AWStats now, and it works fine enough. But very often, my clients want to know, "how many times has X page been viewed?" and "where are people being referred to Y page from?" These questions can not always be readily answered by a full stats reporting system.

A previous practice I used for a while was to import all the log data into an SQL database. I figured from there I could run whatever SQL queries I needed to learn whatever anyone needed to know - I could even whiz-bang-wow a client by doing it right at a meeting! So I never even tried to do that, but I did use it to build some simple reports for some clients on specific, targeted pages or areas of their site. But it always seemed like too much effort, especially for some quick, one-off questions a client might have.

Linux Shell Commands to the Rescue

So I thought I'd try something to see how it works. For the benefit of AWStats, I already had a consolidated, ordered log file of the entire time period in question in plain text, W3C format. This is just perfect for using the *nix shell tools on, isn't it? After SCPing the file to my local Linux box, I ran this series of commands, piping each to a new file.

grep

First, I grep'ped for the specific page I was looking for. The site in question runs ASP.NET and I'm using URL Rewriting, but as far as the logs are concerned, the page being requested is the 'real' one, complete with whatever ugly URL applies. So my grep argument was this: 'GET /Pages.aspx id=70' The file that resulted contained only log lines that were requests for that specific page. I then ran the file through some grep -v to quickly filter out results I knew we did not want, such as hits from my IP, the client's IP, and hits with the back-end management interface as the referrer.

cut

Once I was sure I had a file containing only the 'hits' on the page I wanted, I used cut -d' ' -f8 and piped that to a new file. This cut column 8 (which happens to be the referrer in my case) from the file, using the space as the delimiter. By default, cut works on characters, not delimited fields. the -d option lets you specify a field delimiter. I had to specify the delimiter in single quotes since I was using a space. For comparison, if the delimiter had been a colon, the command would have looked like this:  cut -d: -f8 Note that there is no space between the -d option and its argument.

sort and uniq

Once I had a file containing nothing but the HTTP referrers of the page in question, I wanted a list of the referrers and their frequency, sorted from most to least frequent. Just a little bit of piping gets me there:

cat INPUT_FILE | sort | uniq -c | sort -nr > OUTPUT_FILE

Easy enough, eh? So what I am doing is easy enough to follow, really; my list of referrers first needs to be sorted (I could have used the -f option to sort to ignore case, but I did not need to, and you may not want to, actually) then it is piped in to uniq -c, which produces a list of only each unique line in the file and, thanks to the -c option, precedes each line with a count of how many times it exists. Next I need to sort it again; this time I am sorting it in reverse order (-r) and numerically (-n) and sending it to the final file, which contains exactly what the client wants.

Conclusion

Depending on what information is needed, the above can be a quicker way to produce it than other methods. I work with SQL day-in, day-out, so it was natural for me to initially think of that as the first solution. However, one thing I like about this is that I can work with it more 'on the fly'; at each stage I have an output file narrowed down appropriately and I can think of the information I want in a more step-by-step way.

There are lots (and lots) of 'experts' out there, on lots of topics. There are even more folk who declare themselves to be experts but who, well... aren't. This can be even more prevalent in fields where there is a large element of 'mystery' and/or where opinions or belief are involved as much as actual fact. Anything from astrology to economics can apply here. But Search Engine Optimization (SEO) also has its share of experts.

It's easy to find people who'll claim to get your web site at some arbitrary ranking on search engines, and will tell you all about their latest tricks to do so. On the other hand, there are more earnest and honest folk who will share with you that much of SEO can seem like something of a 'black art' that sometimes changes day-to-day, as search engines change to react to the 'tricks' used by the aforementioned types. Such people will share that SEO is about a lot more than just pulling a couple simple tricks.

I'm No Expert

So, let me get this out of the way first: I am not an expert on SEO. I can not magically cause your site to show up at any particular place in search engine results. But, I do have some general recommendations that seem to make good sense to me, as both a software developer and as someone who has had some sites with good and bad search engine rankings. I try different things I read about which seem to make sense, or at least apply some 'uncommon sense' to them.

Here, then, are some broad opinions and ideas to consider as you develop a site for which search engine ranking could be important.

SEO: Content is King

I firmly believe this; the absolute best thing you can do for SEO is to have content. Good, original content in decent quantities. No matter what 'tricks' are being used (and counteracted by the search engines), having quality content will always be worth something. That 'something' goes far beyond the simple calculations that go into page ranking, though: Lots of great content means people will like your site. If people like your site, they are much more likely to do things that not only could help your ranking (such as sharing your URL on social networking sites), but it also means that visitors are more likely to convert to sales or regular readers.

What constitutes good content depends on what is the purpose of your site. This is the part where I stop, because I'm no expert. But I can offer some technical pointers related to that content, very briefly.

• Try to keep content semantic. This means trying to keep the body HTML of your pages as free of 'extraneous' material as possible, such as style and layout information. Using HTML that is as clear and semantic as possible helps search engines figure out what your pages are really about. Read "Semantic Content Markup" on the Web Style Guide; 3rd Edition (link).
• Make the content express your 'keywords'. By 'express your keywords', I do not mean pack your content with keywords to the point that it becomes comical. But your content should be created with an eye toward what important search keywords apply, and those terms should be used whenever logically possible.
• Use the meta-data.Yes, that does include the <meta> tags, but I'm talking even more about other tags throughout the document. Heading tags (<h1>, <h2>, etc) should be used appropriately and semantically; search engines see those tags and give their contents extra weight. Attributes such as title and alt also help search engines understand what is being linked or attached on a page.
• Use URLs that make sense. Ideally, your web site's URLs should make some sense to someone reading them. If the topic of a page is actually contained in the page's URL, that can never hurt. It's sure more useful than meaningless numeric IDs. URLs that make sense includes not only having key words in them, but also not having a confusing volume of other information. Generally speaking, try to avoid (if at all possible) having more than two (2) levels of directories and/or query string parameters.
  

Avoid Being Watered-Down

Some things can cause your ranking to be lowered somewhat by your content appearing to be in multiple places at once. It is generally understood that if some particular set of content (say, an article) appears on hundreds of different sites, that content likely is not as valuable as other content which only appears on a comparatively small number of sites. Search engines also are believed to try to recognize content that is cross-posted on many sites specifically to game the system; say, a long forum post that contains links to a site, posted many times on many forums. On the other hand, press releases are one form of content that may legitimately be posted in many places verbatim. So, the exact methods used to recognize the tricks here may not be known at all. However, there are a couple small things you can do which may help SEO.

Basically, you should try to reduce the number of URLs from which the exact same content is seen. Whether from alternate domain names (www.yourcompany.com and www.yourcompany.biz) or via URL rewriting (/2010/04/28/News_Release and /Releases.php?id=20394) what is actually a single page could possibly appear to search engines as two, four or even more pages with the exact same content. Search engines may take these common things into account, or they may not. When possible, try to use 301 (Moved Permanently) redirects on alternate forms of URLs to point to the primary, preferred URL for each page. Not only could that help avoid unnecessary ranking dilution, it could also help with user-based settings/authorization scheme bugs that happen due to the user visiting part of the site at one domain name, but another at a different one, and not realizing it.

I have even seen suggestions to forward on the difference between www.yoursite.com and yoursite.com. While it is my opinion that this one is so basic that search engines almost have to be taking that into account, I still believe it to be a good thing to do because it can't hurt SEO, and could help the settings/authorization issues mentioned above. A few years ago, there was even a bit of (somewhat silly, IMHO) debate on the Internet as to whether "www" was necessary at all. (link: no-www.org)

This can be done in a web application's code, which checks the host name by which it is called, and issues HTTP 301 forwards for all 'incorrect' ones to the 'proper' one, with the exact same path, file and query string. Such an option would take a tiny amount of processing on all requests (even 'correct' ones), and would not cover non-dynamic portions of the site, though. Another option would be to have a single site set up as a virtual server for all of the 'alternate' host names for the site. There would be no content on this site at all; it would simply be configured to issue HTTP 301's to the exact same URL at the correct host name.

Use Social Media

By 'use', I mean - really use it. Again, this goes back to the 'Content is King' idea. Tweeting links to your content constantly, while offering no value at all, won't help, since people won't follow you. Creating a Facebook page and inviting everyone you know to it, and then posting updates constantly with links to your site... Spamming comments on everyone else's blogs with links to your site... You get the idea, I hope.

On the other hand, do be sure you are prepared to engage appropriately. Understand what the expectations would be of a blog, a Facebook profile or a Twitter account. How frequently should you post? What should you post? How explicitly should you try to 'sell' in your posts? The answers to those questions vary depending on the media and what kind of organization you represent. But you absolutely need to be prepared to offer value to the persons you hope will follow you online. If you do not offer them value, they will not follow you.

But if they do follow you, you will gain benefits, and not just SEO-related. Just being able to share about what you do is a benefit all on its own. But SEO-related, you gain benefits because good, related content posted elsewhere (on a site other than your own) which is unique will only help your site's ranking. Do not simply re-post your site's content; that could actually hurt you. But it's OK to summarize and link, provided the summary is worded uniquely.

Do not consider only the obvious choices like Facebook, Twitter and LinkedIn, though. Are there industry-related social sites you could share expertise on? Perhaps there are locale-related social sites available to you. Don't forget sites where you can share video and photo content publicly, as well; YouTube, Flickr and Picasa Web, for example. But again; always learn how to utilize the network properly or it will at best be a waste of your time.

Get Others to Talk About You

This really could be included in the above in a way, where I told you that a link from another site to yours can help your own site's ranking. Of course, beyond potentially helping your search ranking, such links can actually bring you more visitors directly. The work required to get someone else's site to link to yours is beyond the scope of this entry. Here are some thoughts to keep in mind when seeking such opportunities, though:

• The page linking to you should be relevant. The amount of benefit you gain from a link to your site from another site is going to be based on how relevant that site is to your intended audience/topic.
• The ranking benefit you gain is dependent on the ranking of the site linking to you. A site which has low ranking is not going to help you as much as one with high ranking. Sites of certain low quality will likely only be a waste of time.
• Avoid 'mass linking' of any sort. 'Directories' where anyone can simply post any link and site description to be listed with everyone else don't help you at all. This is not the same as submitting your site to legitimate directories, such as the Open Directory Project at DMOZ.org (link) This isn't as big a thing anymore as it was at one time, but I actually have recently had a client show me a mass-link-submission site and ask if they should submit their link there.
• Do submit your site to appropriate, closed lists, though. If there is a site with good content that has a 'links area' to which you can submit, that might be worth considering.

Just Some Un-Common Sense

Most of the very basics of SEO come down to just-slightly-uncommon sense. To really fine-tune what you are doing, a real expert who can demonstrate a long track-record of results is definitely worthwhile. But the above are some principles that should be able to help a web designer or developer get the basics down in the meantime.

If someone is sending you any Encapsulated PostScript (EPS) files via e-mail, I'd definitely recommend that they be sent in some form of an archive. Not only is the compression likely to be useful, but it can also prevent them from being corrupted. EPS files are basically plain text, with some blocks of encoded byte values mixed in. For what ever reason, the process of e-mailing these documents can corrupt them; adding garbage to the beginning and/or end of the file. Perhaps it happens while being encoded/decoded by e-mail clients, or maybe in the process of being scanned for viruses. It does not happen to everyone, though... if it happens to you, and you can't get your source to quickly send you a replacement, here's a way to try to fix the file yourself.

First, be sure you have a backup of the file. Of course! Open the EPS file in a text editor. It should appear to start with some neatly ordered lines similar to this:

%!PS-Adobe-3.1 EPSF-3.0
%ADO_DSC_Encoding: MacOS Roman
%%Title: File-Title.eps
%%Creator: Adobe Illustrator(R) 13.0
%%For: Andrew Barber
%%CreationDate: 4/26/10
%%BoundingBox: 0 0 143 57
%%HiResBoundingBox: 0 0 142.4434 56.6699
%%CropBox: 0 0 142.4434 56.6699
...snip...

If you do not see anything like the above toward the beginning of the file, stop right now; something else is probably going on, and this procedure won't help you. However, what you may see is a line or two of apparent garbage preceding the "%!PS-Adobe-3.1 EPSF-3.0" line. The garbage might be on the same line as that correct starting line, so you may need to scroll to the right to find it. Delete all of the garbage before the percent sign.

Next, scroll down to the end of the file. You will see lots of code lines, likely some encoded blocks of binary data - but it should all be well formatted either as code or blocks of data. The very last line of the file should read %AI9_PrivateDataEnd, followed by a single line break. However, you might again see garbage starting on that line after. Delete all the garbage at the end, but leave that single empty line after the %AI9_PrivateDataEnd.

Hopefully that should do it; save the file, and try to load it again.

Previous Visual Studio versions had the ability to make a box selection in text editors by holding the ALT key down while selecting with the mouse. More than once, I used this to select a column full of "public" modifiers on member variables, hoping that I could paste or type something which would replace what I'd selected on the whole column. Alas; it was not so! As a result, I generally never used block selection.

However, Visual Studio 2010 now does what I'd always hoped it would! From "What's New in the Visual Studio 2010 Editor (link)":

Box Selection

In previous releases of Visual Studio, you could select a rectangular region of text by holding down the Alt key while selecting a region with the mouse. You could then copy or delete the selected text. VS 2010 adds the following new capabilities to the box selection feature:

• Text insertion: Type into a box selection to insert the new text on every selected line.

• Paste: Paste the contents of one box selection into another.

• Zero-length boxes: Make a vertical selection zero characters wide to create a multi-line insertion point for new or copied text.

You can use these capabilities to rapidly operate on groups of statements, such as changing access modifiers, setting fields, or adding comments. For more information, see How to: Select and Change Text.

All I can say is; Woo hoo! Okay; so very small things entertain me.

I do not very frequently work with video, but occasionally enough that it's a headache at times. I have a custom lobby monitor software program I created for a client, which displays videos, text information, and graphical promotions to clients waiting in their lobby on multiple high-def monitors they had installed. Rather than pay premium prices for the hardware, and then somewhat excessive monthly subscription fees for ongoing service for similar systems, they selected their own hardware, had a local A/V provider get the audio and video hooked up, and had me write software to operate the system. They ended up paying about the same up-front overall, but are saving considerable fees monthly.

Of course, it's important to keep the content fresh, and the videos are especially an issue, due to the greater effort to create such content. They use television commercials they have had produced, videos available to them from trade associations and partners, and other content they find online which is appropriate for their customers, and for which they have (or can get) appropriate permission.

The Problem

The system I created for them is capable of playing a great many formats using the DivX codecs. It can even take the .vob files directly from a DVD and use those for playback, but those are typically fairly large files, and it would be easier to work with them after being converted to, say, a more approrpriately-sized WMV. There are also some formats that can't be played with what we've got, and I would rather not introduce extra complexity to the system itself to try to get them to work.

What I needed, then, was something that could convert videos from pretty much any format out there, to any of a few specific formats that are best used on the system. It needed to be something simple enough that the client could use it, if need be... but even I need something simple and to-the-point, so as not to waste time trying to remember which options and settings and etc. to have to use every time I needed to convert one MOV file for them. I'd had lots of trouble in the past with the output videos not being playable, and I could never figure out if it was a problem with the converter being used, the computer, or just stupid settings on my part.

The Solution

So I finally found a solution that seems to work for all of my needs; WinFF is a free (as in 'beer' and 'speech') GUI for the command-line FFMPEG conversion software, which it includes as a compiled program as well. It allows you to specify any number of input video files (which can be of various formats/file types), and allows you to specify a pre-set output format and options, or to fine-tune the settings you need, if you know what you are doing (I don't!). Tell it where you want output to go, and set it loose; a command-prompt window opens and you are shown the progress from FFMPEG as it converts the files.

I have had no trouble with conversions performed with WinFF/FFMPEG as of yet. In particular, the large MOV and VOB files that had caused me trouble with other converters worked like a charm.

There are downloads available for Windows and Debian, Ubuntu and Red Hat-based Linux distributions, as well as source code.

I have a bad habit of wanting to post something of a certain size and weight before I post anything at all. The end result? I don't post anything! As the beginnings of an attempt to break this habit, I offer some almost entirely unrelated items I have come across lately. The top two items are from some recent adventures in Linux administration, while the last one is a really dumb one with an ASP.NET app.

Paranoid hosts.deny Can Trip You Up

One of my Debian-based firewall servers had the 'paranoid' option set in its /etc/hosts.deny file. The purpose of this option is to block access to any remote host where the host name does not match the address. I imagine it would work by pulling a PTR record from the IP, and then querying the resulting host name to see if it matches back to the IP again.

That system has had that setting for quite some time now, and it never caused me any trouble. Every connection I have apparently used in that time has had its DNS settings properly set. But I recently used a connection at a partner's office, which was provided through a small, local cable company. Hair-pulling ensued; While I had no trouble accessing the services on the systems behind the firewall, I could not connect to the SSH or VPN services provided by the firewall itself. Packet sniffing showed there were packets going back and forth. As I recall (it's been a few weeks now), something in syslog prompted me to think of hosts.deny;

I don't know how prevalent it is that ISPs will have improperly setup PTR records, but it's something to keep in mind.

I Was Creating a New Grub menu.lst Every Kernel Upgrade!

On another Debian-based firewall system I have, I kept a backup copy of Grub's menu.lst file to restore over the automatically generated one every time I did a kernel upgrade. This is a big-time case of "RTFM!" The reason I was doing it has to do with the perculiarities of the hard drive subsystem on the motherboard in question, requiring me to need to use the IDs of the drives.

But if I had simply read the comments in menu.lst, or read the man page, I would have known I had two options: 1) add special entries before/after the 'AUTOMAGIC KERNELS LIST' section or, more appropos for my situation 2) edit the default options within that section. The default menu.lst file comes with comments that describe the process quite well; the key lines are commented by a single hash (#), and that hash must remain there. When configuration of a new kernel is done, the defaults entered there are used. I was actually considering replacing this server with another one due to this issue, when all it took was literally a 30-second fix.

Don't Forget That Global.asax File!

Okay, you say, what kind of silly advice is that? Who would forget to upload one of the files of a web site? And wouldn't it be obvious when it happened? Of course, ASP.NET folks know that Global.asax is a special file. It's not a page that you load (requests for it are specifically denied by IIS by default, in fact), but it is frequently a vital file. Application-level code runs - or does not run - based on it.

I almost always use Code-Behinds in ASP.NET, where the 'web site files' (including Global.asax) merely contain markup, and then names of the compiled program objects from which they are to derive - those objects having been programmed via the 'code-behind' files, which are pure C# code, in my case. Even though all the code is compiled in an assembly, the web files are still needed (without some other special circumstances); The layout/design and markup code is still in the ASPX files - you will get the standard "File Not Found" error if such a file was not uploaded.

But the Global.asax is a special case. If it does not exist, the result is simply that no application-level code is run. This should seem obvious, but without the Global.asax being present in the web directory, the ASP.NET runtime has no way of knowing what, if any, HttpApplication-derived object that may or may not be in your code should run. You could derive a dozen such objects and compile them in your assembly. You may have compiled only one, but you don't want it used. My point is, the Global.asax file and the markup contained therein is the way that the runtime knows what you intended.

In my case, this oversight was the reason on my development system, a global variable set in Application_Start was valid, but on the staging server it was NULL.

PHP is not my first choice when creating a web application, but I am frequently called upon to work with an existing app that was created in it. I know that there is no reason to think that PHP coders are any 'worse' than any others overall, but the realities are such that when my creative/marketing agency clients had to find someone to create a web app for their clients before they knew me, they took what they could find.

So, first; I can't recall the last PHP app I've worked on after someone else which did not have obvious SQL Injection vulnerabilities in it. Pretty much every SQL command is built by concatenating strings, and if we're lucky, some attempt is made to escape some of the input, some of the time. I can not count on one hand the number of times in the last year I've been asked to fix an error in an app that was discovered when someone typed in a value that had a single-quote in it. I've also seen too many apps that set a simple sesson cookie value (such as a cookie "Admin" with the value "1") to denote that someone has logged in to the CMS.

I can understand how it happens that someone is lazy or ignorant, and things like the above happen. But something I came across last week flabbergasted me. So much that I had to wonder; is there something I'm not seeing here?

More...

In talking with various business relationships I have who have gotten into social networking sites like Facebook recently, one common series of complaints involves all of the 'fluff' that can be found there. Invites to multiple games each day; their home page feed littered with updates from these same games, or other apps they simply are not interested in. One worry of mine, personally is that these complaints seem to be of the, "if I can't figure out this stuff, I'll probably stop using Social Networking altogether" variety.

So I've been planning a simple blog post to detail some of the tools Facebook provides to help here. But then today, I came across a Blog challenge from Tim Ford, otherwise known as the SQL Agent Man (link). The Blog entry was titled, "Whose Blog Is It Anyway?" (link) and the challenge is inspired by the game "Scenes From a Hat" from the improv show "Whose Line Is It Anyway?". I considered starting over and writing something else but then I thought to myself, I've started, so I'll finish!

More...

I came across a post the other day where someone stated a misconception; That you can only host one HTTPS web site per IP address available on a server. I think most fairly experienced web server admins know that this is not actually the case, and also know why the misconception came to be. Most web server documentation I've seen tells one how to exceed that false limit, but of course it does not say so in exactly so many words!

Like pretty much everyone else who was ever a teenager, when someone says, "you can't do this", I want to know why. And I want to know why for the same reason I wanted to know why, as a teenager, I could not stay out past X time: so I can find a way around it. The long-and-short of the story is this: The actual limit for HTTPS sites is one per TCP socket, not IP Address. So, for every combination of IP address and TCP port, an HTTPS site can be hosted. Note that Host Headers have nothing to do with this. However; For a number of public uses of HTTPS sites, varying the standard TCP port is not a good option here, meaning the "one HTTPS site per IP" is still an effective standard.

More...