PHP vs. ASP.NET

While the average web developer has a lot of options these days. It’s really more of a bi-partisan system between ASP.NET and PHP, the rest being just independents. The battle rages between the supporters of the two languages, with no clear winner every coming out. While both can be used to complete the same project, it really depends on what you’re looking for: price, speed, security, etc.

ASP.NET
If you program in ASP.NET you’ll typically get too responses from the other side. Either you’re rich (or your company is) or you’re a Microsoft lover. While the name comes from Microsoft’s old ASP technology, they made a huge leap with the .NET Framework, and the CLR allows you to use other languages for back end processing: typically Visual Basic.NET or C#.

ASP.NET’s strength lies in object oriented features, and it’s flexibility. Because of the CLR you can have C# programmers and VB.NET programmers working on the same project, or switch languages half way through and not have to rewrite all of your old classes. The .NET class library is organized into inheritable classes based around particular tasks, such as working with XML or image manipulation, so a lot of the more common tasks have been already handled for you.

Visual Studio .NET is a massive development IDE that (as long as your computer is fast enough) will shave tons of time of your coding. It has built in debugging along with IntelliSense, which allows for auto-completion of methods and variables so you don’t have to memorize everything.

On the down side, ASP.NET is expensive. One it uses tons more resources on the web server so you’ll require either better server or more servers in the farm. Windows 2003 and Visual Studio .NET are pretty tough on the pocket book as well. It’s extremely rare for an ASP.NET app not to be running on IIS. And if you pay attention to any of the bug reports, you’ll notice that Windows and IIS have had a bit of a history with vulnerabilities being exploited.

PHP
PHP works in combination of HTML to display dynamic elements on the page. PHP only parses code within its delimiters, such as . Anything outside its delimiters is sent directly to the output and not parsed by PHP.

PHP strength lies mostly in LAMP. The LAMP architecture has become popular in the Web industry as a way of deploying inexpensive, reliable, scalable, secure web applications. PHP is commonly used as the P in this bundle alongside Linux, Apache and MySQL. PHP can be used with a large number of relational database management systems, runs on all of the most popular web servers and is available for many different operating systems. This flexibility means that PHP has a wide installation base across the Internet; over 18 million Internet domains are currently hosted on servers with PHP installed.

With PHP 5 finally came exception handling and true OOP, but it still lack namespacing to prevent class naming collisions. PHP’s type checking is very loose, potentially causing problems. Another drawback is that variables in PHP are not really considered to have a type. Finally, for some reason big corporations feel that if they’re not paying for something, then it’s not worth buying. If that’s you’re company’s mentality, they just need to wake up and check out all the awesome free software that’s out there.

So Which Is Better?
We’ll I have my opinions and you may have yours as well. But in general, PHP is cheap, secure, fast, and reliable, while ASP.NET has quicker development time and is easier due to its class library system can probably be maintained more easily. Both are great languages, and it’s up to you to make the decision.

Tips and Tricks about Google

I have been quite fascinated by Google ever since they started out as a search engine. Over the time Google has become an indispensable tool for any serious geek. I will describe a few techniques that I use. They have been collected from various help pages, chat rooms and books. If you find any error please point it out.

1) Common queries:
So how will you effectively use Google. Take this example. A friend of mine was asking me over yahoo messenger what is a blog. I told him to search on Google and find out. He tried this.
blog
Alas the answer was there but lost in thousands of links. He alerted me that he can't find an answer. I told " Ok , Let me see What is wrong? ". I tried this
What is blog
The answer was right there.
While formulating search queries you must be specific as far as possible. A query like Linux vpn howto can yield a different result than vpn howto. Google seems to be intelligent enough to understand some human thought chain. So while making queries be a bit descriptive and formulate a properly worded query. Google ignores some of the common words such as 'the' 'and' 'a' etc while performing a search.

2) How to formulate a good search string :
Google uses AND logic for the queries by default. If you search linux vpn howto google searches for pages containing linux AND vpn AND howto. You can put OR logic in the search box like this
linux OR vpn OR howto
You can exclude some terms using "-"
linux vpn -installation
Try ( linux vpn - installation ) and see how it is different from the above query. You can group a set of terms by enclosing them in brackets. It is also possible to combine AND and OR operators.
It may be noted that Google is not case sensitive regarding search strings. Linux, LINUX and linux produces the same results. However the operators such as AND and OR are case sensitive.

3) Searching for a file :
Suppose you want to search for pdf documents only. You can do this by attaching a filetype modifier to your query. A typical query can look like this
vpn filetype:pdf
Google can recognize most common filetyes.

4) Searching only at a site :
This is similar to file type modifier. Try this VPN site:ibm.com
Then try vpn site:edu filetype:pdf You can get some interesting result by trying this query
linux site:microsoft.com

5) Searching in URLs and Page titles :
You can search in urls using inurl modifier. Try inurl:smb.conf

Similarly you can use intitle modifier.

6) Searching in Google cache :
If you are looking for some old web site you can directly search in Google cache.
Try cache:slashdot.org and see the cached pages.

7) Looking for definitions :
This can be handy if your school going kid pesters you for his home work.
Try
define:watt
It bring out definitions from around the web.

8) Looking at Google advanced search :
I think it is one link that most people try to ignore. It is designed for commoners. Almost all the options I mentioned above are available through advanced search.
The preferences page is also worth a visit. It uses cookies to set preferences such as number of search results to be displayed, language preferences etc.

9) Finding the price of some geek gadget :
Google has a companion site called froogle.com. Its interface is exactly similar. But it returns prices across various stores in the US. This feature can be very useful if you plan to buy some strange hardware. Let us hope that froogle.co.in will appear soon.

10) Google Calculator :
In the google search :
Type in an equation: (100+4567*10-200=)
What is the square root of 267? (sqrt(267))

11) Google labs :
Google is very innovative and always tries to introduce new features. You can see some of the upcoming features at labs.google.com . Also Google conducts a puzzle champion ships annually.

12) Google Sets :
Google sets is an interesting feature currently available at http://labs.google.com/sets.
Have a look at the page. You will see a number of text boxes. Enter some words which belongs to a set of items and search. Google will complete the set.
I typed in the names of following linux distributions " Mandrake" "Suse" " "debian" and hit larger set button. Google provided a huge list of linux distributions.

Is your website too verbose?

The first step in a planned attack on your website is the gathering of information about the site, in order to formulate a plan of attack. Obviously, one of the most effective ways to protect your website is to reveal as little information about your website as possible.
Here are some tips to minimise the amount of information your website reveals about itself.

1. Deny directory listings.
Unless you are running a ftp site, your users do not need to view the contents of a directory on your website. Exposing the directory structure and list of files to Internet users is unnecessary and can give a hacker valuable information about your website.

What you need to do: With the appropriate entry in your Web Server configuration file, you should be able to disable directory listings. Consult your Web Server documentation for the syntax.

2. Avoid revealing file names and directory structure in HTML comments.
Too often, HTML comments hanging around from the development days reveal enough information for a malicious user to piece together the directory structure and list of files in the directories.
What you need to do: Remove all comments that reveal unnecessary information like file names, directory structure or other sensitive information. You may be able to suppress comments by an application-level configuration setting, if the application you are running supports it.

3. Minimise the information sent out in HTTP headers.
A simple tool to view what information your server HTTP headers reveal is Lynx. Run “lynx –head http://your-server” to see what your HTTP headers contains. Do they reveal the server build number or the SSL version? Once a hacker has this information, it is fairly trivial to identify the vulnerabilities in the product. For example, Apache 2.0.52 is vulnerable to DOS attacks via a HTTP GET request with a MIME header containing multiple lines with a large number of space characters. If your HTTP header announces that you are running “Apache/2.0.52”, you are practically telling a malicious user how to launch a DOS attack on your website.
What you need to do: Minimise the verbosity of HTTP headers by an appropriate setting in your Server configuration file. Consult your Web Server documentation for the syntax.

In Apache, set the ServerTokens parameter in httpd.conf to “Prod”.

4. Customise your error responses.
In case of an error, redirect the user to a pre-defined error page. Not only is this an elegant way to handle errors, it may avoid the display of an error message that reveals sensitive information. For example, if a jsp page being invoked encounters an Exception, it outputs a stack trace that may reveal file names and locations. Setting up an error response to serve up an error page instead, will prevent this information from being visible to the user.
What you need to do: Customise error responses by making an appropriate entry in your Web Server configuration file. Consult your Web Server documentation for the syntax

5. Minimise published site information.
If your website has a “Site Information” or “About This Site” page, keep the technical details on this page to the minimum. Does the user really need to know the version of Web Server you are using, or the platform your website runs on? Are you revealing information that may help a hacker plan an attack on your website?
What you need to do: Avoid mentioning product names and versions, operating system information, etc on your website. Instead, provide an email address where users can contact the administrator for details, which may be revealed on a need-to-know basis.
Remember, knowledge is power, and more so in the hands of a malicious user. Every superfluous piece of information your website reveals about itself makes it more vulnerable to attack.

Ways to Increase Traffic for your Website

You have to increase website traffic once you have set up your online presence for your business. Even if you’ve had your website professionally designed and you are selling a great product or service, you can’t succeed without high traffic and unique visitors. Sitting back and waiting for it to happen won’t work.

To increase website traffic you’ll have to achieve a few key goals. Getting ranked fairly high in the major search engines, develop links to a number of relevant sites that can lead to your site, and develop recognition of your company’s expertise. These three goals sound fairly straightforward, but can become complex when you consider how many other Internet sites are started every day that are attempting to achieve the same results.

Search Engines Are A Great Way to Increase Website Traffic Ranking well in the major search engines like Google, Yahoo, MSN, Ask, etc., is a fiercely competitive undertaking. Simply submitting your site will achieve next to nothing. Your website should have keyword rich Meta tags, page titles and information that will be recognized by the search engines when people are looking for information on your types of products and services.

For the best results, each page of your website should focus on a particular topic of interest to potential customers. Spreading yourself too thin (using many keywords just one or two times each rather than focusing on good content about one keyword or phrase on each page) will drop you in the search engine rankings.

Linking the Right Way
Links to other sites with links back to your own site is a good way to increase website traffic. The key to success with this is selective linking. If your website is for surfing gear, linking to a toy store will do very little for either of you. Linking to boat rentals, restaurants and coastal vacation providers, however, can get you great click-through results.

Your links don’t have to be huge banner ads, either. Relevance is more important than size and flash, especially since the words will again impact your search engine rankings. Don’t forget about clubs and blogs about surfing and online stores that carry scuba and even fishing gear. Think about peripheral links and be creative.

Toot Your Own Horn
If you have your own business it means you’re an expert in something. Let’s go back to the surfing example. Write a few articles about surfing; these can be informational (Top Ten West Coast Spots for Early Morning Waves) or narrative (My Latest Tahiti Adventure). Submitting these articles to surfing webs, forums and online clubs will get your name, and your company’s name out there. In the author’s profile you can include a link to your website.

Your articles should also include linking text that will take readers to different pages on your website. These can generate traffic to very specific products or services if placed correctly.

Search Engine Optimization
Everyone has heard the term SEO at some point, but search engine optimization is a difficult and refined style of writing that requires a lot of up-front research. Each article you write, whether included on your own website to provide customers with added value or posted on other sites for linking purposes, should be optimized with certain keywords designed to increase website traffic.

To determine which keywords will work best for you, take the time to research which words and phrases are most often searched for in relation to your products and services. If you can, choose a few and write different articles for each phrase, with each article focusing on a different aspect.

Calling in the Pros
Of course, developing your own Internet-based business can be very time consuming. If this is the case for you, it may be time to call in the professionals. There are excellent companies that focus specifically on how to help you get the most from all of the techniques outlined here. They can do the research, set up links and even provide professional writers to submit articles for you. They will help you increase website traffic for your site while you stick to what you know best, which is running your company.