web notes - a blog

Content Delivery Networks (CDNs) allow sites and applications to draw files from common servers. This allows far more efficient caching, reduces bandwidth and disk space requirements on both the server and client sides.

The next logical step are Application Delivery Networks (ADNs). These are hosted application services like WordPress’ blogs (http://wordpress.com/), Ning social network (http://www.ning.com/), Shopify ecommerce (http://www.shopify.com/), LivePerson live support (http://solutions.liveperson.com/index.asp), Kayako Support (http://www.kayako.com/solutions/hosted-support-desk/), News Letter or Paper Hosting (http://www.our-hometown.com/). The challenge is to develop an architecture that allows you to take advantage of the hosted services while integrating them seamlessly into a site.

Advantages

• Security is the responsibility of the hosting company and application provider. They know the server and the application, they can prevent and recover from problems quickly and in all likelihood, without disrupting service.
• Server administration is virtually eliminated. Application installation and maintenance is not necessary.
• Reduction of support requirements.
• Scalability is less of an issue. It is assumed that the application providers have the infrastructure to support busy sites if necessary

• Distributing the applications to other companies increases the fault tolerance of the systme. If one application crashes, the others can still run.

• A CDN can be used to deliver the design files, as well as a the home page or portal into the system. This also increases the fault tolerance of the system.

• Engineering tends to be the most expensive part of site development. Purchasing the logic allows more money to be spent on sophisiticated design interfaces, or - amazing application integration.

• Rapid deployment of extremely complex sites.

Disadvantages

• Customization may be difficult, expensive, or impossible. This includes design and functionality. WYSIWYG.
• A layer is added into the support path. The application provider must perform requested support, the site provider is dependent on them.
• Induces recurring hosting costs, which may be significant.

Supporting Trends

• The increased use of open source applications and toolkits is definitely making this vision more possible.
• The skills of web professionals are increasing exponentially
• Bandwidth is becoming a valuable commodity
• Security has become extremely important, even for ’simple’ blogs
• Cooperation within the open source community, across all boundaries
• The ability to use CSS to control the pagelayout and design allows the application to deliver well-formed XHTML that can be presented as defined by CSS. This is the key to a successful integration. Furthermore, the CSS must be assembled in such a way that it is hierarchical and observes site, application, and possibly page specific requirements.

Opportunities

• Architecture definitions
• Multiskin/multitoolkit applications
• Education
• Innovative connections

The web industry has matured to a point where requiring a related AS or BS will not limit the qualified candidates significantly.

Web designers should have a graphic design or visual communication degree. Their responsibility is to use color, layout, and design to communicate. If they lack the technical skills for the web, there are tools to help them - such as Adobe’s Dreamweaver, or even services that will convert their designs into HTML. For a pure designer, the technical skills to deliver the site should be secondary to the ability to make a nice page.

Web developers should have an AS in web development or the equivalent certificate. In this text, a web developer is assumed to be the person that takes a design and converts it to CSS/XHTML. To do it well, education or experience with a well-trained individual is required. They need to be able to write limited amounts of javascript. They need to understand bandwidth and disk space. They should not rely on Dreamweaver or other GUI-based tools.

Back End engineers should have a CS degree. Whether they are developing custom applications or extending existing ones, the foundation knowledge offered in most CS programs is vital for the implementation of the requirements into cost-effective solution.

Server Admins must have a CS degree, and experience with the target platform. This is your last line of defense on the server from malicious people. It is also a place where you can make serious performance improvements.

Writers should have a degree in English, Marketing, or Communications. Don’t let the administrative assistant write the content unless they have a degree. The quality of the medium (in this case, the text) will affect its reception.

SEO probably doesn’t need any formal education. It is still such a new field that a well-read individual can do an adequate job, by researching independently. It is also possible that SEO is so difficult to actually perform that focussing on the site content is a more valuable investment than striving to make the content conform to the search engines.

There are definitely many excellent self-taught people in the industry, but they must constantly work to polish their skills. Newcomers into the field should have an educational background to enter the workforce ready to contribute and succeed.

Web development companies are like any other service provider. Quality, price, and service varies. Unlike other service providers, you can really examine a web company’s work - both for themselves and for their clients.

If you are considering a web development company, visit their site, and look for the following:

• Open the home page in every browser you have. How does it look? What browser do your site visitors usually use (check your stats)? Do any browsers throw errors (look in the lower left-hand corner of IE, watch for popups and other indicators from other browser.
• Scan the page. Is the layout equivalent? Are the images displayed properly? Do the menus work? Is it ‘smooth‘, meaning the page reacts to your actions in a timely manner?
• How long did the page take to load? Is it fast enough for most of your visitors? If you have alot of dialup site visitors, this is a serious issue.
• Click through the site, assessing image quality at all levels. There is a delicate balance between image quality and image size. People can’t see size, but they will see a long image download. They can quickly identify a poor quality image.
• Do secondary pages load quickly?
• Watch for broken links or missing images.
• Look at the quality of the content. Are there many mispellings or grammatical errors? If so, your site will be at risk for the same.
• Think about the content from a marketing perspective. Does it make sense? These people will be defining your site. If they can’t market their company, how will they be able to sell your products? If they don’t do a good job on their own site, how will they perform on yours?
• Are the company’s specialties in line with your interests? There is no sense hiring a company that specializes in design to build an ecommerce site. Be sure they have excellent ecommerce experience before continuing. This site has valuable information about credit card processing: https://www.pcisecuritystandards.org/
• If there is a portfolio, are there links to the sites? If not, the sites are probably no longer run by that company. Go check the sites and look for a footer linking back. If they don’t link back, you may want to contact that company to ask who did the site, and to get feedback. Check how those sites run. Are any similar to what you’d like?
• If you change the font size, does it change gracefully in the browser?

• Use ‘View Source’ to look at the code. You don’t need any technical skill to do this. Is the code orderly, meaning reasonably easy to read? Indenting will probably be inconsistent, and that indicates that an application is probably in use. That’s a good sign. Are there any silly comments? Notes such as ‘check this later’?

• If they have a blog, read a few posts. Is it mature? Professional? Relevant to your interests?
• Try to assess the tone of the site. Are the focussed on their clients? Are they focussed on themselves? Are they out in left field? Are images of the company and office appropriate?
• Are they hiring? Are they always hiring? That can indicate explosive growth or high turnover. What are the target qualifications for their positions? Is the bar set fairly high?
• Go to LinkedIn and look at the people in the company. Are they people you would like to hire? Are their profiles and images professional? How many people are there? Is there a logical distribution of titles and positions? If not, the work may be outsourced, or the organization may be off kilter.

Before you contact them, be sure you can clearly state what you would like. What is the objective of your site? If you can’t answer that question, wait until you can.

Most web companies have very high speed Internet connections. This may improve productivity for those that develop on remote, publicly accessible servers, but it can also prevent the development team from appreciating the impact of the design and front-end coding on the site performance for the majority of site visitors.

The easiest way to determine the estimated download time is to use YSlow. Take the number of bytes required to display an uncached page (or unprimed cache) and divide it by the estimated connection speeds. http://websiteoptimization.com is an excellent resource, because it calculates page load/display time for you, as well as illustrating all the page components. It may be affected by caching, so review the report carefully. You can use Google analytics (or any similar service) to see the connection speeds.

Low-tech methods include allowing employees to work from home. DSL is one of the very common access methods, and will show performance issues much better than cable or other very-high-speed paths.

The above link can also be used to understand the time required for the page load and display process.

The link above is a link to Secunia, which tracks security issues for many products.

Interpreting the data is definitely subjective, for the following reasons:

• If an application is constantly being tested and reviewed for security issues, problems will be found more quickly.
• Applications with reports of many issues may simply be tested better than others.
• Applications which are very popular will also have a greater presence, as this implies greater testing.
• Development teams that are very concientious and report issues frequently will cause a greater quantity of reports than more reserved teams.
• Development teams that refrain from reporting security issues may consider that a valid approach, by reducing the information available for malicious users.
• Some applications have fundamental issues that make them more vulnerable than others.

After reviewing the reports for an application, there are several courses of action.

• Check if the application has been compromised on your server. Immediately apply any recommended upgrades or patches.
• Review the application documentation and the site/forum for additional tips on securing the application.
• Review any appropriate server security practices.
• Determine the value of any data or content involved, with an eye toward the cost of replacement or porting to a different application. Be sure to include the cost of training, learning curve (both for users and developers), administration issues, etc.
• Consider a web application firewall such as mod_security (http://modsecurity.org).
• If you have sensitive data or ecommerce, consider a hosted solution.
• Repeat

An application that can power multiple sites can greatly reduce maintenance.