How to Boost Up Your Website Load Time

With the increased speed of internet, internet users, who could tolerate the long load time of the websites, are decreasing. Eventually, load time has become predominantly important for all the websites. Another important factor, which even made it rush, is the announcement of Google. According to it, the natural search results would based on the consideration of the sites which could load faster than the websites that load slower.
All websites are needed to run with the best speed to attain these dual benefits. The load speed being the most important and priority of the website, the following tips to increase the load speed would surely be beneficial.
Size of images uploaded matters
The images can be placed on web pages with full size and changing its size at the backend using many CMS software like Joomla, WordPress etc. Loading the initial image and sizing according to the backend command, consumes more time by the browser while loading the web pages. So, it is suggested to edit the image exactly the size that fits into the webpage thereby the speed of the web page loading would be improved.
Use only important plug-ins
The huge number of plug-ins developed and released over open sources are very tempting to add up in our website. However, you have to remember that each plug-in you use consumes certain web resources. So, select the plug-ins which are truly important according the functionality of your website. Every time, before using them, do a tradeoff between the functional benefit of your website and the speed reduced accordingly and then decide to use them.
Ensure the scripts on your site to be up-to-date
The site scripts have to be checked against the new versions available, for the e-commerce or CMS that your site uses. If there are any new releases are found, immediately upgrade the site asap. It is also important to retain an old copy of the script as a backup as it could eliminate potential roadblocks that hinder the speed of the sites to be loaded. There are site script developers, who consistently work on improving the speed of the site.
Use CDNs
CDN or Content Delivery Networks can show increment in the speed of your website. If the content of your site is stored in such CDNs, which are available throughout the network, instead of local hosting account you can request to provide or serve up the data or content of your site, through the server, which is geographically closest to the visitor of your website. It has dual benefits that search engine as well as the visitor can find and retrieve your data faster from local or closed servers fast.
Browser caching enabling
Browser caching technology stores copies of the visited pages of your website in the visitor's browser, so the future load of the same page does not take time. This feature can be enabled with W3 Total Cache tool of WordPress for example.
Gzip Compression to be on
The Gzip Compression technology can reduce the size of responses of browser-based HTTP to even 70%. You can do it just by installing Gzip compression plug-in.
Place CSS files at the top and JavaScript at the bottom
Keeping the CSS files at the top could save resources by prohibiting progressive rendering. At the same time, JavaScript at the bottom let your pages not to wait until full code execution, which in turn increases the speed of browsing.

Article Source: http://EzineArticles.com/8026752

5 PHP Security Measures

For many years, PHP has been a stable, cheap platform on that to control web-based applications. Like most web-based platforms, PHP is liable to external attacks. Developers, database architects and system administrators ought to take precautions before deploying PHP applications to a live server. Most of those techniques will be accomplished with a couple of lines of code or a small adjustment to the applying settings.
#1: Manage Setup Scripts:
If the developer has put in a collection of PHP scripts from a third-party application, the scripts the application uses to put in the operating parts can even offer an access point to unscrupulous users. Most suppliers of third-party packages suggest removing the directory containing the setup scripts shortly when installation. For developers who want to retain the setup scripts, they will produce an .htaccess file that controls access to the administrative directories.
AuthType Basic
AuthName "Administrators Only"
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
Any unauthorized user who makes an attempt to observe a protected directory can see a prompt for a username and password. The password should match the allotted password laid out in the "passwords" file.
#2: include Files
In several instances, developers might use a private file in many parts of an application. These scripts can contain an "include" directive that includes the code of the individual file into that of the originating page. once the "include" file contains sensitive info, as well as usernames, passwords or database access keys, the file ought to have a ".php" extension, instead of the everyday ".inc" extension. The ".php" extension insures that the PHP engine can process the file and stop any unauthorized views.
#3: MD5 vs. SHA
In things wherever finish users produce their own usernames and passwords, website administrators can usually embrace include to encode the parole password before the shape submits the form field entry to the database field. In past years, developers have used the md5 (Message Digest algorithm) function to encode passwords into a 128-bit string. Today, several developers use the SHA-1 (Secure Hash Algorithm) function to form a 160-bit string.
#4 Automatic global Variables
The php.ini file contains a setting referred to as "register_globals". once the register_globals setting is on, the PHP server can produce automatic global variables for several of the server's variables and query strings. once putting in third-party packages, like content management software system like Joomla and Drupal, the installation scripts can direct the user to line register_globals to "off". dynamic the setting to "off" insures that unauthorized users cannot access data by dead reckoning the name of the variable that validates passwords.
#5 Initialize Variables and Values

Article Source: http://EzineArticles.com/8167542

5 Most Common PHP Security Breaches

PHP is one of the most popular programming language used today. PHP application development has seen immense growth in the past decade. Being open source is one of the main reasons for it is popularity amongst developers - the other top reason is its rich features. Programmer friendliness is definitely appeasing, but with all web applications, there comes one very important consideration - security. What good is an application if it can be easily hacked into and broken. A robust code that includes tight security can help you build a great application.
Here's outlining for you the top five security considerations for PHP Application Development:
Be aware of cross site scripting:
This generally occurs when your website or application allows users to post messages - like forums. Some malicious users whose intent is hijacking of course, can easily enter a <script> tag and reload your web page to a site that they control. How difficult is it then to collect another user's cookie and session information? Well, here's how you can avoid this. Whenever there is a user submitted data to your website, ensure that you do not allow display of HTML syntax - only allow plain text. Well, some might say that it is mandatory for the forum to allow HTML content to be submitted by user, then the only option is to exclude potentially mis - usable tags like <script>. Of course, this slightly loosens security.
Unvalidated Inputs:
Whenever your application has a user input, it is but natural that there are going to be errors - either a mistake or a deliberate attempt to break the code. Ensure that you validate user input data by including a code that will reject anything otherwise. For example if you are expecting a numeric input, all alphabetic or alpha - numeric inputs should be rejected by your code. Even a null input must be considered for action - either accept or reject.
Session ID:
In PHP Application Development, session ID hacking is a very important consideration. If anyone tracks your session ID, he can see all your information. So, always use authentication or re-validation of the user while resetting passwords or entering sensitive information like credit card numbers etc. Another alternative is to use SSL (Secure Socket Layer) connections which show greater protection against sniffing of session Ids.
Error Reports:
This is just a pointer. If your display_errors php.ini file is not set to 0, all your database connection errors will be displayed to the end-user. Any user with a malicious intent can then easily get information about the internal working of your PHP application. This is just a check point - just to be aware of.
Unencrypted HTTP Transmissions:
Ensure that all data handling for sensitive user input data like credit card numbers or bank transactions are done over a secure connection like HTTPS. Here's where you use SSL again. Same goes for FTP - use SFTP instead to transmit sensitive files.
Well, all said and done, PHP Application Development with the more recent versions of PHP comes with better default settings. Yet, ensure that your code does not leave loopholes for the malicious minds!

Article Source: http://EzineArticles.com/8223923

4 Tips To Writing Great HTML

In a time where we have so many templates and frameworks to choose from in designing and developing web sites, does it even matter any more to know how to write good HTML?
It sure does. In fact, now more than ever.
Take mobile which is all that anyone ever talks about. Sloppy, bloated code will slow the download speed of your pages. On cellular networks that could be a site wrecker.
But I'm here not to tell you why but how to write HTML that is smart, clean and brings goodness to web pages. (You will just have to trust me on the why thing for now).
A hallmark of HTML is that it uses a very predictable pattern. Once you understand it you will be on your way to properly using HTML.
Here's some pretty low hanging fruit to get your HTML coding skills in much better shape.
1. Never Use A Container (tag) Without Content
Why would you?
Something like <p></p> is strictly verboten. If you are thinking that will get you some white space forget it. That is what CSS does.
With HTML, less is always better than more. Useless junk like <p></p> is just that. Junk.
2. Use The Newer HTML5 Tags
This one is my personal bug-a-boo.
For years web page creators begged to have meaningful HTML tags like

• <header>
• <footer>
• <article>
• <nav>
• <section>

and the like to get away from junk like:

• <div id="header">
• <div id="footer">
• <div id="nav">

So, when I still see people using that old crappy markup I just want to cry.
3. Never Have Your HTML Refer To Anything That Deals With Style
If you are still doing things like
<img src="logo.gif" alt="Apple" width="100" height="100" />
you can go ahead and lose the width and height attributes right now. That's just more code bloat.
4. Using Heading Tags (H1 - H6) To Set Up An Information Hierarchy For A Web Page
Good web content comes in the form of a hierarchy where the information is grouped so that the most important content is presented at the top of the page or section. Using Heading tags is a lot like setting up Headlines and Sub heads for a page.

Article Source: http://EzineArticles.com/8194136