Archive for December, 2006

Is your web server secure or are you unknowingly allowing access to all of your personal files?

Most universities in the United Stated provide server space for students and faculty to use for websites, homework, and various other reasons. While a great practice, it also creates very serious security risk when inexperienced computer users and improperly secured web directories meet. Many students use their personal web space to store resumes, pictures of family, class projects and many other personal items that contain very sensitive information. When the student places these files in an unsecured directory, the files are offered up to anyone who happens to browse the folder. Here is an example of what an unsecured Apache Server directory looks like to someone on the internet who is browsing your personal files after a very simple Google search.

Consider the possible ramifications of a student storing pictures of themselves, their resume including home address, phone number and email address. Those ramifications could very serious in today’s society with online predators.

There are a few different ways to combat the problem of open or unsecured directories but the easiest way is a slight modification to the http.conf file for Apache servers. By default Apache servers display the contents of a directory if the server does not find an index.html or similarly associated file. To make the needed correction webmasters should find a line in the http.conf file that looks very similar to this:

Options Indexes FollowSymLinks Includes

Remove the term Indexes. Save the http.conf file and restart your Apache server.

Now when an internet visitor navigates to a directory that doesn’t have an associated DirectoryIndex file the surfer will get a permission denied error instead of a listing of all the files on the server.

This guy is just good. There isn’t more to say about it than that. Forget how smart he is and what a great show they put on at the dailysearchcast.com, Danny Sullivan is just entertaining to listen to. He doesn’t say Uhh every 15 seconds, he cracks a few jokes, ( Come on, I am geek just like the rest of you, but it is damn hard to make Search Engine Marketing funny) and he keeps his show interesting. Danny Sullivan could easily be somewhere else doing a traditional radio show. That is assuming he wanted to take a pay cut. Check out Danny Sullivan at dailysearchcast.com and Digg Danny Sullivan.

Did everyone get their Google Christmas Card?

Thanks to Ryan McCoy over at Blog Ryan for the Blog Tag. Blog tag is a game going around where you post 5 things about yourself that most people don’t know. So without further adieu here is my list.

1. I am a huge Jimmy Buffett fan and have a tattoo on my left ankle of the chameleon logo from his Caribbean Soul t-shirts.
2. I love horror movies. Especially the ones from the 70’s. I have a Michael Myers McFarland figure on my desk and have seen Halloween hundreds of times. I will even pop it in the computer and play it in the background just to listen to it.
3. I have been in the tech field for 8 years and using computers for 20+ years. I still don’t own an MP3 player. ( I cheat and use my old Pocket PC phone to listen to Audio books from audible.com
4. I have a 2001 Black Mustang Bullitt, number 4301 out of 5500ish made. Thanks to Atlanta traffic, I hate driving it.
5. I spent a month ranked number 1 in the world playing thesportingnews.com paid fantasy hockey.

Now let me see. Who can I tag. I think I will get: Chris Hooley, Steve Pavlina ,Greg Gaylord, and Cristian Mezei

I have this one affiliate marketing ad that is doing pretty well for me.  I had run it up the flag pole with a few other offers and this one stuck.  It is averaging almost $60.00 EPC and is pretty close to 90% profit each month.  That may not be the baddest boy on the block, but I will sure take it.  All of it’s traffic comes from Microsoft Adcenter.

The problem I realized tonight while going over some of my sites was I have not  stayed on top of my keyword list for this search arbitrage website.  I put one of my main words in the keyword suggestion tool at digitalpoint and found several keywords with decent traffic I wasn’t bidding on.  I had let this bad boy get behind.  A lot of us run many websites and the point of this post is to remind you to take a look back at some of your  good ideas because they could be great ideas.

Randfish over at seomoz.org had a blog up yesterday talking about early gossip at SES Chicago. One of the rumors making the rounds is Google’s  search quality team has undercover people buying links.  Now my question is this.

If you ask a person buying a link from you if they work for Google, are they required by law to tell you and show you their badge?

Bad boys bad boys.  Whatcha gonna do.  Whatcha gonna do when they come for you.  LOL

I was listening to some music tonight and having a good ol time when I wanted to look up the lyrics for a song. I typed in my usual one line of lyrics and the artist name in Google and watched as the results poped up. I picked one of the top 3 choices and clicked the link only to be stunned by the response.

Google is now marking sites that contain spyware or malware. Wow, this is big. Censorship issues aside, this is pretty interesting. Google is now checking out sites and will warn you if they contain known malware or spyware. As a Network Admin who is forced to watch his people use IE I am very pleased to see this. The other part of me that fears Google wonders what is next.