Tim

Footprints in the snow of a warped mind

October, 2011

Where to find me

Flickr Icon  Twitter Icon  Linked In Icon  FaceBook Icon  Windows Live Alerts Butterfly  RSS 2.0 

The Site Doctor is Hiring!

Enjoy what you read here?
Think you can do better?
Join our team and get paid
up-to £35,000.
Apply now.

Tag Cloud

AJAX (4) Analysis (3) ASP (6) ASP.Net (59) Error Reporting (4) Web Service (2) WSDL (1) Atlas (2) Azure (1) Born In The Barn (1) Business (95) Business Start-up Advice (37) Client (17) Expanding Your Business (24) Recruitment (1) C# (25) Canoeing (4) Canoe Racing (5) Cheshire Ring Race (5) Racing (2) Training (4) Christmas (1) CIMA (1) Cisco (1) 7970G (1) CMS (1) Code Management (1) Cohorts (4) Commerce4Umbraco (1) Content (1) Content Management (1) Content Management System (1) CSS (4) dasBlog (5) DDD (2) DDDSW (1) Design (12) Icons (1) Development (28) Domain Names (1) eCommerce (13) Email (1) Employment (2) Festive Sparkle (1) General (39) Christmas (6) Fun and Games (11) Internet (22) Random (46) RX-8 (8) Git (2) Google (1) Google AdWords (1) Google Analytics (1) Hacking (1) Helpful Script (3) Home Cinema (2) Hosting (2) HTML (3) IIS (11) iPhone (1) JavaScript (5) jQuery (2) LINQPad (1) Marketing (6) Email (1) Multipack (1) MVC (3) Networking (3) Nintendo (1) Nuget (1) OS Commerce (1) Payment (1) Photography (1) PHP (1) Plugin (1) PowerShell (3) Presentation (1) Press Release (1) Productivity (3) Random Thought (1) Script (2) Security (2) SEO (6) Server Maintenance (7) Server Management (12) Social Media (2) Social Networking (3) Experiment (1) Software (11) Office (5) Visual Studio (14) Windows (6) Vista (1) Source Control (2) SQL (13) SQL Server (19) Starting Something New (2) Statistics (2) Stored Procedure (1) Sublime Text 2 (1) SVN (1) TeaCommerce (1) Testing (2) The Cloud (1) The Site Doctor (140) Turnover Challenge (1) Twitter (3) uCommerce (20) Umbraco (37) 2009 (1) 2011 (1) Useful Script (6) Virtual Machine (1) Web Development (72) WebDD (33) Wii (1) Windows Azure (1) XSLT (1)

Blog Archive

Search

<August 2014>
SunMonTueWedThuFriSat
272829303112
3456789
10111213141516
17181920212223
24252627282930
31123456

Recent Comments

Blog Archive

Various Links

Google+

Blogs I Read

[Feed] Google Blog
Official Google Webmaster Central Blog
[Feed] Matt Cutts
Gadgets, Google, and SEO
[Feed] Ol' Deano's Blog
My mate Dean's blog on my space, equally as random as mine but not off on as much of a tangent!
[Feed] Sam's Blog
Sam is one of my younger brothers studying Product Design and Manufacture at Loughborough, this is his blog :) Enjoy!

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

newtelligence dasBlog 2.2.8279.16125

Send mail to the author(s) Email Me (Tim Gaunt)

© 2014 Tim Gaunt.

Sign In

    # Friday, October 28, 2011

    Umbraco developers - remember to disable the umbDebug settings when you go live

    Friday, October 28, 2011 12:05:41 PM (GMT Daylight Time, UTC+01:00)

    Recently I've noticed a growing number of Umbraco developers forgetting to disable the Umbraco debug settings before going live. We all fall foul of this from time to time but it is a security loophole that you can patch incredibly easily.

    If you're not familiar with the helpful debugging querystring parameters of umbDebug and umbDebugShowTrace they basically show you the ASP.Net trace output and highlight the various macros used on the page -there's also a useful toggle debugging in Umbraco bookmarklet on cpalm.dk.

    Why you should disable trace

    If you try it out on your site which has debugging enabled you'll get all sorts of helpful information output to the page including where your website is installed -all very helpful and interesting to hackers. It also identifies your site as an Umbraco site very quickly -again something you would want to avoid if at all possible.

    How to disable the debug settings via the web.config

    Umbraco helpfully has a built in flag in the web.config appSettings section which allows you to effortlessly toggle the debuging features on/off. To turn it off, search for "umbracoDebugMode" in your web.config and if it's set to "true", change it to false.

    <add key="umbracoDebugMode" value="true" />

    Should be:

    <add key="umbracoDebugMode" value="false" />

    For good measure you should also change ASP.Net's built in debug flag:

    <compilation defaultLanguage="c#" debug="true" batch="false" targetFramework="4.0">

    Should be:

    <compilation defaultLanguage="c#" debug="false" batch="false" targetFramework="4.0">

    Disable it using UrlRewriting.config

    If you prefer the belts and braces method, you can add a rule to your UrlRewriting.config to redirect the user everytime the url includes something that looks suspicious. To do this, just add the following rewrites to your UrlRewriting.config (or replace it completely if you don't have any rules):

    <urlrewritingnet xmlns="http://www.urlrewriting.net/schemas/config/2006/07"> 
              <rewrites> 
                        <add name="nodebugaspx" 
                            virtualUrl="(.*).aspx.*umbDebug.*" 
                            rewriteUrlParameter="IncludeQueryStringForRewrite" 
                            redirect="Application" 
                            destinationUrl="~$1.aspx" 
                            ignoreCase="true" />
    
                        <add name="nodebug" 
                            virtualUrl="(.*).*umbDebug.*" 
                            rewriteUrlParameter="IncludeQueryStringForRewrite" 
                            redirect="Application" 
                            destinationUrl="~$1" 
                            ignoreCase="true" /> 
              </rewrites> 
    </urlrewritingnet> 
    
     

    Don't forget to follow me on Twitter.

    # Thursday, October 20, 2011

    Think about your users when writing your content

    Thursday, October 20, 2011 2:20:06 PM (GMT Daylight Time, UTC+01:00)

    FrustratedIgnoring the aspects of design, SEO duplicate content, underlying code and tone of language, as a content editor you really should give consideration to your user and what they're looking for. I generally steer clear of critiquing -or even commenting on work that isn't our own (or when being asked by the creator) but sadly there still seems to be a real misunderstanding from clients on what makes a usable website.

    We recently launched a website for local award winning pie makers - Elm Tree Foods and as a result we've spent a lot of time dealing with other local providers websites/council websites and I'm left stunned by the horrific experience they're offering their users. What riles me more about this though is the fact that most of their users are the sort that need to be helped through the process as they aren't often familiar with the internet (somewhat of an over generalising I realise).

    A good example I came across today is Herefordshire's main tourism website: www.visitherefordshire.co.uk. It's well ranked for the search term of "Flavours of Herefordshire" (a good start) but it's then down hill from there. I was trying to find out where the Elm Tree Foods stall would be and when the festival was. We've seen signs locally saying it's at the Hereford Race Course (there's some debate over whether it really is) but we weren't sure that was the case for Elm Tree Foods.

    You can try this yourself, see how long it takes you to find out where and when the Flavours of Herefordshire food festival is purely be using www.visitherefordshire.co.uk. Ideally you want all the information on one page.

    Step 1: The Landing Page - Homepage

    HomepageFull

    Message on the homepage - good start. Or is it? Take a closer look and you may find that although you've got the dates (and if you continue reading a time) there's still no indication of where the festival is:

    Homepage

    Step 2: This week's events in Herefordshire

    Clicking the only apparent link on the homepage (I didn't want details on the other events -rather the Flavours of Herefordshire event) takes you through to the listing page which has the Date, location, contact details but no time (which was on the homepage if you remember?).

    EventList

    So we're set? We have the location and the date/time, what more is there?

    Step 3: The Flavours of Hereford event landing page (version 1)

    Well, not knowing Hereford that well, I don't know where 1 King Street is so need to find that out. Logically I click through onto the event's page and I'm taken to:

    FlavoursOfHerefordshireEventPage

    Putting to one side the MASSIVE white space on the top right, again there is no mention of when this glorious event will take place.  Presumably they were going to put all the clear location/date/time information in that large white space at the top of the column -but were overwhelmed with their workload forgot.

    Another point with this page is that the content talks a lot in the past tense which is very confusing, was this page meant to be released after the event?

    I still don't have a single page with all the information on so lets pop back to the homepage to see if that offers anything else.

    Step 4: Back to the homepage

    Back in the homepage for another look and it turns out the title, although not completely clear, is also a link.

    Homepage

    Step 4: The Flavours of Hereford event landing page (version 2)

    Clicking the title, I'm taken to this page:

    FlavoursOfHerefordshireLandingPage

    Ok good, I've got loads of helpful information here: "Hereford Race Course for the weekend of Saturday, 22nd October and Sunday 23rd October, 2011 - 10.00am to 4.30pm each day" -exactly what I was after (even though it's hidden away in a paragraph of unnecessary fluff)!

    But hang on, I thought it was at "Discover Herefordshire Centre, 1 King Street, Hereford, Herefordshire"? What's this about the Hereford Race Course? Also, the other page didn't mention anything about tickets or prices, does that mean I have to pay now? I'm now confused.

    Imagine if you didn't know it wasn't at the race course (as I previously did), you'd now be going to the Hereford race course, paying £7.00 to get in and left disappointed at not getting to try Elm Tree Foods' award winning pies. Bad times. To be clear, I won't know until this weekend whether it is at the Race Course or not (or indeed what will be at 1 King Street) so if you're interested, follow me on Twitter to find out first.

    "But it's complicated because we have so much content"

    We've all heard it from larger organisations when getting them onto the web. It's not hard to confuse the user -and it's also not difficult to help guide the user either; regardless of how much content you have, you just need to give consideration to the user's journey and what the important messages are at each step.

    Although it is still having work done to it, here for comparison is the Elm Tree Foods homepage and event details page. Even when resized, the important information is largely available:

    ElmTreeFoodsHomepage

    ElmTreeFoods

    But good design costs too much

    I don't know how much www.visitherefordshire.co.uk cost to design and develop however, one thing I'm almost certain of is that the user could have been offered a much better user experience than they are currently receiving.

    If after reading this you're concerned about your user's experience, contact The Site Doctor for a website check up.

     

    Don't forget to follow me on Twitter.

    # Thursday, October 13, 2011

    Estimating the real value of source code

    Thursday, October 13, 2011 12:16:11 PM (GMT Daylight Time, UTC+01:00)

    ThinkBeforeYouActCodeGradientIf you run a software development company of virtually any size, you've no doubt been asked/bullied at some point for the source code; sometimes it's even stipulated as a requirement of the contract.

    At The Site Doctor we don't tend to quibble over the source code (especially not for standard websites at least) and that's mainly because we know that the value of what we do isn't in the files of code themselves; instead the value is in our knowledge of you, your product, your requirements and our past experiences in our respective areas of expertise.

    Putting to one side for a moment the knowledge gap (this can be filled over time/with enough resources), depending on your future plans, getting access to the source may not be the holy grail you think it is. If you are actively developing your project on an on-going basis (you should be), consideration will need to be given to how you ensure your copy is up to date. We have systems to handle this (called source control) but you have to question whether the additional time required to learn and manage the various processes are of real benefit to you.

    There are a few instances however where having access to the source code is definitely worth it. Have you for example got a contingency plan in place for if your supplier was to no longer exist? What would you do and how would you cope if the development company was no longer around? In these instances, having a copy of the source -or more importantly knowing how you can get access to the up-to-date copy is very important.

    How can I quantify the worth of the source code to me?

    As with many scenarios like this, there's not really a "one solution fits all" answer however after a little internal discussion we came up with the following:

    Value of Source Considerations
    High
    • Was the system completely bespoke?
    • Is it integral to your day-to-day operation?
    • Is it your only source of income?
    Medium
    • Although integral to your business, you have a copy of the software in a usable form and it doesn't change regularly.
    • The system offers "standard" functionality which can be replicated with relative ease should it be required e.g. e-commerce functionality.
    Low
    • The system is something generic, does not need to be changed
    • You have control over the aspects that you need e.g. it's a website with a content management system

    Is it worth getting the source code as a client?

    Yes; but I would consider the message it's giving to your developers. If you ask for it at the beginning of the contract then there shouldn't be a problem but bringing it up after delivery might leave the developers wondering what your motive is (even if it is totally innocent).

    Should I give the source code to my client?

    Yes; unless you've clearly stipulated otherwise to the client from the start for some reason e.g. to reduce project costs. You should always write your code in a way that is readable to others anyway and knowing that you might at anytime be offering up the source code will encourage you to keep it that little bit leaner.

    How do you handle source code with your clients?

    To handle a scenario in which The Site Doctor no longer exists (whether it's because we've gone into administration or we're all hit by a meteor), we use Crisis Cover; an online information storage system that securely stores all the information our clients would need if we were no longer around. Crisis Cover then checks that we're still around and if not, distributes the information to the designated contacts.

    If you've not already got some form of contingency plan in place I urge you to set something up now whether it's a service like Crisis Cover, Excel or paper!

    In closing I would definitely promote the attitude we have at The Site Doctor in that it's better to build long-term partnerships but you should still have some disaster contingency plan in place.

     

    Don't forget to follow me on Twitter.