Building and Publishing a web site

Step 1 - Hosting:
The first thing we have to do is to find a Web hosting provider. Hosting is where we put our website and all
the Web pages. While it's possible to build a website on our personal computer and never move it online, it's
somewhat pointless. No one but we will ever be able to see it. So there are several types of Web hosting
options we can choose from:
Free Web hosts
Standard Web hosting
Dedicated, Virtual, and Shared Hosting
Most people gravitate to free Web hosting without too much thought, but there can be drawbacks to free
hosting. We don't always get as much space, we might be required to run their ads on our site, or there may
be bandwidth limits. Be sure to read all the fine print before we put our website on a free Web host. I
recommend using free hosting providers for testing Web pages and for personal pages.
Step 2 - Need a Domain Name:
We don't need a domain name to put up a website. We can put up a site on free hosting or even paid
hosting plans without a domain name. A domain name provides extra branding for your site and makes it
easier for people to remember the URL.
Step 3 - Plan Your Website:
Once we have gotten a domain and decided on our URL, we can start planning our site. We need to decide:
Type of site - most websites are either news/information, product, or reference sites. As such they each have
a slightly different focus.
Navigation - The navigation affects the information architecture of our site.
Content - Content is the actual pages we'll be building.
If we can recognize page types, we'll be able to recognize what types of pages we need for our site.
Step 4 - Build the Website Page by Page:
Building a website requires that we work on one page at a time. To build our site we should be familiar with:
Design Basics - The elements of good design and how to use it on websites.


Learning HTML - HTML is the building block of a Web page. While it's not absolutely required, we'll do better
if we learn HTML than if we don't.
Learning CSS - CSS is the building block of how pages look. And learning CSS will make it easier for us to
change our site's look when we need to.
Web Page Editors - Finding the perfect editor for our needs will help us learn design, HTML, and CSS.
Step 5 - Publish the Website:
Publishing our website is a matter of getting the pages we created in step for up to the hosting provider we
set up in step 1. We can do this with either the tools that come with our hosting services like cpanel or with
FTP clients. Knowing which we can use depends upon our hosting provider.
Step 6 - Promote the Website:
The easiest way to promote the website is through search engine optimization or SEO. We build our Web
content so that it ranks well in search engines. This can be very difficult, but it is inexpensive and can result
in good results if we work at it.
Other ways to promote the site include: word of mouth, email, and advertising. We should include our URL
on all professional correspondence and whenever it makes sense in personal messages. I put my URL in my
email signature along with my email address.
Step 7 - Maintain the Website:
Maintenance can be the most boring part of website design, but in order to keep the site going well and
looking good, we need to do it. Testing the site as we're building it and then after it's been live for a while is
important. And we should also work on content development on a regular basis.
Precautions required developing a website
Identify the audience
o motivate the audience: treat them with respect and provide proactive feedback opportunities
o establish clear, measurable web site objectives or design purposes
o acknowledge reactions, effort & success, and built in help for failure to meet expectations
Content
o focus and define the website content
o language should be simple, understandable for a global audience
o promote scanning content for important concepts
o build in white space


o prioritize your information, as with an outline or concept map
Navigation:
o simple
o clear
o layered (site maps)
o organized (think "outline")
Incorporating graphics
Developing websites begins with its text and structure. After the basic structure is developed, the content
should be analyzed as to what would benefit from illustration whether line or photographic graphics
Principles:
o choose a background and text colors with high contrast
o use a browser safe palette
to be consistent across platform and browser
o format text consistently
avoid color changes
avoid italics (hard to read), color changes, and underlining (mistaken for links)
avoid overly-large text
o avoid textured backgrounds
that make it difficult to read
o illustrate content with simple, symbiotic, scaled (small), stagnant (non-moving) graphics
o avoid "dancing dogs":
graphics that show off but do nothing for content
o file formats: compressed (.jpg) photographs, and drawings in (.gif)

CLARITY
The purpose of your website must be clear, otherwise, it is likely that our customers will not understand
what we are trying to tell them. Some websites are simply online brochures, some are online shops and
some are online information points. As part of our marketing plan decide what we want to do with our
website.

COMMUNICATION


Web sites are all about communication. The site that we develop should be simple and easy to use. We
should avoid designing a site that is cluttered. Flashing icons, funny noises, music and video are all very
well but the user should be able to choose to see these features if they want too they should not be part
of the standard interface. We should keep pictures on important pages to a minimum and make sure that
important text appears high up on the page as soon as the page is loaded. It is very annoying to have to
wait for an image to download before we can read the information that we are looking for. Our site should
also be kept up to date. One of the worst things that we can find on business sites on the Internet is out of
date information.
Email communication has become a vital part of industry operation and our web presence should facilitate
this type of communication by giving customers plenty of opportunity to email us from links within the site
and a specific contact form within the site, which people can use to send an email request for information or
a
brochure to us.
CONSISTENCY
It is vital, if we want your website to appear professional that it is consistent with the way in which our
business operates and the way other marketing material appears. It can be tempting to use techniques of
presentation to make our business look very modern and flashy. A good web designer will take time to
understand the kind of image that we want to portray about our business and construct the site
appropriately.


.Web Crawler/Search engine/Spiders
Large volumes of information are available on the internet. Hence if proper techniques are not
available then it may be quite difficult to find the required information. Thus the most popular way
of finding information from the internet is to use a search engine. They are essentially large
databases. It does not represent the information in a hierarchical manner. User simply types a
keyword in context with the information required and then the database is scanned and all the
relevant documents are present on the screen. Finally the users need to click the requisite
document. It is basically a kind of hyperlinks.
Each search engine uses a crawler or spider with its own set of rules guiding how documents are
gathered. When the user types the words related to the topics required, then the spider discovers
the documents and URLs. These are sent to the indexing software. They put the information on
the user computers screen. Finally user clicks on the required address or hyperlink. Since the
document itself is on the search engines database, so the corresponding web site is located and
loaded. The database is searched based on the user criteria. Finally the results are returned to the
client side in the form of HTML files.
Some of the most popular search engines are Lycos, Excite, AltaVista, Info seek, Google, Yahoo
etc.
Static Pages
Static pages are those on our site that send exactly the same response to every request; dynamic
pages can customize the response on the server to offer personalization based on cookies and
information it can get from the visitor.
Advantages
Quick and easy to put together, even by someone who doesn't have much experience.
Ideal for demonstrating how a site will look.
Cache friendly, one copy can be shown to many people.
Disadvantages
Difficult to maintain when a site gets large.
Difficult to keep consistent and up to date.
Offers little visitor personalization (all would have to be client side).
Dynamic Pages


Dynamic pages can customize the response on the server to offer personalization based on
cookies and information it can get from the visitor. It allows the server to generate unique content
each time the page is loaded.
Advantages
Offers highly personalized and customized visitor options.
Database access improves the personalized experience (as opposed to using just client side
cookies)
Scripts can read in data sources and display it differently depending on how it is run.
Can create the illusion of being updated regularly using time and date sensitive routines (or even
randomizers) to display pre-written text.
Disadvantages
Personalized pages are not very cache friendly.
Requires a basic minimum knowledge of the language being used.
Scripts need more consideration when uploading and installing, particularly to Unix-related servers.


Difference between a static and dynamic website
Web pages can be either static or dynamic. "Static" means unchanged or constant, while
"dynamic" means changing or lively. Therefore, static Web pages contain the same prebuilt
content each time the page is loaded, while the content of dynamic Web pages can be generated
on the fly.
Standard HTML pages are static Web pages. They contain HTML code, which defines the
structure and content of the Web page. Each time an HTML page is loaded, it looks the same. The
only way the content of an HTML page will change is if the Web developer updates and publishes
the file. Each page is a separate document and there is no database that it draws on. What this
means functionally is that the only way to edit the site is to go into each page and edit the HTML -
so we w'd either have to do it ourselves using a web page editor or we can edit the site each time
we wanted something changed.
Other types of Web pages, such as PHP, ASP, and JSP pages are dynamic Web pages. These
pages contain "server-side" code, which allows the server to generate unique content each time


the page is loaded. For example, the server may display the current time and date on the Web
page. It may also output a unique response based on a Web form the user filled out. Many
dynamic pages use server-side code to access database information, which enables the page's
content to be generated from information stored in the database. Websites that generate Web
pages from database information are often called database-driven websites.
Client side scripting & server side scripting
Client side scripting is a script, (ex. Javascript, VB script), that is executed by the browser (i.e. Firefox,
Internet Explorer, Safari, Opera, etc.) that resides at the user computer. Client side scripts are executed
and changed by the user on his side (the client side), while server side scripts are executed and changed
by the user on the server. Server side scripts provide much more functionality for and by the wide variety of
users (and their respective computer/browser settings) all around. Server-side scripting is a web technology
that allows custom HTML to be delivered to a client machine where the code that generates the custom
HTML is processed on the web server before the HTML is sent to the client.
Client side Scripting is possible to be blocked , where as server side scripting can't be blocked by
the user , so if you validate using CLIENT SIDE only , and client side scripting blocked then even
validation cannot be done and directly even wrong data can be accepted and thus makes a flaw in
the system.














































COM (Component Object Model)
COM or Component Object Model is Microsoft's approach to Component Software and Interface
based programming.

The Component Object Model (COM) is a platform-independent, distributed, object-oriented
system for creating binary software components that can interact. COM is the foundation
technology for Microsoft's OLE (compound documents), ActiveX (internet enabled
components), as well as others.

It is crucial to bear in mind that it is not an object-oriented language, but a standard. COM does
not specify how an application should be structured. Language, structure, and implementation
details are left to the application programmer. COM does specify an object model and
programming requirements that enable COM objects to interact with other objects. These
objects can be within a single process, in other processes, even on remote machines. They can
have been written in other languages, and may be structurally quite dissimilar. That is why COM is
referred to as a binary standard - it is a standard that applies after a program has been
translated to binary machine code.

The only language requirement for COM is that code generated in a language that can
create structures of pointers and, either explicitly or implicitly, calls functions through
pointers. Object-oriented languages such as C++ and Smalltalk provide programming
mechanisms that simplify the implementation of COM objects, but languages such as C, Pascal,
Ada, Java, and even BASIC programming environments can create and use COM objects.

COM defines the essential nature of a COM object. In general, a software object is made up of a
set of data and the functions that manipulate the data. A COM object is one in which access to
an object's data is achieved exclusively through one or more sets of related functions.
These function sets are called interfaces, and the functions of an interface are called
methods. Further, COM requires that the only way to gain access to the methods of an
interface is through a pointer to the interface.

It also provides a small number of API functions that all components require. COM has now


expanded its scope to define how objects work together over a distributed environment, and
added security features to ensure system and component integrity.
DCOM (Distributed Component Object Model)
The Component Object Model (COM) and its related COM-based technologies of DCOM, COM+,
MTS and ActiveX comprise the most widely-used component software model in the world.
The Microsoft Distributed Component Object Model (DCOM) extends the Component Object
Model (COM) to support communication among objects on different computerson a local area
network (LAN), a wide area network (WAN), or even the Internet. With DCOM, your application
can be distributed at locations that make the most sense to our customer and to the application.
Because DCOM is a seamless evolution of COM, the world's leading component technology, you
can take advantage of your existing investment in COM-based applications, components, tools,
and knowledge to move into the world of standards-based distributed computing. As we do so,
DCOM handles low-level details of network protocols so you can focus on your real business:
providing great solutions to our customers.


CORBA (Common Object Request Broker Architecture
The Common Object Request Broker Architecture
Object Management Group (OMG) that enables
languages and running on multiple computers to work together. Thus it is a standard architecture
for distributed object systems. It allows a distributed, heterogeneous collection of objects to
interoperate.
The Object Management Group
over 700 companies and organizations, including almost all the major vendors and developers of
distributed object technology, including platform, database, and application vendors as well as
software tool and corporate developers
CORBA defines architecture for distributed objects. The basic CORBA paradigm is that of a
request for services of a distributed object
The services that an object provides are given by its
Interface Definition Language (IDL). Distributed objects are identified by object references, which
are typed by IDL interfaces.
The figure below graphically depicts a request. A client holds an object reference to a distributed
object. The object reference is typed by an interface. In the figure below the object reference is
typed by the Rabbit interface. The Object Request Broker, or ORB, delivers the request to the
object and returns any results to the client. In the figure, a
typed by the another object -interface.
The ORB is the distributed service that implements the request to the remote object. It locates the
remote object on the network, communicates the request to the object, waits
when available communicates those results back to the client.
The ORB implements programming language independence for the request. The client issuing the
request can be written in a different programming language from the implementatio
Common Object Request Broker Architecture)
Common Object Request Broker Architecture (CORBA) is a standard
OMG) that enables software components written in multiple
ng on multiple computers to work together. Thus it is a standard architecture
for distributed object systems. It allows a distributed, heterogeneous collection of objects to
(OMG) is responsible for defining CORBA. The OMG comprises
over 700 companies and organizations, including almost all the major vendors and developers of
distributed object technology, including platform, database, and application vendors as well as
l and corporate developers.
for distributed objects. The basic CORBA paradigm is that of a
request for services of a distributed object.
The services that an object provides are given by its interface. Interfaces are defined in
Interface Definition Language (IDL). Distributed objects are identified by object references, which
The figure below graphically depicts a request. A client holds an object reference to a distributed
ference is typed by an interface. In the figure below the object reference is
interface. The Object Request Broker, or ORB, delivers the request to the
object and returns any results to the client. In the figure, a jump request returns an object reference
nterface.
The ORB is the distributed service that implements the request to the remote object. It locates the
remote object on the network, communicates the request to the object, waits
when available communicates those results back to the client.
The ORB implements programming language independence for the request. The client issuing the
request can be written in a different programming language from the implementatio
standard defined by the
written in multiple computer
ng on multiple computers to work together. Thus it is a standard architecture
for distributed object systems. It allows a distributed, heterogeneous collection of objects to
is responsible for defining CORBA. The OMG comprises
over 700 companies and organizations, including almost all the major vendors and developers of
distributed object technology, including platform, database, and application vendors as well as
for distributed objects. The basic CORBA paradigm is that of a
. Interfaces are defined in OMG's
Interface Definition Language (IDL). Distributed objects are identified by object references, which
The figure below graphically depicts a request. A client holds an object reference to a distributed
ference is typed by an interface. In the figure below the object reference is
interface. The Object Request Broker, or ORB, delivers the request to the
request returns an object reference

The ORB is the distributed service that implements the request to the remote object. It locates the
remote object on the network, communicates the request to the object, waits for the results and
The ORB implements programming language independence for the request. The client issuing the
request can be written in a different programming language from the implementation of the


CORBA object. The ORB does the necessary translation between programming languages.
Language bindings are defined for all popular programming languages.
One of the goals of the CORBA specification is that clients and object implementations are
portable. The CORBA specification defines an application programmer's interface (API) for clients
of a distributed object as well as an API for the implementation of a CORBA object. This means
that code written for one vendor's CORBA product could, with a minimum of effort, be rewritten to
work with a different vendor's product. However, the reality of CORBA products on the market
today is that CORBA clients are portable but object implementations need some rework to port
from one CORBA product to another.
--------------------
Points to remember:
1. Send client request to remote object through ORB(locates remote object on the network
and communicates the client request and waits for the result)
2. Services are provided by interface for remote objects
3. Services are provided to the requested client by the object through ORB








///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////

Some important topics -



Internet relay chat(IRC), CORBA, organizations responsible for guiding & co-ordinating the network, Static & Dynamic
web pages & their advantages & disadvantages, client-side and server-side scripting, Difference between ejb & java
bean, bean, ejb, entity, session & message beans, session & cookie, advantages of session over cookie, event handler
in java, a program in javascript to check id, name & email, some java script programs, firewall & its advantages &
disadvantages, xml, dtd xml program & its validation program, php functions, session program to store user id in a
session variable for login into a system, hypertext & hypermedia, html tags, html forms, publishing a web page,
precautions required to develop a web site, , HTTP, WWW, TELNET, Browser, Internet & its history, ISP, DNS and why
it is needed , IP address

Firewall
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of
rules and is frequently used to protect networks from unauthorized access while permitting legitimate
communications to pass.
Many personal computer operating systems include software-based firewalls to protect against threats from
the public Internet. Many routers that pass data between networks contain firewall components and,
conversely, many firewalls can perform basic routing functions.
Firewalls can be Software-based firewalls or hardware based firewalls. Software based firewalls are often
run as additional programs on computers. They are often known as personal firewalls. On the other hand,
hardware-based firewalls run on a dedicated computer. These offer a better performance than software
firewalls, but they are more expensive.
Firewall for Windows
Zone Alarm
Winroute
Trojan Trap - Trojan Horse
Firewall for Linux
Iptables
Firewall for Mac
Netbarrier









Types of firewall
Packet filtering firewall
Application level gateway (application proxy)
Packet Filtering
Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the
Internet. If a packet matches the packet filter's set of rules, the pack
reject it (discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no
information on connection "state"). Instead, it filters each packet based only on information contained in the packet
itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP
and UDP traffic, the port number).

Advantages:
Simple, low cost, fast, transparent to user
It can be implemented on relatively inexpensive hardware, meaning that simple, cheap boxes can do
packet filtering for very large numbers of user connections.

Disadvantages:
They cannot prevent attacks that employ application
Application level gateway (application proxy)
Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the
Internet. If a packet matches the packet filter's set of rules, the packet filter will drop (silently discard) the packet, or
reject it (discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no
n connection "state"). Instead, it filters each packet based only on information contained in the packet
itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP
Simple, low cost, fast, transparent to user.
It can be implemented on relatively inexpensive hardware, meaning that simple, cheap boxes can do
packet filtering for very large numbers of user connections.
ent attacks that employ application specific vulnerabilities or functions

Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the
et filter will drop (silently discard) the packet, or
reject it (discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no
n connection "state"). Instead, it filters each packet based only on information contained in the packet
itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP
It can be implemented on relatively inexpensive hardware, meaning that simple, cheap boxes can do
vulnerabilities or functions


because they do not examine upper-layer data.
Most packet filter firewalls do not support advanced authentication schemes due to the lack of upper-
layer functionality
It is easy to accidentally configure a packet filtering firewall to allow traffic types, sources and
destinations that should be denied based on an organizations policy due to the small number of variables
used for decision

Points to remember:
Decisions made on per-packet basis
No state information saved
Works at the network level of the OSI model
Applies packet filters based on access rules defined by the following parameters:
Source address
Destination address
Application or protocol/next header (TCP, UDP, etc)
Source port number
Destination port number
Application level gateway (application proxy)
It is an application that mediates traffic between a protected network and the internet. It is used instead of
router-based traffic controls to prevent traffic from passing directly between networks. Application level
gateways also called proxies are application specific. They can filter packets at the application layer of the
OSI model. Incoming and outgoing packets can not access services for which there is no proxy. An
application gateway is configured to be a web proxy, will not allow any FTP, TELNET or other traffic
through because they examine packets at application layer. They can filter application specific commands
such as http: post and get etc. Application level gateways can also be used to log user activity and logins.
They offer a high level security, but have a significant impact on network performance.
Points to remember:
They are application specific (i.e., tailored to a specific application program).
Every connection between two networks is made via an application program called a proxy.
Connection state is maintained and updated.
Proxies are application or protocol specific
Only protocols that have specific proxies configured are allowed through the firewall; all
other traffic is rejected. e.g. a gateway that is configured to be a web proxy will not allow any ftp, gopher,
telnet or other traffic through.


It filters packets on application data as well as on IP/TCP/UDP fields.

Advantgaes
More secure than packet filtering firewalls because rather than trying to deal with the numerous possible
combinations that are to be allowed and forbidden at the TCP and IP level, the application gateway need
only scrutinize a few allowable applications.
It is easy to log and audit all incoming traffic at the application level.

Disadvantages
Very CPU intensive because there are two spliced connections between the end users, with the gateway at
the splice point, and the gateway must examine and forward all traffic in both directions.
Requires high performance host computer
Expensive


Advantages of Firewall
1. Specialized skills are not required for configuration.
2. Help block computer viruses and worms from reaching our PC
3. Ask for permission to block or unblock certain connection requests
4. A feeling of increased security and contents are being protected
5. Relatively inexpensive or free for personal use and easy to install
6. We can monitor incoming and outgoing security alerts and then Firewall Company will record and
track down the intrusion attempt depending on the security.

Disadvantages
1. Firewall can not protect us from internal malicious worms within a network or from allowing other
users access to our PC
2. It cannot protect from indecent materials like pornography, violence, drugs and bad languages
3. Weak defence from virus and so antivirus software must be installed on our PC
4. It makes our system more slower than before
5. Every host need to be updated regularly
6. No centralized management.

Difference between Firewall & Antivirus Program
Firewall Antivirus Program


1. Cannot detect a virus 1. Detects a vius
2. It can be hardware or software 2. It is a software program
3. Used to limit incoming
transmissions to those that are
least likely to contain malicious
data
3. Look at the effect that the incoming
data has on the system
4. Cant be used to remove threats
if they already happen to get
part of the firewall
4. Can actively search and destroy the
threats and virus definitions that
can allow them to identify specific
threats