Every week, I review the traffic statistics for our Department's Website. The traffic statistics are one tool for reviewing how well the site is serving the community. I study what pages people visit the most, which tells me what they want. It also means these pages need to hold the attention of the visitor, and bring them pack to the site.
I also look at the search engine results, to see what visitors want to find. It is a clue as to areas of improvement. For example, there a number searches for baseball. I also look at referrer statistics, as they tell me what pages are important to other sites. For example, our site has a number of links to our Highway Fatality Marker program.
The statistics tell a story. We just need to read the story. When reading the story, I also look for potential security problems. This morning I noticed something I had not seen before on our site. There were search patterns that were attempting to harvest email address.
Protecting the site and the data on the site is one of my hot buttons. As part of an on-line membership project, I have been building a MySQL database for contact information. This database is not accessible from a remote site. I am moving in the direction of dynamically generating all rosters and post information from this database. Consequently, none of the pages on the site will actually contain any contact information. All such information will be dynamically generated. Furthermore, it will take two or three clicks before the actual contact information appears.
Making our sites better and safer is a never ending task.
Bill Anderson
WebMaster
American Legion of Montana
Subscribe to:
Post Comments (Atom)
House Rules
General Orders:
Do not post messages/items that are unlawful, harassing, defamatory, or abusive.
Do not post Hate Speech, defines as "any comments intended to degrade, intimidate, or incite violence or prejudicial action against a person or group of people based on their race, gender, age, ethnicity, nationality, religion, sexual orientation, gender identity, disability, language ability, moral or political views, socioeconomic class, occupation or appearance.
"No spamming or flooding. Don't repost the same message/items or very similar messages/items, more than once. Relevance. Interesting posts that are off the current topic are acceptable. When that happens, we'll try to start another thread, and move the comments over. However, banal or repetitive off-topic posts lower the value of the conversation for everyone and may be removed.
No impersonating. Impersonating someone is not acceptable (however, impersonation of comical intent will be tolerated with reserved right to censor and/or reject base on our interpretations).
Links. Do not post stupid random links.
Copyright and the law. You own the copyright in your postings, but you also agree to grant to The American Legion a perpetual, royalty-free, non-exclusive, sublicenseable right and license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform, play, and exercise all copyright and publicity rights with respect to any such work worldwide and/or to incorporate it in other works in any media now known or later developed for the full term of any rights that may exist in such content. In other words, if you post a good comment, we may use it in our publications. If you do not wish to grant such rights, do not post to this site. You may not violate, plagiarize, or infringe on the rights of third parties including copyright, trademark, trade secret, privacy, personal, publicity, or proprietary rights. Phew.
Standing Orders:
Constitutions and By-laws. The American Legion is a resolution based grassroots organization. As such, The American Legion National Commander is the only spokesperson of the organization. Although personal comments and voices of dissent are welcome, any posted messages/items, implicitly or explicitly denoting representation of the whole organization not adhering to the resolutions passed by the National Executive Committee will be removed without notification.
Do not post messages/items that are unlawful, harassing, defamatory, or abusive.
Do not post Hate Speech, defines as "any comments intended to degrade, intimidate, or incite violence or prejudicial action against a person or group of people based on their race, gender, age, ethnicity, nationality, religion, sexual orientation, gender identity, disability, language ability, moral or political views, socioeconomic class, occupation or appearance.
"No spamming or flooding. Don't repost the same message/items or very similar messages/items, more than once. Relevance. Interesting posts that are off the current topic are acceptable. When that happens, we'll try to start another thread, and move the comments over. However, banal or repetitive off-topic posts lower the value of the conversation for everyone and may be removed.
No impersonating. Impersonating someone is not acceptable (however, impersonation of comical intent will be tolerated with reserved right to censor and/or reject base on our interpretations).
Links. Do not post stupid random links.
Copyright and the law. You own the copyright in your postings, but you also agree to grant to The American Legion a perpetual, royalty-free, non-exclusive, sublicenseable right and license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform, play, and exercise all copyright and publicity rights with respect to any such work worldwide and/or to incorporate it in other works in any media now known or later developed for the full term of any rights that may exist in such content. In other words, if you post a good comment, we may use it in our publications. If you do not wish to grant such rights, do not post to this site. You may not violate, plagiarize, or infringe on the rights of third parties including copyright, trademark, trade secret, privacy, personal, publicity, or proprietary rights. Phew.
Standing Orders:
Constitutions and By-laws. The American Legion is a resolution based grassroots organization. As such, The American Legion National Commander is the only spokesperson of the organization. Although personal comments and voices of dissent are welcome, any posted messages/items, implicitly or explicitly denoting representation of the whole organization not adhering to the resolutions passed by the National Executive Committee will be removed without notification.
1 comment:
Website security is critical to the protection of our members’ privacy. There are a lot of ‘bots’ out there doing massive crawls searching and tapping and extracting information from servers, remote hosts, proxies, etc., and using the information for future spam emails…
That is why when your post or department enter into the social networks, such as MySpace, Facebook, or Flickr (a photo sharing site), you may want to consider the following security measures:
- Do not input your actual birthday… with a name and birthday, I can find most of the relevant information on you from various search engines and list servers. With that information, I can socially engineer a situation to obtain your SSN… that’s bad since with these information, I can now apply a credit card in your name… so DO NOT use your real birthday!!!
- Do not input your address or actual phone numbers… there are a lot of crawl-bots on the web that identifies these information, and capture them and turn it over to a list server for direct solicitation purposes… unless you want to get mail and emails about Viagra, you do not want to put your contact information down… if you do please make sure it is set to private.
- You may want to consider setting up a free email just to handle all registration online… a email is free from hotmail.com or google.com
- If you are technological savvy, you can consider an OpenID as a source of your virtual identity… OpenID requires no personal information, but also keeps track of your credentials online so you do not have to sign up for a lot of random useless services… just google the word Open ID and you should be able to find out more…
Post a Comment