Sitemap.xml or Sitemap.html - search

I am working on one web application. I want to submit site to web crawlers using a site-map file.
There are many ways to do so
Use sitemap.xml
Use sitemap.html
Use urllist.txt
Use compressed sitemap files
All we need to do is add one of these files in root directory of applications.
My question is which option out of these is good to use ?

I'd go with an xml sitemap as defined here http://sitemaps.org/
Html sitemaps are more geared towards user navigation and urllist.txt seems to be an old method of providing links to yahoo.
XML sitemaps in the format defined on the above site were created by Google, Yahoo! and Microsoft and are recognised by all three.
The others wont do any harm but I believe the biggest benefit will come from an xml sitemap.
As for compression, that's up to you, if you want to conserve your bandwidth then gzip it however keep in mind it must be no larger than 10mb when uncompressed.

Related

Ckeditor security concerns in laravel

I want to let my users post articles on my website but i have serious concerns about ckeditor security.
What i want to ask is:
Can users upload any kind of codes that can put my site at risk through ckeditor?
Is there any way to limit users of those kind of actions?
About my application:
I'm using laravel 5.6 and ckeditor last version.
Please share your thoughts and experiences.
CKEditor is not insecure on purpose. No sense in developing an insecure product (except for educational purposes). It doesn't allow uploading executable content (as a feature). However, it does have a history of publicly exploited vulnerabilities, mostly due to it's handling of wide variety of user input that will be stored in user accessible locations/paths.
Nonetheless, you can still mitigate it's risks substantially if you simply restrict the paths which allow web app execution (php, asp, etc...).
PHP example:
Create an .htaccess file in the dir where ckeditor places it's user generated/uploaded data. Inside that file place the following:
php_flag engine off
There are additional methods to achieve this, which depend on your specific environment. But the main idea remains - block execution abilities in the target dir for user content/uploads, and watch out for security updates for all your components.
One last note - the best practice to avoid users uploading executable content would be to store in a non-web-exposed location. I would even advise outside of the web served root dir. This also would help to prevent a big portion of path traversal vulnerabilities. But specifically for CKEditor type of plugin it makes the solution much more complicated, since that content needs to be accessed by web users (by design!).

Angular SEO for a directory multi-language app

I am doing an angularjs app with a nodejs-expressjs server.
I want to do an app that it's similar to a business directory.
I have doubts about if it's possible doing it SEO friendly to the all items at the directory, either by his name or his features (tags). Always having in mind that all pages are created with AngularJS.
If it is possible, how to do that dinamically.
I implemented an example that uses prerender server (this https://github.com/prerender/prerender) and the prerender-node library at the app server.
My example's pages, created by angularjs, does work (are SEO friendly, it appears at google's search)..but the pages are "static", and the directory it's going to add always new bussines to the directory that I want to appear in googles searching.
Besize, I want my app to be multi-language, and also have doubts about how to do all of that be multi-language, and if it is possible.
I hope you can help me.
If you're hosting your own Prerender server, it will serve the page "on the fly" every time Google accesses it, so it will always have the latest, dynamic content from your pages. If you're using a Prerender plugin to cache your pages, you'll need to make sure you recache them... or use our Prerender.io SaaS and we'll take care of all of the recaching for you.
It sounds like you just want Google to crawl your pages more often because of how dynamic your content might be. In order to have Google crawl your pages more often, make sure to quality inbound links from other sites to increase your PageRank.
Here is lots of advice from Google about multi language sites: https://support.google.com/webmasters/answer/182192?hl=en

How do I host HTML files on cloudant?

the answer to this question must be so trivial because I can't find anything that spells it out for me.
I'm trying to set up a database on cloudant but I keep hearing that to abide the same origin policy the html files will need to be hosted in the same location.
How do I get my html files onto my cloudant domain?
I feel pretty stupid that I haven't been able to figure this out for myself.
You can host static sites on Cloudant similarly to CouchDB. Your best "Getting Started" resource is probably CouchApp.org which explains the mechanism and provides links to tooling which will help you bundle the assets together.
It's also worth mentioning that Cloudant now supports CORS so an externally hosted site is possible as well.
As attachments.
Upload your files as attachments and then access them by going to https://you.cloudant.com/dbname/documentid/name_of_file.html.
Tools like erica (a bigger list of options here) will do that for you. With them, you just need to put all your HTML, CSS and JS files in a folder and the tool will save them all as attachments of a Design Document, then that bundle will become your Couchapp.
(After that you just have to mix some ajax calls to _views and pure docs with links to _list and _show functions -- if you want -- and you'll be a complete couchapper).

use iframe or template

Hi:
In our application,there are so many sub pages and menus,for example:
the main menu for the whole site:
Index/Document/News/SysConfig and etc.
And inside the Sysconfig page,there are also other menus like :
user managment,roles,logs... and etc.
Now we use the iframe to make the layout of the site,we change the related iframe's src attribute according to user's choice. but I wonder if this is a good idea?
I thought use the tempalte,for example the apache tiles in jsp and the masterpage in asp.net.
I wonder which is the best pratice?
Best Practice would be to go the templated route ...
I haven't really looked into web accessibility for a long time ... but in the past when I used to work on externally facing sites, using frames of any sort was a big no-no. Screen readers would have problems with frames including iframes. I'm not sure if the current generation of screen-readers handle them better.
There's also the search result/deep linking issues to consider. For example, will your google result link point directly to the page in the iframe? do you have to do a hack to redirect the user to the main page?
Also going the templated route may not be that difficult as long as you don't have a lot of content to migrate. There are fantastic content management solutions out there like Wordpress, or Drupal and Joomla if you have more complex needs.

CMS for already-built site

I redesigned a website that was using CMS Made Simple. It's a relatively small site and I'm learning as I go along, so I first built the redesign using just HTML but I'm now going to use PHP includes.
But I don't know how to integrate what I'm building into the CMS. I searched around the server and I can't find any traces of the pages built with CMSMS, so I assume that everything is contained somewhere within the CMS.
But I want something that will allow pages to be built and edited both inside and outside the CMS. If it's done outside, I want to be able to just FTP the new or changed content to the server.
Is this possible, and if so, what would be the best free CMS?
Thank you.
I don't know if I understood yout question, but I think you don't understand the concept of a CMS.
The redesign you made should only change the Theme/Style files, the content itself should be changed only in the administration of the CMS. What you may change from outside and FTP is only the theme files.
Things work this way so the person that put content in the site doesn't have do be a designer/developer.
BUT, there are some kind of CMS that may allow you to do what you want, but they are not completely free. Give it a look at CushyCMS and PageLime.
Since they intend to be a CMS for editing already made static sites, you may use it and if needed you can pull some page from FTP, edit it and then push it back.
You can try Template Externalizer http://dev.cmsmadesimple.org/projects/externalizer, which will give you FTP Access to Edit different content blocks, all templates, css and some content. I'm sure it will make your life easier when developing or integrating HTML into the page.
Template Externalizer, "watches" a FTP folder. and when you upload files onto the server, it saves the changes into the database making your change visible right away.
The files willl be located here: CMSROOT-INSTALLATION-PLACE/tmp/externalizer/
I hope this helps a bit.

Resources