Month: August 2016

In-Depth Checklist for International Service

Posted on by Mario

International SEO An In Depth Checklist_1

For some reasons many SEO services think the need of international SEO as part of their campaign. However, few only conduct international SEO since international SEO is a challenging task. Therefore, to help you conduct international SEO we provide you with several steps, such as follow.

Find Your Current International Audience

Doing research is the first step that you should take before let your SEO goes international, so gauge current and potential interest by looking at your site traffic by country in Google Analytics. Find the countries that your traffic originates from by opening the location report under Geo and sort by sessions. These top listed countries are your top candidates to get their own targeted sites or pages.

IMAGE

The next step is to open up the Google Search Console Search Analytics report and filter by country. Check the boxes for impressions, click through rate (CTR) and position. A country who contributes lots of click will receive a large number of impressions and have higher average positions are good starting points for international targeting. In fact, it is easier to rank well in countries where you’ve already gained some transaction.

Determine Language vs. Country Targeting

Now there are two ways that can make your site goes international, you can choose to create sites in alternate languages, or to target them geographically? It looks like two of them works oppositely, but it will have big impact on how you go about creating your international site.

Both of them have their own weakness and strength:

  • Language:

You’ll get widen reach of audience once you have optimized your pages by language. Since people in French will be relevant and accessible to French speakers all over the world. It will also make translating/creating simpler since you won’t need to optimize it for specific cultures or markets. The downside is that your content will have to be generic and free of idiomatic phrases that may not be used globally.

  • Country:

You can provide more discounts, sales and other offers since you’ll be able to really target your content. Linguistic variations, like the differences between British, Canadian, Australian, and American English will not bother you anymore. In fact, since the SEO will be limited into a single country, therefore you need to do any market research to optimize your content for local buying behaviors.

Decide which URL Structure is Best for You

Arranging the best URL structure is necessary for your SEO site and there are three options for URL structure that is good for international websites:

  • Country code to-level domains (ccTLD)

ccTLDs is quite self-explanatory: they use country codes in their domain name or domain extension, instead of the generic.com, .org or .net. In fact, the biggest advantage of using a ccTLD is because it does your geotargeting for you. When Google sees example.co.uk or example.it, it knows that those sites should serve United Kingdom and Italy’s users.

  • Subdomains

Another way to build up a lot of brand awareness globally is by using language or country-specific subdomains as the way to go for a company. Moreover, you need to make sure to use Google Search Console’s International Targeting if you do create geotargeted subdomains. This will make sure that Google will use that subdomain in searches in the appropriate country.

  • Subfolders (also called subdirectories)

The main advantage of having subfolder is that because it is the fastest and easiest option to implement, as they just require you to create a few extra folders for each country and/or language. Due to this, subfolders are a great option for smaller companies. However, subfolders somewhat can be ambiguous for both human users and search engines since people will be confuse, for instance is /fr/ meant for users in France or for all French speakers?

Smart Ways to Measure the Value of Your Content

Posted on by Mario

smart content

Many sources have discussed about the importance of high quality content to the success of SEO campaign, but how do you know that your content contains good value to support your SEO campaign? Below are several ways that can determine whether your content already has great value to your search engine optimisation. You better check it out!

  1. Run an NPS Survey

A Net Promoter Score (NPS) is an app that is commonly used to gauge loyalty between a brand and a customer. In fact, NPS survey is the best method to measure the value that your blog is delivering to readers. NPS’s measurement can be discovered by simply asking a simple question: How likely is it that you would recommend our blog to a friend or colleague?

Respondents to the question are then grouped as follows:

  • Promoters (score 9-10) are loyal enthusiasts who will keep buying and refer others.
  • Passives (score 7-8) are satisfied but unenthusiastic customers who are exposed to competitive offerings.
  • Detractors (score 0-6) are unhappy customers who have the possibility to damage your brands and interfere your business by spreading negative comments.

The main reason why you need to run NPS survey on your blog is that because you can begin to understand how many of your readers truly appreciate your content and whether they are willing to share it.

You can find many great tools to help you run an NPS survey on your blog, such as Promotor.io, SurveyMonkey, Delighted, Qualaroo. and etc. Moreover, in order to get a wide range of surveyor, you should be mindful of ensuring you reach all kinds or readers with your survey. In fact, you need to make sure that you send all the survey to all possible readers.

  1. Pay Attention to the Comments

Thanks to the rise of social media, now you can find a lot of easy ways to engage with your readers through social networks like Facebook, LinkedIn, and twitter:

  • They can share a link to your post on Twitter, Facebook (or any network of their choice)
  • They can interact with a post where you’ve shared a link back to the blog (favoriting a tweet, sending a reply, liking on Facebook)
  • They can retweet your tweet sharing the post or share your Facebook post
  • And etc.

With all these options and ways to interact with content, the highest of engagement is by knowing that people can share and comment on your post anywhere since they are willing to take the time to respond directly within the post itself since they will not bother to waste their time on replying a comment if they do not feel inspired by our post at all.

  1. Monitor Mentions and Shares

The clearest indicator that will reveal your content level is by measuring the amount of mentions and shares. You can see whether your content contains good value or not by seeing the number of shares it receives and the number of mentions you receive via social media tools.  There are many social media tools or sharing plugins that you can use to analyze how many mentions and shares that you get, such as SumoMe and Social Warfare, PostReach and Buzzsumo, but nothing comes for free.

How to Prevent Replay Attacks on Your Website

Posted on by Mario

How to Prevent Replay Attacks

Today, web security has been a hot issue for many web developers since many hackers are getting smarter and smarter in attacking intercept and resend network packets that do not belong to them which are terribly dangerous. Therefore, to prevent any bad things happen to your site, we show you simple ways as solution which is far from a complete solution but considered enough to give you a general view of how tokens and simple protocols can enhance security in your websites.

  • The One-Time Token Concept

In order to tie every HTTP response to a token string that will be valid only for the next post request. Simple steps of breakdown are conducted as follows:

1 The client makes a GET request by typing the URL or a page or by clicking on a link

2 The server generates a random token. Subsequently, it stores a copy of the token in the session and embeds a copy of the token in the <form> tag of the response it sends to the client.

3 The client processes the content, and sends a POST request to the server, say when the user clicks on a button, which contains the randomly-generated token.

4 The server receives the request and proceeds with processing it only if the attached token is equal to the one stored in the user’s session.

5 The server invalidates the token and returns to step 2, where it formulates the response with a new random token.

In this manner, it cannot be repeated because the token it contains is no longer valid after the request is sent to the server even if a critical request sent to the server is intercepted by a malicious user. This will work the same if the user unintentionally presses F5 on the keyboard and resends the request after posting information to the server.

  • The Solution

We update the markup to add a hidden field in order to prevent a POST request from being repeated which will store the token.

1

Further step is to create a function that produces a random token and embeds it both in the hidden field and the session collection.

2

Next, we change the Page_Load() function to only display the posted data if the posted token is equal to the one stored in the session.

3

Finally, to generate a new token before the final output is sent to the client, we override the OnPreRender() function. This is what makes it a one-time token, because it’s renewed every time a new request is sent.

4

 

It works just as it did before, when you submit the form by clicking on the button. But you’ll get the following error if you try to simulate the reply attack by refreshing the page because the token that is sent with the form is no longer equal to the one stored on the server:

5

This way, we can distinguish valid button-click submissions from falsely-repeated requests.

  • Modify it even Better

Since they’re using the same session token key, one of the problems with this code is that if you have two tabs in your browser pointing to the same page, posting one will invalidate the token of the other which can be directed by adding a token ID that will make sure each request-response sequence happening in one tab will use its own set of unique tokens and will not interfere with other requests on the same page. To go back to the TokenizedPage class and add a TokenID property is the first order of business. Since the first time, this property generates a random ID in the initial GET request and stores it in the ViewState collection for future reuse.

6

Next, we will adjust the SessionHiddenToken property to use the TokenId property instead of using the Page. Title property.

7

The interesting part is that we don’t need to make any other change and the new mechanism will work with all pages that come from TokenizedPage.