conversion to xhtml

I started using the cleanup tools on Dreamweaver to clean up extra code, check the markup and to convert to xhtml. I never realized how much extra code Dreamweaver added, no wonder I’ve been finding formatting a minor nightmare. Like there’s tags all together like </br></br></p></br> when one </p> will do. So I went through the code view and tried to clean up.

Fixed the width of tables. Page tables are 800px in width. Widths of columns are also fixed. Plus any cell that doesn’t need formatting will have the css removed. This means going through all the tr and td code line by line. It’s very.pain.ful. But everything looks a bit cleaner now.

I know the direction is to move to php. Don’t have the knowledge yet. One of these days.

security

I already took out mailto links to prevent harvesting. The public email address is displayed using [at] instead of @. A human can understand but not a bot.

For further security, I added a couple of .htaccess files. These are strange beasts, initially when I tried I get 404 errors on every page, so I quickly took that out. This time round I started simple.

A reminder to myself, there must always be a “.” at the start of the file name, and it’s always in plain text format. The trick I find is saving and loading it as htaccess.txt, then changing the name to .htaccess (no suffix) in control panel.

1. Disable hotlinking
Hotlinking is when someone links to an image directly on the source website. So when other people view the page or click on the image, the source server has to send the image over. This is bandwidth stealing. The person who wants to show that image should save the file on their own server and use their own bandwidth.

Place the .htaccess in the same folder as the images that should not be hotlinked. Code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?invisiblecompany.com(/)?.$ [NC]
RewriteRule .
.(gif|jpg|jpeg|bmp)$ – [F,NC]

This will deal with gif, jpg, bmp files. If other file formats need to be blocked, like png, just add “png” to the list.

I’ve created a public images folder on the website so if I ever need to make an image available that’s where it will go. Like putting avatars or images on some forums, or for whatever reason.

2. Directory listing
Sometimes people enter urls like http://domain.com/folder/ to get a listing of the files in that folder. Most of the time it’s harmless but why let them know so much? To prevent directory listing, place the .htaccess file in the applicable directory, or in root for the entire site. Very simple code for the file:

IndexIgnore *

.htaccess can also be used to impose a password for particular folders. This seems pretty neat. I’ll get round to it eventually.