My newest project, highschoolwebdesign.com, is a complete, 12 week course in introductory web site design at the high school level. It contains free lesson plans and rubrics for students and teachers to use in the computer lab.
I have a number of web projects under my belt, but this is the one for which I anticipate the most traffic. I’ll cover the business and marketing considerations of launching the site in other articles.
Business Model (Briefly)
The site offers free lesson plans. Additional resources such as Powerpoints, quizzes, exercises, samples, and source code will be available for sale. When teachers purchase the curriculum, they will also get everything on the website in PDF format with full rights to make copies for their classrooms.
The site will be partially ad-supported. Ad revenue is dependent on traffic, so it’s important that users actually visit the website every time they want to view the content. Making sure users don’t print or republish my content is extremely important.
This entry outlines my technical requirements and their implementations.
- Content Management System
I settled on Wordpress as my CMS after evaluating others: Drupal, Joomla, and CakePHP. Wordpress is easy to understand and modify, has lots of useful plugins and a vibrant community, and it got me started in the least amount of time.
Copy Protection
I’ve included Javascript code to prevent my site from being captured inside someone else’s frame. The code isn’t foolproof, but it does work in many cases.
Javascript disables highlighting content with the mouse. I originally disabled right click as well, but sometimes users need to right click on the links. If the user really wants to highlight and copy my content, disabling Javascript is all they need to do. I’d guess that most of my visitors probably don’t know that, though.
- Hiding content when Javascript is disabled
I’ve set up my stylesheets so that my main content is hidden by default. Only if Javascript is enabled in the browser does the script run, loading the stylesheets and making my content visible.
The thinking goes like this: if users disable Javascript to get around the anti-highlighting code, at least the content will be hidden. If they really wanted to, they could still copy and parse the source of the page, but that would present a significantly higher barrier for people wanting to copy my content.
I have a stylesheet that hides everything when the web page is printed from the browser.
Atom and RSS feeds for the blog have been disabled. The most common way of stealing web content is to place RSS feeds on other sites.
None of these measures make it impossible for people to steal my content; if people are really determined to do it, they could. But it will prevent teachers and students, who aren’t usually incredibly technically inclined, from copying my content in the obvious ways.
Spam Prevention
Currently the site only has one form, and it is not protected by a CAPTCHA, but adding one later will be a trivial matter when the need arises.
My email address is not displayed as text on the website, but as an image instead. I use Google’s excellent spam protection on my email account as well.
Performance
Once the site is reasonably stable, I’ll enable caching so the PHP scripts don’t need to run every time a page is requested.
Content will be served compressed to browsers that support Gzip. This one is a no brainer :)
Intrusion Prevention
Everything from the DNS record to the MySQL database is protected with its own unique, random, 256 bit password from https://www.grc.com/passwords.htm
- Input Sanitization and XSS Prevention
These are the only two features on this list that Wordpress ships with.
Search Engine Optimization
Wordpress uses Apache’s mod_rewrite to enable search engine friendly URLs
The site contains a plugin that automatically generates sitemap.xml for search engines.
Other
The site contains a plugin which backs up all files on the server plus the database. The result is a single .zip file that I download to my computer on a weekly basis.
The site implements uservoice to get feedback from visitors.
There’s a lot more to building a public website than just doing a one click Wordpress install. Only one item on this list comes with Wordpress and is enabled by default.