SuiteCRM, an open source tool for startups to use from an early stage.

When we talk about businesses in their early stage, it’s quite a big deal to choose good management and sales software for a long term use. Our experience in helping multiple startup says, all the startups do not have too much money to buy / rent a good CRM at an early stage, but requires to lineup things from a very early stage itself.

So we have come up with an open source CRM software that can be used as a one stop solution for all the early stage, as well as a long term solution. The SuiteCRM, an open source tool for startups to use from an early stage.

There are multiple other options available too. But using this is a great experience as it has some great features like workflow automation, building custom modules, and lot more.

The installation of SuiteCRM is very very easy. It can be installed on a shared server having cpanel or a cwp control panel. It is also available for installation via Softaculous. A separate stand alone installation can also be done on Linux systems too. For details on installation please visit https://docs.suitecrm.com/admin/installation-guide/downloading-installing/

The initial setup and usage may be a bit tricky, as the tool is a vast one. Youll need to do a lot of initial setup aa per the requirement of your organization. To learn about the usage and setup, there is a complete documentation of the tool here

SuiteCRM’s list of features

SuiteCRM is the world’s most popular open source CRM for a reason: it’s packed with features and the flexibility and robustness makes it perfect for enterprises. Check out the list below to see the modules and main features of SuiteCRM, and learn why this CRM has over 800.000 downloads and more than 4 million users worldwide.

  • Accounts module
    Accounts in SuiteCRM will hold all information specific to a company that your organisation will have a relationship with. This module allows you to manage all accounts.
  • Bugs module
    To records and track bugs in the products that you offer.
  • Calendar module
    Manage your time by scheduling Meetings, Calls and Tasks, and optionally share your Calendar so to allow others to view your upcoming activities.
  • Calls module
    Schedule and log a record of inbound and outbound calls.
  • Campaigns module
    To track, evaluate and manage campaigns including the sending of email marketing campaigns and surveys.
  • Cases module
    Cases are used to record interactions with Customers when they ask for help or advice, for example in a Sales or Support function.
  • Contacts module
    Contact is an individual who is typically associated with an Account and Opportunity. This module allows you to manage all contacts.
  • Contracts module
    Used to manage Contracts and renewal dates.
  • Documents module
    The Documents module can be used as a repository for Customer issued or internal files.
  • Emails module
    Record emails sent to and from customers.
  • Events module
    Manage information of an particular event and send out invites to delegates.
  • Invoices module
    Used to create, track and issue Invoices to customers
  • Knowledge Base module
    Template responses to be used with the Cases module.
  • Leads module
    View leads (unqualified sales prospects) in customizable list, and manage them. Once a Lead is qualified and converted it will turn in to; a Contact once you have established ‘Who’ it is, an Account when you know ‘Where’ they work and an Opportunity once it is known ‘What’ they might buy.
  • Meetings module
    Schedule and record meetings with your customers and leads.
  • Notes module
    Used to keep a record of any comments, observations or explanations to build the customer profile.
  • Opportunities module
    An Opportunity is a qualified Sales prospect. This module allows you to track your Opportunities throughout the Sales Pipeline until the deal is ‘Closed Lost or ‘Closed Won’.
  • PDF Templates module
    To create templates that can be used for Quotes, Invoices and Contracts.
  • Products module
    A product catalogue where users can select from when preparing Quotes.
  • Projects module
    Projects module allows the User to arrange their organisation’s projects by tracking a number of Tasks and allocating resources.
  • Quotes module
    Used to create, track and issue Quotations to customers
  • Reports module
    Real-time reporting using CRM data.
  • Targets module
    Typically Targets are used as the recipients of a Marketing Campaign, your organisation knows very little about these individuals and they may be re-used for new Campaigns or deleted without any impact to the business.
  • Target Lists module
    Distribution Lists used when sending email marketing campaigns.
  • Tasks module
    SuiteCRM can assist Users with productivity, offering a way to record, relate and assign Tasks and to-do items that require action.
  • Workflow module
    Automated actions based on conditions within the CRM data.
  • Responsive layout feature
    View the CRM on any device.
  • Languages feature
    Translations for over 69 languages, 25 of them over 90% complete.
  • Customizable frontpage feature
    Customize your front page with dashlets that contain lead info, custom charts, reports and more, in one or multiple tabs.
  • Customizable menu feature
    Customize your menu to gain quick access to the modules that are important for you.
  • Developer Tools feature
    Customize module fields, layouts and relationships with Studio, create and edit modules and module layouts, and configure tabs.
  • Desktop Notifications feature
    Receive desktop notifications, such as upcoming meetings and newy assigned leads
  • Advanced Search feature
    Many CRM’s will have large data sets so SuiteCRM allows you to preform advanced searches on all modules. The optional full text global search feature enables enhanced functionality of searching text in documents and other files.
  • User Management feature
    Manage SuiteCRM users. Set employee information, role, locale settings and more.
  • Role Management feature
    Manage role membership and properties, limiting or granting access to access, delete, edit, export, import, list, mass update and view each module.
  • Password Management feature
    Manage password requirements and expiration, enable LDAP Support, and SAML Authentication.
  • Security Suite Group Management feature
    Configure Security Suite settings such as group inheritance, additive security, etc. Control what your users can access. Lock down sensitive data to specific groups or teams.
  • System settings feature
    Configure the system-wide settings, such as theme, currencies, languages, activity streams, etc. according to the specifications of your organization. Users can override some of the default locale settings within their user settings page.
  • Rest API feature
    Integrate SuiteCRM with other applications, like ERPs, Marketing tools, and more.
  • Add-ons manager feature
    Install and manage SuiteCRM add-ons, creating new functionality in your CRM. Over 100 add-ons are available in the add-on store.

To try SuiteCRM, click the link below

https://suitecrm.com/suiteondemand/

How to use Google Two Factor Authentication in your project?

At our end we take security at a priority, implementation of different ways to secure website should be the priority for every developer.

Today we are going to discuss on how to implement two factor authentication using Google’s Authenticator.

What is Two Factor Authentication?

2FA is nothing new. In fact it’s already been widely adopted by most major platforms (Facebook, Apple, Google etc) as a means of making account logins more secure.

Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand — such as a physical token.

So how does the user get the code?

  • Historically this required the user to carry a widget or card reader device (in the case of bank accounts) on their person, to generate a unique code.
  • Recently a popular method has been sending the user an SMS with a one time use code.

However there are other options…

How Google Authenticator works

Google Authenticator is a free app for your smart phone that generates a new code every 30 seconds. It works like this:

  1. When enabling 2FA, the application you’re securing generates a QR code that user’s scan with their phone camera to add the profile to their Google Authenticator app.
  2. Your user’s smart phone then generates a new code every 30 seconds to use for the second part of authentication to the application.

Implementing Google Authenticator on your website using PHP

The easiest way to do this is to use an open source composer package to do the tricky stuff for you:sonata-project/google-authenticator – PackagistLibrary to integrate Google Authenticator into a PHP projectpackagist.org

You’ll use the library to:

  • Generate the QR code for your user’s to scan when they enable 2FA.
  • Verify that the code entered is valid at login.

Generating the QR Code

$g = new \Google\Authenticator\GoogleAuthenticator();$salt = '7WAO342QFANY6IKBF7L7SWEUU79WL3VMT920VB5NQMW';
$secret = $username.$salt;echo '<img src="'.$g->getURL($username, 'example.com', $secret).'" />';

Tips:

Verifying entered codes

You need to use the same secret you used to generate the barcode in order to validate the user’s input.

$g = new \Google\Authenticator\GoogleAuthenticator();$salt = '7WAO342QFANY6IKBF7L7SWEUU79WL3VMT920VB5NQMW';
$secret = $username.$salt;$check_this_code = $_POST['code'];if ($g->checkCode($secret, $check_this_code)) {
echo 'Success!';
} else {
echo 'Invalid login';
}

While Google Authenticator might not be the most desirable 2FA method for your customers, there’s no reason you can’t implement it for staff or administrators when it’s this easy.

Do Like and Share the post and also write your comments below if you like the post.

How to verify an email address before sending emails?

Email marketing is a great way to reach your clients, but while sending emails from a mail service provider, its a great concern to validate, if the email address is correct. If you are someone who has been a victim of email bounce and email rejection due to unverified email addresses, then this blog is for you! In this blog, we will talk about how to verify an email address before sending emails using PHP.

There are many email verification services that provide API as well as online support to verify email addresses. But as everyone knows, nothing comes for free. There is a certain amount charged for each email address verification. If you are trying to build a self-hosted email verification service, you can follow the below steps to verify email addresses before shooting an email.

Steps to verify email address using PHP

  1. Match the email address pattern.
  2. Verify the existence of domain name
  3. Check if the email address exists
  4. Shoot the email and store it in a verified email directory.

Let’s start with the above one by one…

Match the email address patter

Email address has a fixed pattern. every-time you initiate an email, first check for the pattern of the email address, eg. someone@example.com. If you notice carefully, the email address consists of three(3) parts.

  1. Name of user (someone@example.com)
  2. Symbol of @ (someone@example.com)
  3. Domain Name (someone@example.com)

All the three sections are equally important and are used only once per email address, for example, @ cannot be used twice in an email address.

To verify the email address patter, you can use the blow code:

$email = test_input($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  $emailErr = "Invalid email format";
}

SOURCE: W3Schools.com

The above code will help you check if the email address is properly formed or not. If in case it is not in a proper format, you will get the “Invalid email format” error message.

Verify the existence of domain name

To verify the existence of a domain name, you can do it by using simple methods.
You can either make a list of valid domain addresses of major email providers like Gmail, Outlook, etc. and verify them directly from the list. If someone provides a different domain name, you can ping the domain name and check whether it exists or not. Use the code below:

<?php
$domain="w3schools.com";
if(checkdnsrr($domain,"MX")) {
  echo "Passed";
} else {
  echo "Failed";
}
?> 

SOURCE: W3Schools.com

The above code checks for the existence of “MX” (mail exchange) records and provides output based on the existence of the same.

Check if the email address exist

To check if the email address exists, you need to send a ping email to the email address using PHP email, either via shell_exec() or by simple mail() function. This will help you get success if the email address replies to the email sent. Or if it fails, you can check the reply from the server and extract the error message.

Shoot the email and store it in a verified email list

Once you verify the email address, you should not only send your marketing email, but you should keep the details like domain name, email address to a verified list. This will help you save time when you add more email addresses to your marketing list. If they exist in your verified list, you need not verify them again and again slowing down your email frequency.

REFERENCES:

Here are some references, if you want to learn more or want to use ready to use libraries.

https://code.google.com/archive/p/php-smtp-email-validation/

https://www.w3schools.com/php/php_form_url_email.asp

https://www.tutorialspoint.com/php/php_validation_example.htm

Feel free to comment and let me know if you require any further support from my end. It feels great to help. Your comments are valuable to me and I read and reply to each comment personally, feel free to post your comments and share the blog with your loved ones…

How to secure your home network?

Securing a home network is a big concern nowadays. As the world is moving towards the beautiful virtual world, there are certain that are not too good for everyone at home. Everything has two sides, the good and the bad. We are always expecting the good, but we should also consider the bad.

Here in this blog, we will talk about securing our home network and our family from the bad in the virtual world.

To secure your home network, you’ll need to add an additional device “Firewall” at the internet terminating point. This will help you go ahead with the security aspects of your network. You can choose simple, pocket friendly, and easy to use firewalls like “MythGuard MGF001 – Mini Firewall

There are following ways to secure the home network

  • Analise all the network traffic going out of your home network
  • Block the incoming traffic from non-genuine places
  • Block traffic to and from malicious websites
  • Tag all the devices being used in the network
  • Keep your wireless network secured with a strong password
  • Setup network alarming system

To start, lets go ahead with the above points one by one

Analise all the network traffic going out of your home network

It is a good way to get started with an analysis of the traffic of the home network first. Say, if I am living n India and the traffic hitting my home network is from China and Pakistan, it is something non-useful for me. This type of analysis can make out good results in securing and blocking traffic to and from such networks.

The analysis should include the following points

  • Which device is sending traffic outside the network
  • Where the data is being sent and received
  • Is the IP to which the data is being sent or received under the risk category (You can check the reputation on https://talosintelligence.com/)
  • Are there any unknown devices connected to the network?
  • Is something unusual happening in the traffic flow of the network?

Block the incoming traffic from non-genuine places

Once you have done the analysis, you will be well known about the sources that are malicious, and that do not require either send traffic to or from the network. You can start blocking the IP addresses that you find malicious.

If you have small children in your house and you want to have a bit of parental control over the data usage, or you don’t want them to surf illegal content like pornographic data, etc. you can do it by simply blocking such category of the website in the Firewall and setting up data usage policy for your children devices. All the facilities are available in the “MythGuard MGF001 – Mini Firewall

You can even block countries, IP range, Category wise domain names, etc. to secure the data access to and from your home network.

Block traffic to and from malicious websites

Blocking traffic to and from malicious websites is the same concept as discussed above, the difference is, you can do this by simply selecting the blocking feature generally available in all the Next Generation Firewall (NGFW). Firewalls not only block the traffic from malicious websites (blocking will include blocking of surfing, downloading, and uploading of data) but also, keep on updating the list of malicious websites.

The list gets updated and hence your network stays updated too. Security from such websites keeps you away from attacks like ransomware attacks, spoofing, phishing, etc.

Tag all the devices being used in the network

Tagging devices means, adding them to the network by binding them via MAC address. It is generally one of the best ways to secure your network. In your home network, you can evaluate the total number of devices that actually require an internet connection, and then you can connect them to the network, after connecting them to the network either via wired or wireless modes, you should bind the IP address to the MAC address of each device and block other devices to join the network.

Binding MAC address to the devices will lead to NO ADDITIONAL DEVICE in the network and thus, your wireless and wired network will be more secure, as no one standing outside your home accessing your wireless network range will be able to connect to your network. Even if he/she has the password of your wireless network.

Binding devices will also give you additional features like bandwidth motoring, access control, bandwidth control, etc.

Keep your wireless network secured with a strong password

A strong password policy is always required to keep the network secure. You should always keep a strong password for your wireless network and should always keep updating it regularly. The more complex the password is, the harder it is to guess.

A strong password also secures you from attacks like, dictionary attack, etc.

You should ensure that all the devices in the network, where ever there is a need for password protection, should have a custom password. You should not leave any of the devices on its default password setup. It can cause loopholes in your network.

Setup network alarming system

Setup an alarming system to keep yourself updated if there are any problems in your network. NGFWs have features to provide you Email and SMS-based alarms in case of different situations. You can set up alarms in situations like high bandwidth usage, network failure, a new device added to the network, etc.

This will help you monitor your home network even if you are not at your home or if you are not consistently monitoring your network. The more alarms your setup, the more secure your network will be. You will get more insights into your network.

Conclusion

Concluding the above, it is always suggested to keep your home network secure as we are adding up multiple devices for either personal use or home automation on regular basis. If your home network gets compromised, it can lead to severe consequences. Take a step today and go ahead securing your home network.

You can get in touch with us if in case you require any help in securing your network. Click here to discuss with us.

9 Tips & tricks to secure your WordPress site?

It’s always a big concern when we talk about security. Hosting your website on a global network not only gives you global reach, good business opportunities, and great outputs but also gives you great risk of data loss, brand reputation risk, and a lot more.

When it comes to website security, you need to implement few basic stuff to ensure that you are on the safe side.

If you are using a WordPress-based website you can follow the below tips and tricks to secure your WordPress website from the attacker.

  • Use an updated version of WordPress
  • Always keep your plugins and themes up to date
  • Use fewer plugins
  • Turn off/disable XMLRPC if not being used.
  • Use SSL for your website
  • Always use a good password policy
  • Use Jetpack for security and monitoring of your WordPress site.
  • Keep away from unverified publishers of plugins and themes, or any other code you put on your site.
  • Last but not the least, always host your website on a secure web host.

Use updated version of WordPress

It’s always suggested that you should not keep an out-of-date version of WordPress, as it will open up loopholes for attackers to get inside your site.

WordPress is one of the most used frameworks to develop a website, thus it has a huge client base too, which makes it a big target for attackers.

Finding a loophole in WordPress will violate millions of websites. So too keep it secure and smooth, WordPress community keeps on developing security patches for WordPress and its plugins.

Sitting on the older version of WordPress will make you a good target for attackers and it will also keep you away from the latest features and functionalities.

Always keep your plugins and themes up to date.

As we talk earlier, keeping your website code up to date, keeps you safe from attackers and also ensures smooth performance and updated functionalities.

Your plugins play a great role in making your website vulnerable, and due to which we suggest keeping them up to date and always stay on the latest version.

There are features in the latest version of WordPress to automatically update your site plugins, I’ll suggest going for that. If in case you have made changes in the plugins and do not want to update them you should always keep an eye on your site and its security then.

Use fewer plugins

The more you use ready-made codes, the more you’ll find yourself vulnerable. It is always suggested to use limited amount of plugins, as it will decrease your area of vulnerabilities.

If you have installed more than 20 plugins, it will not only give you an insecure place but also make your website slow and non-SEO/non-user-friendly. You must the radius small.

Turn OFF xmlrpc in WordPress

If you are not a user of xmlrpc or if you do not have a plugin or a theme that requires xmlrpc, you must turn it off.

We’ve come along way since WordPress was first launched. Back in the day, the feature called XML-RPC was extremely useful. In a time with slow internet speed and constant lags, it was difficult to write content online in real-time, like we do now. The XML-RPC function enabled users to write their content offline, say on Microsoft Word, and then publish it all together in one go. But you might do not know that you should disable XMLRPC in your WordPress website.

Today, with faster internet speeds, the XML-RPC function has become redundant to most users. It still exists because the WordPress app and some plugins like JetPack utilize this feature.

If you don’t use any of these plugins, mobile apps, or remote connections, it’s best to disable them. Why? Every additional element on your site gives hacks one more opportunity to try to break into your site. Disabling the feature makes your site more secure.

Use SSL on your website

It’s always good to use an encryption policy, SSL is something similar. It keeps your website users safe and secures their data from a man-in-the-middle attack.

Using SSL will not only provide an extra layer of security to your website but also provide SEO to your website listing. Search engines also love websites with SSL. Sot keep an SSL assigned to your website.

Always use good password policy

A good password policy is a way to keep your account safe from people who try to invade. You should always make sure that you and your customer follow a good password policy.

Each of your users should update their passwords quarterly and should always keep a password having a combination of characters(both small and capital cases) with digits and special characters. Also, a minimum character count of 8 characters should be maintained and the password should not contain easy strings like the name of the user, etc.

Use Jetpack for security and monitoring of your WordPress site.

Spamming is one of the big concerns nowadays. People have created bots to put backlinks of their own websites and also for several other purposes. Filtering comments one by one and marking them spam is a hectic task. You can use Jetpack for securing your websites from different types of attacks including spamming, and it can also help you in monitoring the visit count of each post and page.

There is multiple blog management feature available in Jetpack. You can go for a premium version to get an add-on security and management feature for your website.

Keep away from unverified publishers of plugins and themes, or any other code you put on your site.

Un verified plugin and theme publishers can create a great risk to your website. To ensure the safety of your website, you must stay away from them or use it at your own risk. It is always suggested to either go through the entire code before you put it on your website or else, do not use it at all.

I have seen it in many instances, a malicious code comes coupled with very needy stuff. Like if you require a plugin to allow social media to log in, it can carry a malicious code to share your credentials to a different site too. This will create great damage to your website as well as the reputation of your brand. Also, can lead to legal actions.

It’s always better to stay away from such unverified publishers. Use a plugin only if it is inside the WordPress store or if you 100% know the developer of the plugin or you have got it developed by hiring a company or a freelancer or else if you have gone through the entire code and have found the code worth putting on your website.

Always host your website on a secure web host

One of the best solutions suggested to keep your website secure is to host it on a secure web hosting platform. A good web host ensures that fewer attacks happen on all of its hosted websites and also provides multiple mechanisms to maintain the valuable flow of genuine users.

We suggest going for CLOUDPOKO, it is one of the fastest-growing web hosting platforms and provides secure web hosting solutions. WordPress installation and use on the platform are easy and user-friendly.

The hosting provider also provides add-on layer of security to the WordPress websites.

CONCLUSION

If you are a website developer or someone who is hosting a website on the global network. It is very essential to secure your website, not only to secure your data, but also to secure your website and brand’s reputation.

If you require any consultation, you can get in touch with us, here

Reduce server response times (TTFB)

When we talk about website performance, one of the ways to improve the performance is by reducing the server response time, also known as Time To First Byte (TTFB).

The server response time is considered as the time taken to reply to a request initiated by a user. When any user sends a request to view a page on a website, the server has to do multiple operations before sending the output back to the user, it may include mathematical and logical operations. These operations take some time to execute, this time taken to respond to a user’s request is known as server response time.

For example, if a user is looking to check his transaction history for the last year, the server will have to generate a list of all the transactions done within the given time period from the database and then push it into the page. This can take time and can lead to a greater response time.

How to reduce server response time?

To reduce the server response time, one needs to follow the basic steps as mentioned below:

  • Start by identifying the core task that your server needs to perform before providing the first output.
  • Identify the task taking the longest time to complete, and then try to optimize it or if possible use a different approach to run it. For example, if you are loading blog posts, you can either load all the posts at a time or can show the latest 5 at the time of page load and do ajax calls to load the rest of them when the user scrolls the page.
  • User a good server, which provides more processing capacity, more process threads, for hosting your website. One of the good web hosting providers is CLOUDPOKO
  • If you are using a dedicated server or your own server to host your website, you should upgrade the hardware to meet the processing requirements.
  • Try to make fewer database calls as much as possible, this will reduce the server busy time. As your customer base grows, if too many database calls are done, your customers may get lags in getting responses.

To check your servers response time, you can visit – https://developers.google.com/speed/pagespeed/insights/

Here you’ll be able to check the speed of all your website pages using Google’s Lighthouse report. Analyzing the report you’ll be able to find the changes required enhance the performance of your website.

Must Read
How to enhance improve website performance
How to improve website speed

If you find this article useful, do share it on your social media feeds, it will be a great support and will help to boost our morale to bring similar posts for everyone.

How to enhance your website performance?

Website speed is a great concern now a days as it not only effects the user experience but it also makes your site score low on search engine listings.

Today I’ll discuss on how we can improve a website speed. The website speed depends totally on the content it is loading. As we know, them more content you add to the website, them more time it’ll take to load. This will reduce the website performance and will also make user feel bit hazy.

To enhance the speed of a website a developer needs to consider the below points while developing the website and its content.

  • Use a good server for hosting
  • Use minified CSS & JS files
  • Use next-gen image formats
  • Use fewer server requests
  • Make minimum animations
  • Reduce media contents on the website
  • Use SEO while writing content

Let’s deal with all the above one by one

A good server for hosting

It is always suggested to host your website on a good server. As the server plays a vital role when it comes to the performance of your website. I have noticed good websites perform bad when hosted on a slow server.

Generally, while renting a hosting service, user do not study and analyze the hosting provider, rather opt for the cheapest plan. Choosing a hosting plan this way leads to bad performance of website and also leads to lower search engine rankings. Whenever you start your website, first of all, you need to analyze your audience base, if you are looking for huge audience base, you must first create a place where these people can be served. And this is where your hosting plan matters a lot.

To understand this, let;s take an example. Say, Mr. X is an owner of a hospital in Y location. His hospital has 100 beds. To get more patients, Mr. X puts his services on a global platform. The global platform is advertised via a global advertiser. This advertiser provides him patients and thus makes his business grow.

Now, consider the hospital beds count as the capacity of server to host people at a given time, global platform as Mr. X’s website, the global advertiser as a Search Engine. The search engine will only provide a traffic of maximum 60% of the total capacity of Mr. X’s hospital capacity, as it assumes that 40% of beds are already occupied and the search engine do not want to provide irrelevant data to its customers.

So if your server is not capable of handling huge clients, search engine will reduce the flow of audience towards your website.

I’ll suggest, to go for a good plan as per your client base.
One of the best class, & fastest growing web hosting providers in India is CLOUDPOKO, you can opt for web hosting services from them.

Minified CSS & JS files

A minified CSS file is basically a .css file that contains no extra white-spaces, this reduces the file size leading to faster performance of the website.

While using a CSS file, it is a generic way of coding, where people write code in separate lines and with proper indentations. This enhances the readability of the code and makes it easier to understand. But, at the same time, it increases the file size, which leads to the lower performance of the website.

Websites are over the internet, whenever anyone opens a website, s/he first downloads the code to his/her device. After the download is completed, it is further compiled/interpreted on his/her device and then the output is shown to the user. The entire process takes place while you hid a website and you see the loader spin around.

So, a bigger CSS or JS file can lead to more downloading time, leading to more loading time and thus reduced performance.

It should be noted that a website can save 20% to 30% of load time by minifying the CSS and JS files being used.
If you are looking for tools to minify your JS and CSS codes, you can go for online tools. The one I suggest is https://www.minifier.org/

Next-gen image formats

Use of next-generation image formats can reduce lot of loading time. This helps in high resolution image delivery on the cost of low bandwidth utilization.

JPEG 2000, JPEG XR, and WebP are image formats that have superior compression and quality characteristics compared to their older JPEG and PNG counterparts. Encoding your images in these formats rather than JPEG or PNG means that they will load faster and consume less cellular data.

Using these image formats will also help you save the space of the server, which means you can store more data at the same cost.

To know more about next-gen image formats, you can visit – https://web.dev/uses-webp-images/

Fewer server requests

Whenever a page is loaded, there are several requests generated to the server, which is either for database queries or for mathematical or logical operations. The more the server requests are involved, the more time server will take to process them. It will lead to more wait time and hence more turn-around-time(TAT) and total-blocking-time(TBT).

There are several articles to reduce the TAT and TBT of your website. Must read – How to reduce your website TBT

Make sure to reduce or optimize the server request count as much as possible, as it can create more wait time when the user count increases and can even lead to denial of service in some heavy traffic scenarios.

Minimum animations

Animations are handled by JS and CSS over web based applications, all these are handled by Web Browsers. If your website contains too much of animations, a dependency over web browser is created. If the performance of your end user’s device is not too good, your website’s animation will not be delivered with 100% efficiency leading to slow performance and cracked animations.

It is always suggested to create a moderate level of animations on a website unless it is highly required to go beyond this level.
Search engines takes these things seriously too. Your search engine ranking may get down due to too much of animations as it requires too much of code, both in JS and CSS, leading to increased website weight and lower user experience.

Try putting simple and standard animation on your website, which can make it more engaging and more user friendly, and at the same time friendly for search engines too.

Reduce media contents on the website

Media files are loaded in two different ways on a website, either linking them directly from the same server or by embedding them from a different website. in both the cases, loading time of media files depend on the server response time. Response time of the server hosting the media file.

It is advised to keep less number of media files on each page of website as it can lead to decline in page load index. It will also make end user feel hazy if the response time for media load is higher.

Also, the more number of media files on a single page, the more cellular data needs to be used to download them and view them.

To understand this, let’s take an example of a website showing a 10 MB .pdf file on its home page itself. Say, I am using an internet with a bandwidth of 1 MB per second, the website will take around 10 seconds to get downloaded on my device, as the pdf file is of 10 MB. Similarly, consider if I keep a link of the pdf instead of loading the pdf file on the home page, it will save me 10 MB of data. and hence improve the performance of my website.

Use SEO while writing content

At the time you begin writing content for your website, make sure you put proper SEO concepts in the content itself. It not only enhances your search engine visibility but also makes it friendly for people to find and share it with others.

The more people reach to your website the better ranking over search engines , also, the more prospects you get on your website, the more leads and conversions can be done.

If you will like to know more about SEO scripting, you must visit https://schema.org/

Conclusion

At last, I’ll like to take your attention towards understanding the fact that the more you focus on content and the more your focus on your website performance, the better is your website ranking on search engines. Which again puts traffic back to your website leading to more engagement and more prospecting.

Performance of a website must be considered on both speed factor as well as the search engine factor.

If in case you like the article, you can help us by sharing it to your social media feeds, it’ll boost our enthusiasm and we will be encouraged to provide more such contents.

Desktop Application

Our desktop application development skills can become your ground for building the application which will delight your customers with the rich functionality, speed of work and user-friendly interface. We are the team of professionals who can create groundbreaking desktop solutions from scratch, modernize your legacy solutions, create custom middleware for connectivity of your enterprise applications thus making your business process agile and effective.

DESKTOP APPLICATION DEVELOPMENT

We have experience in creating boxed and licensed solutions for various platforms in our portfolio. With us, your next market-winning product will be in good hands because we have all the in-house capabilities including analysts, architects, UX/UI specialists, engineers and QA to success in such projects.

RESEARCH & DEVELOPMENT

Have an innovating idea that needs further research and development to find a proper technological solution and implementation? We can help. M/s VIKASH TECH has already completed many technical achievements with sophisticated yet effective software and middleware for the desktop platforms.

DESKTOP SOFTWARE MODERNIZATION

Do you feel like your legacy application restricts the company’s productivity or decreases users’ retention rate? Outdated software can cause many issues for your business including security and stability issues. M/s VIKASH TECH can modernize old desktop software or redo it from scratch using cutting-edge technologies.

DESKTOP SOFTWARE INTEGRATION

The proper data transfer and workflow functioning across enterprise IT environment is crucial for the effectiveness of modern distributed systems. We are capable of creating a complex integration solution and adding to make all your business solutions effectively and flawlessly work as a single system.

API DEVELOPMENT

M/s VIKSAH TECH provides API development services for the existing software solutions to ensure better connectivity across various solutions and services. With all our previous experience, we have accumulated the know-how needed to create APIs that will help your product to become a part of any software ecosystem.

After years of the desktop software development for enterprise customers from the various industries including manufacturing, healthcare, energy, education and many other we have accumulated the experience needed to enrich your project with our knowledge and to make the contribution to the success of the product among consumers or within your organization.

Get in touch with us and we will ensure proper software development for you. Click here

Online Support

What is technical support?

Online tech support is assistance provided to customers online (over the web). It helps customers solve technical problems or issues that they are experiencing with electronic devices or software.

How do we offer technical support?

Live tech support is delivered through different channels. For instance; email, phone calls, or online tech support chat. In order to provide excellent technical support, we use a ticketing system which is an online tool to lodge a ticket from anywhere and our team gets back to you in no time.

What parts does our technical support software consist of?

Mail

Every ticket raised is properly distributed among our team so that the response time is reduced and the user also gets a confirmation of the ticket raised. Once any update is done on the ticket, it is again notified to the client, to make the work more transparent and user friendly.

Tech support Chat

We provide support over WhatsApp/Facebook/Signal chats too. Once you raise a ticket, to make it more user friendly, we make sure that the client is communicated properly on each stage of time. And clearity of the work is even more necessary at each point in time. To ensure faster service, we do provide chat support over social networks.

Calls

The fastest way out to clear any doubt or query, or to make the issues more clear we interact with clients directly over calls too. This helps us serve the clients in the fastest possible way.

Contact forms

We do have contact forms available where a client can raise an indent and our team will get in touch with the client using the above-mentioned mode to rectify the issues/queries.

Feedback

We provide feedback forms to all our clients to provide their reviews/feedback on the service they received. This makes us in improving the quality of service for each and every client. We take feedback very seriously.

Are you looking for online tech support services?
Get in touch with us here

Organizational Server Setup

Companies depend on their server infrastructure for most IT functions, including data storage, hosting websites, emails, and applications. While many businesses have shifted to cloud services using servers located in enormous, distant data centers, a significant number of organizations still have in-house servers or use a hybrid environment of in-house and cloud services to host server data requiring management. Managing a server, whether in-house or in the cloud, means staying on top of hardware, software, security, and backups.

We help companies to setup their own infrastructure and setup their own server for better security and better productivity. We have noticed big MNCs and firms prefer setting up their own server for purpose of hosting their software or storing data etc.

If you are a firm and looking forward to setup your own infrastructure for your company IT wing, get in touch with us today! We will help you properly plan and setup your organizational server setup to make your firm future ready, secure and more productive.

We do help in setting up the entire setup which includes network setup, server and client machines setup and finally the software setup for your servers and client machines.

Add-ons – if you are looking for some customized tools to make your business more productive, or if in case you have an idea to build a software for your firm, we do work on software development too.

We can give you a “turn-key” solution to all your organizational server setup requirements. Get in touch with us today.

Connect with us here

Simply – Connect: WhatsApp Messaging Plugin For Website

Simply-Connect : WhatsApp Messaging Plugin is easy to set up and use a plugin for all kinds of websites. It can be used on a normal website by simply copying and pasting a snippet or in a WordPress website, using the plugin.

How it works?

WhatsApp Messaging plugin helps your users to connect with you directly from your website by simply clicking on the WhatsApp icon on your website.

WhatsApp Icon on the bottom right of your website.

When any user clicks on the WhatsApp Icon, s/he is asked for basic information and then s/he is forwarded to WhatsApp with your chat inbox.

The three basic questions include

The answers to the above questions are sent to you over WhatsApp.

Check the Plugin in Action -> https://cloudpoko.com

Installation

To install the WhatsApp Messaging Plugin into your website you need to follow the below steps:

  • Copy the code below and paste it into the footer of your website. Make sure you paste it above the closing body tag.
<script type="text/javascript" src="//vikashtech.com/CDN/special.js"></script>
<script type="text/javascript">
    let social = new Social;
    social.showWhatsApp('Your-whatsapp-number-goes-here');
</script>
  • Now, in the above snippet, put your WhatsApp number in place of Your-whatsapp-number-goes-here. Make sure you put your country code before your number and do not include “+” before it. Eg. 918989161520
  • No special characters should be used between numbers.

If you want to install it on your WordPress website, you can download the WordPress plugin here

To install it, go to the Plugins section of your WordPress Admin Dashboard, Choose Add New, and choose Upload plugin, In the upload section choose the file downloaded and then click Install Now.

Now go to the Simply Connect section in the WordPress Admin Dashboard, and enter your WhatsApp number and save it.

You are now ready to go.
Go to your website user view and check.

Want to change the styling?

if you are looking to change the styling, or you are looking to change the location of the icon, you can do it by simply passing CSS styling as the second parameter as shown below:

social.showWhatsApp('Your-whatsapp-number-goes-here','height:100px; width:100px;');

If you are still facing issues, you can write to us at support@vikashtech.com

Coming Up

  • Change questions as per your requirements
  • Get your enquiries exported in csv format.
  • Complete dashboard for monitoring your enquiries.
  • Automatic email to all the enquiries.
  • Email Template setup.

And a lot more….
All this will come directly to your website without making any changes in your code… Stay tunned…

How to improve Website Page speed?

What is Page Speed?

Page speed is generally confused with “website speed”, which is wrong. Page speed is specific to a Page and not to the entire website. It can be understood as the “loading time of a page” (the time it takes to fully display the content on a specific page) or “time to first byte” (how long it takes for your browser to receive the first byte of information from the webserver).

You can evaluate your page speed with Google’s PageSpeed Insights. PageSpeed Insights Speed Score incorporates data from CrUX (Chrome User Experience Report) and reports on two important speed metrics: First Contentful Paint (FCP) and DOMContentLoaded (DCL).

SEO Best Practices

Google has indicated site speed (and as a result, page speed) is one of the signals used by its algorithm to rank pages. And research has shown that Google might be specifically measuring time to the first byte as when it considers page speed. In addition, a slow page speed means that search engines can crawl fewer pages using their allocated crawl budget, and this could negatively affect your indexation.

Page speed is also important to user experience. Pages with a longer load time tend to have higher bounce rates and lower average time on page. Longer load times have also been shown to negatively affect conversions.

Here are some of the many ways to increase your page speed:

Enable compression

Use Gzip, a software application for file compression, to reduce the size of your CSS, HTML, and JavaScript files that are larger than 150 bytes.

Do not use gzip on image files. Instead, compress these in a program like Photoshop where you can retain control over the quality of the image. See “Optimize images” below.

Minify CSS, JavaScript, and HTML

By optimizing your code (including removing spaces, commas, and other unnecessary characters), you can dramatically increase your page speed. Also remove code comments, formatting, and unused code. Google recommends using CSSNano and UglifyJS.

Reduce redirects

Each time a page redirects to another page, your visitor faces additional time waiting for the HTTP request-response cycle to complete. For example, if your mobile redirect pattern looks like this: “example.com -> www.example.com -> m.example.com -> m.example.com/home,” each of those two additional redirects makes your page load slower.

Remove render-blocking JavaScript

Browsers have to build a DOM tree by parsing HTML before they can render a page. If your browser encounters a script during this process, it has to stop and execute it before it can continue. 

Google suggests avoiding and minimizing the use of blocking JavaScript.

Leverage browser caching

Browsers cache a lot of information (stylesheets, images, JavaScript files, and more) so that when a visitor comes back to your site, the browser doesn’t have to reload the entire page. Use a tool like YSlow to see if you already have an expiration date set for your cache. Then set your “expires” header for how long you want that information to be cached. In many cases, unless your site design changes frequently, a year is a reasonable time period. Google has more information about leveraging caching here.

Improve server response time

Your server response time is affected by the amount of traffic you receive, the resources each page uses, the software your server uses, and the hosting solution you use. To improve your server response time, look for performance bottlenecks like slow database queries, slow routing, or a lack of adequate memory and fix them. The optimal server response time is under 200ms. Learn more about optimizing your time to first byte.

Use a content distribution network

Content distribution networks (CDNs), also called content delivery networks, are networks of servers that are used to distribute the load of delivering content. Essentially, copies of your site are stored at multiple, geographically diverse data centers so that users have faster and more reliable access to your site.

Optimize images

Be sure that your images are no larger than they need to be, that they are in the right file format (PNGs are generally better for graphics with fewer than 16 colors while JPEGs are generally better for photographs) and that they are compressed for the web.

Use CSS sprites to create a template for images that you use frequently on your sites like buttons and icons. CSS sprites combine your images into one large image that loads all at once (which means fewer HTTP requests) and then display only the sections that you want to show. This means that you are saving load time by not making users wait for multiple images to load.

Need web hosting? CLOUDPOKO is the best place for you!

Having a website is crucial, especially if you are serious about building a web presence. 

To create a website— and you probably know this, given you are reading this best hosting article— you need at least two things: A hosting solution and a domain name.

You can buy a domain name from any provider (some web hosting companies give free domain registration offers too, be sure “nothing is free, you will be charged somehow!”). But when it comes to hosting, you need to be more aware.

Remember, your web hosting services are the foundation of your website. No matter whether you’re a medium-sized business or a local florist, you’re going to want the best website hosting to win in the market. And to help you find an ideal hosting for your website.

Why does website hosting matter?

The web hosting provider you choose, as well as the type of plan you sign up for, can have a huge impact on your website’s performance. For example, many small business owners choose to go with a shared hosting plan – both for its affordability and its ease of use. And that’s a totally fine choice if you anticipate less than 1,000 visitors per day.

But if you have a thriving business that attracts a large amount of traffic or your website requires a lot of data for things like streaming videos or custom apps, a simple hosting plan isn’t going to cut it. The limited bandwidth and RAM will cause your site’s performance to suffer, and users to have a poor experience.

CLOUDPOKO is one of the best in class web hosting services provider in INDIA. You get fast, reliable, and pocket-friendly hosting from them.

Coming to the support offered by the team, we have seen a quick response and faster resolution of problems. They do not sayYour request has been taken and will be resolved within 72 hours“, as is said by other hosting providers.

To checkout hte latest plans and service offerings, visit here

Why use Smarty? Benefits & Losses

Smarty is a templating engine, as everyone knows. It has a big market and is being used by companies like WHMCS for building great tools. It’s a great tool to be used in the development of projects of small and big levels.

Today, we are going to discuss about its benefits and losses. Who should prefer using smarty in his/her project and who should stay away and continue with PHP itself.

Some might argue that Smarty does what PHP can do already: separate the presentation from business logic. The PHP programming language is great for code development but when mixed with HTML, the syntax of PHP statements can be a mess to manage. Smarty makes up for this by insulating PHP from the presentation with a much simpler tag-based syntax. The tags reveal application content, enforcing a clean separation from PHP (application) code. No PHP knowledge is required to manage Smarty templates.

The importance of this separation is situational. It is commonly more important to web designers than it is to PHP developers. Therefore, Smarty is commonly a good fit when the roles of developers and designers are separated. There is no right or wrong answer: every development team has their own preferences for managing code and templates. Aside from a clean tag-based syntax, Smarty also offers a wide variety of tools to manage presentation: granular data caching, template inheritance and functional sandboxing to name a few. Business requirements and the PHP code Smarty is being used with will play a large role in determining if Smarty is a good fit.

In cases where efficient template management is crucial or the case where web designers (not PHP developers) are managing templates, the strengths of the tag-based template syntax are quickly realized. If the project size scales to hundreds or thousands of templates, template inheritance keeps template maintenance streamlined. What little Smarty adds technically (a tag-based syntax + 1-time compile step) is easily overcome by the time saved with template maintenance.

People who are looking for development of projects that can use multiple themes should opt for smarty and can do lot of good work with it. As I mentioned before, it is a template engine that can help you in keeping your PHP and Theme Files separate.

Who should not go for smarty?

People who do not want to implement separation in presentation and functional layers of the project should not look for Smarty.

People who are always looking for great community for support on programming languages and need lot of documentation on it, should not opt for it. Smarty has its own community and large documentation too but it can be a bit confusing if you require an instant action / solution, as you will not get a smarty developer easily.

Smarty is clearly not meant for every project. It is just one solution for managing the presentation of your PHP applications. Your business requirements along with your development team preferences will largely decide of Smarty is a good fit. Be sure to read All about Smarty, Use Cases and Work Flow, Template Inheritance and Syntax Comparison. And of course, install Smarty and give it a try.

WordPress best practices to make your website fast, user-friendly, and more reliable.

We know you’re going to take on some incredible work next year, so before you get too crazy with new clients or preoccupied with projects, take the time to make your existing sites and workflow shine! Your WordPress website can be taken to a better performance level and can become more usable following a few best practices.

We have jotted down some of the best practices to make our work simple. Read the article to explore more.

1. Always make site updates in a test environment

This first tip earned the number one spot on my list for a very important reason: You should keep it in mind for everything else we’re going to talk about.

When you make changes directly to your live site, you run the risk of something causing your site to crash. And if your site is tied to your business, downtime is critical to avoid at all times, as that could mean a loss in sales.

To eliminate this unnecessary risk, you can use a test environment to update your WordPress site. For quick fixes, a staging site would work well. If you’re testing functionality or brand new site design, I recommend a local environment. If you haven’t worked with a test environment before, try setting up a local environment on a local machine to play with the stuff.

2. Get to know the Gutenberg editor (WordPress 5.0)

WordPress 5.0 was released at the end of 2018, which introduced the Gutenberg editor. Even if you’re planning to use the Classic Editor Plugin for a while (which will be supported until December 31st, 2021), it’s worth getting to know our new friend Gutenberg this year.

I recommend setting up a local WordPress site running version 5.0, so you can safely experiment with the new editor without any risk to your real site.

If you’re a content creator, try creating a new post with Gutenberg so you can see how it feels to use blocks. You may also get a few new ideas for formatting future articles!

If you’re a developer, you can import a copy of your live site into your local environment, and then update to WordPress 5.0 to do some troubleshooting. This will allow you to see how your site’s existing content reacts to Gutenberg, so you can put a plan in place to update the live site.

3. Update your themes and plugins

This WordPress tip is nothing new, but it’s so important that it’s worth including in any best practice list! Now’s the perfect time to audit your themes and plugins to make sure they’re up to date and running as they should be.

While it may feel tedious to run through all the sites you manage just to update these things, it’s incredibly important for both site speed and security. Outdated versions may have vulnerabilities that put the site at risk and imagine how much more time it’s going to take to fix a site with malware.

4. Make sure your sites are mobile-friendly

This best practice also isn’t new, but it remains incredibly important: Your website needs to be fully responsive and mobile-friendly.

If you’re using well-maintained WordPress themes and plugins that are up to date (which, according to the last tip, you should be!), there’s a decent chance your site automatically performs pretty well on smaller screens. (Thanks, WordPress developers!)

If you’re running a custom site design, however, you might have to think a little more intentional about making sure your site is mobile-friendly. And again, if you identify any changes you need to make, test them in a local environment or staging site first. Otherwise, site visitors might stumble across a pretty weird experience on your site while you’re in the middle of updates!

5. Add SSL certificates to every site

There was a point in time where SSL certificates were only considered important for certain types of sites, like eCommerce shops or online bank portals that were handling sensitive client information. Today, however, having an SSL certificate on your site is considered a best practice, even if you’re just building a personal blog.

Google has even started flagging sites without an SSL certificate as “not secure,” which is definitely not something you want showing up on your website.

If you don’t have an SSL certificate installed, start with your hosting provider. Many will actually provide SSL certificates (a common benefit of managed WordPress hosts). CLOUDPOKO offers Simple SSL, a free certificate powered by Let’s Encrypt, for every site.

6. Find your favorite tools

This tip is all about helping you have a more productive and efficient year when it comes to building sites for clients. One of the best ways to improve your workflow is to simplify the number of WordPress themes, plugins, add-ons, apps, extensions, etc. that you use.

Sure, there will always be new challenges to solve and unique site requirements but do a little audit of all the tools you use. Is there any overlap? Can you simplify?

For example, when it comes to WordPress themes, do you have a single framework you always start from? Or maybe a theme company you trust? Or does every new site design require a bunch of research time to identify a brand new solution?

If you haven’t found your favorite tools yet, that’s okay. But make sure you increase efficiency by defining your go-to options, so researching a custom solution is the exception, not the rule.

7. Involve your clients in the design and development process

There’s almost nothing worse than making a ton of progress on a project, only to find out the client isn’t happy about a major part of it. This year, prioritize client feedback regularly throughout the project, to ensure everyone is always on the same page!

When you’re onboarding a new client, take the time to get to know their business, what they like/dislike about other websites, and their goals for the year. Using a client questionnaire can help standardize that process so you don’t forget anything in the first stage of a project!

Once the project is in motion, check in with your client during different phases, including wireframes, mockups, development, etc. If you’re using Local to build the site, you can even send clients a link to the site on your machine, giving them a chance to preview a working version.

By getting feedback early on, you’ll prevent major changes down the road and keep your clients smiling!

Following the above simple steps, you will be able to make your WordPress based website more worth it.
Keep Developing And Keep Learning!

Software Development after Covid-19: A requirement not a choice.

The COVID-19 has turned consumer behavior inside out. We order groceries online and takeout from restaurants. Retailers offer online ordering with no-contact pickup. Students take their classes at the kitchen table. All of these are stark reminders that digital business is now a requirement, not a choice.

The pandemic will pass at some point — but the impact of new behavior patterns will live on. The figure below explores just some of the changes we believe can turn chaos into a catalyst for change—and enable businesses to leap forward.

Reimagining software engineering

Naturally, these shifts will force changes in the way businesses approach software engineering. To adapt to new behavior patterns, companies must reimagine the way they build software. There is a plethora of architectures, design patterns, technologies, infrastructure possibilities, and development methods from which to choose. Regardless, building resilient, highly adaptable software requires three strategic imperatives:

A cohesive business and software product strategy. 

The pandemic drives home the fact that software is now core to every business in every industry. The goal is to create software products built with customer needs in mind.

Organizations must ask themselves several questions as they revisit their software strategy. Can customers do business with us anytime, anywhere? Do we have the right channels of engagement (browser, mobile app and voice, for example)? Is the experience so intuitive that customers can use it with little or no training? (To get an honest answer, we advise enterprises to look beyond power users and their usual digital-channel customers to their Great-Uncle Seymour, who’s hardly tech-savvy but has been suddenly thrust into an online world.) Finally, is the customer experience both functional and elegant?

A robust, secure and scalable cloud strategy. 

The question isn’t whether to move to the cloud; most companies are already somewhere on that journey. The more pertinent question is how to get the most value from the cloud. Considerations here include: Can our applications take full advantage of cloud-scale, automation and elasticity? For businesses that are simply lifting and shifting monolithic applications to the cloud, the answer is no; to answer yes, they need a cloud-friendly or cloud-native application architecture.

Moreover, enterprises must ask if their applications are secure. Cloud-native architectures make deployments more distributed, and therefore more complex. An honest “yes” answer requires a holistic approach to security, with technologies that can secure thousands of containers and web application firewalls or more sophisticated runtime application self-protection.

The final question here: Can we detect and resolve issues quickly enough to avoid a major loss of revenue and customer trust? Application monitoring (observability) and troubleshooting support are important for all complex, distributed applications – and especially for cloud deployments.

Transforming while performing

As the COVID-19 pandemic subsides, the strongest businesses will be the ones that get these recommendations right. We recommend that businesses get a head start now by:

  • Stepping up transformation and modernization efforts in digital channels and supply chains. If organizations don’t already have a digital channel for customers and suppliers, they should start building one immediately so they can respond swiftly to new business patterns. Within these channels, internal and external access should be treated the same way, ensuring that authorized users can access them anytime, anywhere.
  • Accelerating cloud migration and modernization to take advantage of cloud scale, automation and elasticity. Companies should set their sights beyond simply shifting applications to the cloud, which provides limited benefits. Instead, it’s important to modernize legacy applications by re-factoring monolithic code into microservices, thus reducing the time required to adapt to new user needs. Businesses should think about application security holistically rather than focusing on edge security alone.
  • Tapping into a global workforce – either directly or by partnering with an IT service provider with established processes and a culture for working anywhere, anytime. 

A black swan event, while tragic for many, always brings opportunity for those who are able to see it. As the world continues to address the COVID-19 crisis, forward-looking organizations will alter course to continue to address customer needs.

For more information, contact us.

Total Blocking Time (TBT): How it affects your website?

It’s great to create a website and move your business online. Almost everyone does the same but there are certain things that you don’t notice while you start with your awesome world of internet. One of them is Total Blocking Time (TBT)

The total blocking time is the matrix that is used to consider the performance of the website.

Total Blocking Time (TBT) is a time based metric that describes JavaScript main thread activity. It is useful for understanding how long a page is unable to respond to user input.

TBT is designed to be more reliable than Time to Interactive, which can show more variation due to rogue JavaScript tasks.

How is Total Blocking Time calculated?

Total Blocking Time totals the duration ”blocking period” of long JavaScript tasks that occur after First Contentful Paint and before Time to Interactive. The blocking period is the duration of a task that is over 50ms. For example, a task that is 120ms in duration will be calculated as 70 ms of blocking time.

The total blocking time for 2 tasks of 120 ms and 75 ms will be 95 ms.

What Total Blocking Time measurement is fast?

Pages with < 300 ms of blocking time can be considered as fast, 300—600 ms as average whereas durations over 600 ms are considered slow. Learn more about Total Blocking Time.

Good TBT MeasurementPoor TBT Measurement
≤ 300ms> 600ms

How to reduce Total Blocking Time ?

To learn how to improve TBT for a specific site, you can run a Lighthouse performance audit and pay attention to any specific opportunities the audit suggests.

To learn how to improve TBT in general (for any site), refer to the following performance guides:

Apply for Internship

We have opened up for Interns

Our team has opened up for internship at our Patna, Bihar office location for students who have elementary knowledge of web based technology and are looking for getting experience in industry level development skill sets. Please go through the details here and connect with us in case you require any clarification on the same.

You can apply for Internship here


    Search EngineSocial MediaFriend or FamilyPrint Media

    The 5 Best Programming Languages in 2020

    It’s a great confusion to choose a programming language when it comes to either learning or developing a tool. There are hundreds of programming languages in widespread use, each with its own complexities and idiosyncrasies.

    As you start working with software development, you actually start understanding and discovering which programming language will be most suitable for you, your interests, your business, and your career goals.

    In the list below, we are going to discuss the best and most in-demand programming languages for many of the most common use cases including web development, mobile development, game development, and lot more.

    1. JavaScript

    While talking about JavaScript, I can simply say that it’s the language that one way or the other has a presence in every sector of software development. It’s impossible to be a software developer without using JavaScript these days. According to Stack Overflow’s 2019 Developer Survey, JavaScript is the most popular language among developers for the seventh year in a row. Nearly 70 percent of survey respondents reported that they had used JavaScript in the past year.

    Along with HTML and CSS, JavaScript is essential to front-end web development. A majority of the web’s most popular sites, from Facebook and Twitter to Gmail and YouTube, rely on JavaScript to create interactive web pages and dynamically display content to users.

    Although JavaScript is primarily a front-end language run on the browser, it can also be used on the server-side through Node.js to build scalable network applications. Node.js is compatible with Linux, SunOS, Mac OS X and Windows.

    Several new technologies have also came up using JavaScript like React.js which are capturing the market.

    Because JavaScript has a forgiving, flexible syntax and works across all major browsers, it is one of the friendliest programming languages for beginners.

    2. Swift

    If you’re interested in Apple products and mobile app development, Swift is a good place to start. First announced by Apple in 2014, Swift is a relatively new programming language used to develop iOS and macOS applications.

    Swift has been optimized for performance and built from the ground up to match the realities of modern iOS development. Not only does iOS run on every iPhone and iPad, but it’s also the basis for other operating systems such as watchOS (for Apple Watches) and tvOS (for Apple TVs). In addition, Apple isn’t going anywhere as a tech industry leader, and iOS apps continue to be the most profitable in the mobile app marketplace.

    3. Scala

    If you’re familiar with Java—a classic programming language in its own right—it’s worth checking out its modern cousin, Scala. Scala combines the best features of Java (such as its Object Oriented Structure and its lightning-fast JVM runtime environment) with a modern twist.

    As a functional programming language, Scala allows engineers to elevate the quality of their code to resemble pure math. Scala allows for concurrent programming, allowing complex procedures to be executed in parallel. Furthermore, it is a strongly typed language. Engineers can create and customize their own data types, allowing them to have the peace of mind knowing entire swaths of bugs are impossible at runtime.

    4. Python

    Python is perhaps the most user-friendly programming language of any on this list. It’s often said that Python’s syntax is clear, intuitive, and almost English-like, which, like Java, makes it a popular choice for beginners.

    Also like Java, Python has a variety of applications that make it a versatile, powerful option when choosing the best programming language for your use case. If you’re interested in back-end web development, for example, then the open-source Django framework, written in Python, is popular, easy to learn, and feature-rich. Django has been used in the development of some popular sites like Mozilla, Instagram, and Spotify.

    Python also has packages such as NumPy and SciPy that are commonly used in the fields of scientific computing, mathematics, and engineering. Other Python libraries such as TensorFlow, PyTorch, scikit-learn, and OpenCV are used to build programs in data science, machine learning, image processing, and computer vision. Python’s science and data applications make it a great choice for the academically inclined.

    5. Go

    One of the core languages favored by Google, Go is the little language that could. As a low-level language, Go is ideal for engineers who want to enter the field of systems programming. It encompasses much of the same functionality of C and C++ without the difficult syntax and steep learning curve. It’s the perfect language for building web servers, data pipelines, and even machine-learning packages.

    As a compiled language, Go runs “close to the metal,” allowing for a blazing-fast runtime. It’s an open-source language, and ambitious developers can see their personal contributions adopted and enjoyed by programmers worldwide.

    Session Hijacking

    While working with codes, the biggest issues which comes in picture is the security. There are multiple ways to secure your code from known threats, one on them is session hijacking.

    What is session hijacking?

    Well, session hijacking, in simple words can be understood as someone else showing your ID card to enter inside your premises.

    Every time, when a client connects with server, s/he is provided with a unique session ID. This session ID is used for all the communications between the user and server.

    Session hijacking is a TCP security attack on user session over a network. This is generally called as man-in-middle attack, as someone sitting between the client and server looks for the session details and then presents herself / himself as the client to the server.

    There are a few common methods of session hijacking

    • IP spoofing
    • Cross site scripting
    • Packet sniffing
    • Bind attack

    IP Spoofing

    Spoofing simply means pretending to be someone else. This is a technique used to gain unauthorized access to the computer with an IP address of a trusted host. In implementing this technique, attacker has to obtain the IP address of the client and inject his own packets spoofed with the IP address of client into the TCP session, so as to fool the server that it is communicating with the victim i.e. the original host.

    Cross site scripting (XSS)

    Attacker can also capture victim’s Session ID using XSS attack by using JavaScript. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and completes the instructions made by the attacker.

     <SCRIPT type="text/javascript"> 
    var adr = '../attacker.php?victim_cookie=' + escape(document.cookie);
    </SCRIPT>

    Packet sniffing

    Packet sniffing is a way of session hijacking similar to IP spoofing. In this an attacker sniffs into the network and finds a way to get the session ID packets between a user and server. Once the session details is retrieve by the attacker, s/he hits the server with the same session details and pretends to be the actual client.

    This can be done using tools like packet sniffer.

    Attacker Sniffing for Session ID
    Attacker using session ID to gain access

    In the above figure, it can be seen that attack captures the victim’s session ID to gain access to the server by using some packet sniffers.

    Blind Attack

    If attacker is not able to sniff packets and guess the correct sequence number expected by server, brute force combinations of sequence number can be tried.

    Security

    To defend a network with session hijacking, a defender has to implement both security measures at Application level and Network level. Network level hijacks can be prevented by Ciphering the packets so that the hijacker cannot decipher the packet headers, to obtain any information which will aid in spoofing. This encryption can be provided by using protocols such as IPSec, SSL, SSH etc. Internet security protocol (IPSec) has the ability to encrypt the packet on some shared key between the two parties involved in communication. IPsec runs in two modes: Transport and Tunnel.
    In Transport Mode only the data sent in the packet is encrypted while in Tunnel Mode both packet headers and data are encrypted, so it is more restrictive.

    Session hijacking is a serious threat to Networks and Web applications on web as most of the systems are vulnerable to it.

    At Network Level – You can implement SSL for allowing users to access website with https. You can add firewalls and add rules to secure you from attacks. The firewalls will also help you create tunnel for data transfer. You can use VPN for more secure network.

    At Application Level – You can implement single session concept, this will ensure only a single session ID, that to from a single IP is accessing the server. You can reset sessions in a fixed interval of time and can encrypt all the data before sending it to client. Also, to prevent Cross site scripting(XSS), you can strip tags, can use X-XSS-Protection Header in your code, and multiple other options are there.

    You can understand how to secure your network here

    How to write generic codes ?

    I have been working with students, interns and lot of great developers of future. It has always been a concern at beginning and intermediate stages to write generic codes for functionalities that are used multiple times in a project, or even sometimes when the same functionalities has to be built in different projects.

    This building of generic codes have led to multiple good and bad options. It cannot be said that there are fixed parameters to build generic codes. Still, for the sake of understanding the way of digging out generic codes, I have jotted down some basic points below. If you are a serious developer, you will take away the good for you stuff.

    Way-point 1

    First of all, you need to start thinking from the small point but you need to keep a satellite vision on everything.

    What I suggest to coders, is to develop the basic functionalities first. Separately, and with clean codes. Written with good comments of everywhere.

    Let’s begin with a simple statement to showcase data from database.

    This is not the best way of doing it. It’s for understanding purpose only

    <?php
     //For connection with database 
     $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');
    
     // Creating query for fetching data from "user_details" table
     $query = "SELECT * FROM `user_details`";
    
     //Executing query and storing data in $result variable.
     $result = mysqli_query($connection, $query);
    
     //checking if we get some result
     if($result){
        //If some result comes, we will iterate it and send the same as output
        while($row = mysqli_fetch_array($result)){
          //showing output as object
          print_r($row);
        }
     }
     
    ?>

    Way-point 2

    Once you are done coding the basic part. You can move forward with doing the changes. The changes that we are going to discuss below might first seem to be a bit confusing and multiple questions may arise in your mind. Digest them for a while, and as we go forward, all of them will be clarified.

    As the basic part is developed, we need to change the basic part into functions (reusable codes), so that we can call them from anywhere just by hitting it’s name.

    <?php
     //For connection with database 
     $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');
    
    //Function to fetch data
    function fetchData(){
     // Creating query for fetching data from "user_details" table
     $query = "SELECT * FROM `user_details`";
    
     //Executing query and storing data in $result variable.
     $result = mysqli_query($connection, $query);
    
     //checking if we get some result
     if($result){
        //If some result comes, we will iterate it and send the same as output
        while($row = mysqli_fetch_array($result)){
          //showing output as object
          print_r($row);
        }
     }
    }
    //Calling the above function to show data.
    fetchData();
     
    ?>

    The above code is just to suggest “Convert basic part as a reusable code”.
    Now, once you are done with it, we can move forward with making further changes and using the function for different purposes.

    Way-point 3

    Using same function for multiple queries can be done by parameter passing. To do this, you need to find out the parts inside the function that can be changed to provide different outputs.

    In our case, we can change the query to fetch data from different table.
    We can also change the query to fetch filtered data from database, using WHERE clause.
    We can setup different way of outputs from the same function.

    Let’s see how we can do this.

    <?php
     //For connection with database 
     $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');
    
    //Function to fetch data
    function fetchData($tablename, $clause ="", $output){
     // Creating query for fetching data from "user_details" table
     $query = "SELECT * FROM `".$tablename."` ".$clause;
    
     //Executing query and storing data in $result variable.
     $result = mysqli_query($connection, $query);
    
     //checking if we get some result
     if($result){
        //If some result comes, we will iterate it and send the same as output
        while($row = mysqli_fetch_array($result)){
          if($output == 'option'){
            echo "<option value='".$row['name']."'>".$row['name']."</option>";
          }
    
          if($output == 'object'){
            //showing output as object
            print_r($row);
          }
        }
     }
    }
    //Calling the above function to show data.
    fetchData('user_details', 'WHERE `sno`=1', 'option');
     
    ?>

    In the above code, you can see how the function above has been changed to be used for fetching data from any table setting up clauses and output standers too.

    Way-point 4

    Once you are done converting the functions to dynamic and reusable ones, you can now move forward spiting the code in different pages and using only the ones needed at a fixed time span.

    Splitting code into different pages will not only help in making it more readable but also will keep it optimized and enhance the performance of the server.

    Before we end, I’ll suggest you to keep security of your codes too. Make sure that you use proper filtering of data and safeguard yourself from attacks.

    A simple way of filtering data before sending it to your MySQL is by using mysqli_real_escape_string(), You can use it in reusable one too.

    <?php
     //For connection with database 
     $connection = mysqli_connect('localhost','database_user','database_password', 'database_name');
    
    //function for filtering and checking if not empty
    function _f($inp){
     if(!empty($inp)){
      return mysqli_real_escape_string($connection, $inp);
     }else{
      return false;
     }
    }
    
    //Function to fetch data
    function fetchData($tablename, $clause ="", $output){
     // Creating query for fetching data from "user_details" table
     $query = "SELECT * FROM `".$tablename."` ".$clause;
    
     //Executing query and storing data in $result variable.
     $result = mysqli_query($connection, $query);
    
     //checking if we get some result
     if($result){
        //If some result comes, we will iterate it and send the same as output
        while($row = mysqli_fetch_array($result)){
          if($output == 'option'){
            echo "<option value='".$row['name']."'>".$row['name']."</option>";
          }
    
          if($output == 'object'){
            //showing output as object
            print_r($row);
          }
        }
     }
    }
    //Calling the above function to show data.
    fetchData('user_details', 'WHERE `sno`=1', 'option');
     
    ?>

    As you can see in the above code, I have created a function to check if the input is not empty and return the escaped string or false. It will secure my code a bit.

    Why have I use a name like _f() its because, every-time I use it, I don’t want to increase the code size, rather it will only take 2 characters to call the function.

    CONCLUSION

    You can create reusable codes, just by starting from the basic units, and moving forward by making small small changes and taking it to a complex and more reusable code.

    Always have a satellite view of your final product and start coding it from the basic part.
    Your code will start changing from a fixed code to a generic code, and will be available for using it multiple times in the same project or can be used in different projects too.

    How to setup a local web server ? Easiest Way..

    For a developer at a beginner stage, it’s a good option to setup a local environment to learn development. Those who are ready to join the web based development stream, hear is a quick guide to setup a local server and running the codes on your local machine before you hit it to the world.

    Step 1

    Based on the machine that you are working on, you need to choose the tools / variants of tools.

    If you are using Windows OS or Ubuntu or Mac OS, you can opt from multiple Apache-MySQL distributions available in market. Few of them are – XAMPP, WAMP, AMPPS.

    I’ll suggest to go for XAMPP when it comes to setting up a local development server. It’s available for use on Windows, Mac, and Linux distribution.

    “Why I suggest XAMPP, well it’s not because of any functional difference, it’s because I have been using it since long and I am totally satisfied with its performance”.

    -Vikash Mishra

    Talking about XAMPP : XAMPP is an easy to install Apache distribution containing MariaDB, PHP, and Perl. Just download and start the installer. It’s that easy.

    Step 2

    Once you are done with installing any of the above Apache-MySQL distributions, you need to launch it and start the Apache and MySQL services.

    XAMPP Control Panel

    Once your Apache and MySQL services are up and running, you are ready to go with the next step.

    NOTE:

    • Depending on the version of your OS, it may happen, that you get errors while launching services. In such cases, you need to either download the latest version of the XAMPP distribution or if you are using the latest one, you need to downgrade to a lower version.
    • There can be chances of clashes in port numbers with services running on your PC. For eg: Generally, Microsoft Skype port number clashes with Apache. You will need to troubleshoot it by either changing the port number or by removing the application that conflicts.

    Step 3

    Once your servers are up and running, you can navigate to your preferred browser and hit the following URL

    http://localhost/ – hostname set during the installation of xampp

    OR

    http://127.0.0.1 – Loopback IP of same server

    Once you hit the above URL, you will be taken to the default landing page of XAMPP.
    Now you can get into the folder structure to put your own code and check if your development server is working or not.

    In Windows, if you have installed the XAMPP with default settings, then your public directory will be in C:\xampp\htdocs\

    If you are on a Mac Machine, you need to go into Finder -> Applications -> XAMPP -> xamppfiles -> htdocs

    In this folder, you can put your files and can access it from the browser using the above URL

    Step 4

    Moving forward, to access the local server on other devices, you will need to connect the device to the same network. For example – If your local server is connected to your home WiFi network, you will need to connect another device, say your mobile phone, to the same WiFi network.

    Once you are connected with same network on both the devices, go to the command prompt (in windows), terminal (in Linux and Mac), on your local server and hit the below command –

    Mac and Linux -> ifconfig

    Windows -> ipconfig

    IP Address in Windows

    You will get the IP address of your local server. Now hit the IP address in you another device browser to access the htdocs folder of your local server.

    When you hit the IP address of the local server in another PC’s browser, it searches for the server in your network, and reaches to the local server, and this request is received by the Apache server running in your XAMPP distribution.

    Once the Apache server receives the request, it processes it and returns back the response.

    This short and simple tutorial can help developers to setup a small local development environment and look forward for better responsive design and optimized coding, and move it to a global platform using either of the available hosting options like shared hosting, or a VPS, or Dedicated Server

    How to make your old PC a FTP Server ?

    If you are having an old PC and want to utilize it in the modern world. You can do it by simply setting it up as a server for keeping your files on it.

    FTP stands for File Transfer Protocol. It has been a standard method for transferring files between computers for decades.

    Although security measures have been added, FTP is by nature an insecure method for transferring files. However, it can be useful when making files available to multiple users, or when working in a secure and private network.

    To setup your follow our How to make your PC a FTP server ? guide below and set your own FTP server, which you can access over the internet.

    PREREQUISITE

    You need to have

    • A PC / Laptop
    • Internet connection
    • A static public IP (connect with your ISP for this)
    • You need to download and install Cent OS 7 on your PC. For this you can read our guide on How to download and install CentOS 7 ?
    • Access to a user account with sudo privileges
    • The yum package manager, installed by default
    • A text editor of your choice

    Without further a do, let’s get started with setting up the FTP server, on your CentOS 7 PC.

    Install FTP Service with VSFTPD

    How to install FTP Server on CentOS7 with VSFTPD

    Here we are using the VSFTPD ,which stands for Very Secure FTP Daemon software package. It’s a relatively easy software utility to use for creating an FTP server.

    After logging in to the CentOS 7, in the console, start typing the commands as below:

    • To install the FTP services let’s first start with updating the server packages.
    sudo yum update

    It can take time to update the packages, sit back and let it complete.

    • Install VSFTPD software with the following command:
    sudo yum install vsftpd

    It can ask you for the permission to download and install the package. Simply type Y and hit Enter and let the process complete.

    • Start the VSFTPD services by hitting the following command
    sudo systemctl start vsftpd
    • Setup auto-launch for the VSFTPD services when system reboots
    sudo systemctl enable vsftpd
    • Once you are done with the above, you need to setup rules to use the FTP port number 21 in your firewall.
    sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
    sudo firewall-cmd --zone=public --permanent --add-service=ftp
    sudo firewall-cmd –-reload

    Run the above code one by one and it should give you a success output for all the three.

    Congrats! you have installed your VSFTPD services. Now let’s move forward with configuration of the VSFTPD services.

    Configuring VSFTPD

    The behavior of the FTP service on your server is decided based on the /etc/vsftpd/vsftpd.conf configuration file.

    Let’s first backup the required files so that in case of any configuration failures, we can use the backup.

    First of all, create a copy of /etc/vsftpd/vsftpd.conf file

    sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.default

    Now, let’s edit the configuration file with the following command:

    sudo nano /etc/vsftpd/vsftpd.conf

    Set your FTP server to disable anonymous users and allow local users.

    Find the following entries in the configuration file, and edit them to match the following:

    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    chroot_local_user=YES
    allow_writeable_chroot=YES

    In above snippet, we are disabling the anonymous user access to secure our server access from unknown users,
    We are allowing only local user access
    We are allowing logged in users to upload files in the server
    Limiting FTP users to their own home directory.

    The vsftpd utility provides a way to create an approved user list. To manage users this way, find the userlist_enable entry, then edit the file to look as follows:

    userlist_enable=YES
    userlist_file=/etc/vsftpd/user_list
    userlist_deny=NO

    You can now edit the /etc/vsftpd/user_list file, and add your list of users. (List one per line.) The userlist_deny option lets you specify users to be included; setting it to yes would change the list to users that are blocked.

    Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:

    sudo systemctl restart vsftpd

    Lets move forward and create our FTP User

    Create a New FTP User

    sudo adduser testuser
    sudo passwd testuser123

    The system may prompt you to enter and confirm a password for the new user.

    Add the new user to the userlist:

    echo “testuser” | sudo tee –a /etc/vsftpd/user_list

    Create directory for FTP User access

    sudo mkdir –p /home/testuser/ftp/upload
    sudo chmod 550 /home/testuser/ftp
    sudo chmod 750 /home/testuser/ftp/upload
    sudo chown –R testuser: /home/testuser/ftp

    This creates a home/testuser directory for the new user, with a special directory for uploads. It sets permissions for uploads only to the /uploads directory.

    Now, you can log in to your FTP server with the user you created:
    You can use ftp client software like FileZilla to access your server using your server public IP (must have ftp port forwarding to your server IP on your router) as the host name, your username, password and port number 21.

    You c

    Conclusion

    Now you know how to set up and install an FTP server on Centos 7 with VSFTPD. You should be able to login to your server via FTP and start transferring files.

    If you still face issues setting up your FTP Server, or require services related to Server Setup, please get in touch with us here, our team will be happy to help you.