Meet The Author

Main Uddin is one of the pioneer blogger cum e-marketer from North East India(Assam).He is also a Skilled web Developer and regular columnist for various news portals around the globe.Read More

author

To Publish Android Mobile App: How to Create Google Developer account?

Leave a Comment
Publish your apps and games with the Google Play Console and grow your business on Google Play. Benefit from features that help you improve your app's.With the ability to publish rapidly to over 2 billion active Android devices, Google Play helps you grow a global audience for your apps and games and earn more.

 To set up your Google Play account:

Step 1 : Go to https://play.google.com/apps/publish

Step 2 : If you have a Google account, click on Sign In, else Create Your Google account

sign2

Step 3 : Fill out the form and click Next.

sign3

Step 4 : Fill in the required details, and click Next.

sign4

Step 5 : Enter the details and tick mark the Developer agreement and Term of services checkboxes.

Step 6 : Click Create account and pay.

Step 7 : Enter your payment information to pay the one-time $25 fee and click Buy.

  • You will receive an email from Google notifying you when your account is ready to be activated. Note: This process can take up to a week
  • Activate your account.
Read More

Blogging Challenge in 2021: How do you choose the right keywords for Contents

Leave a Comment

 Perhaps all of you must also know that most blogs stop working on their blogs because of this because they did not choose the topic of their blog correctly. So let's now know what we need to do to find a good topic. Either pay an expert to do it, a search engine optimization specialist, or become one yourself. There are dozens of great keyword research software tools though I would highly suggest using one you consider user-friendly and is paid. The free ones will never give you the data that paid ones do. The right keywords for your blog are the ones your readership will be typing into a search engine. It is these keywords and these keyword phrases that matter; they are what matter the most, as long as you can back that keyword up with highly relevant content. “Build the blog and the people will come!” -NOT GOING TO HAPPEN.. you must use keywords and phrases that lots of people are searching for. Then you have to rank for them so they show up high in the search index results. If new at this concentrate on longtail keywords so you can have top listings quick.



So if you ask this question to any blogger, then all of you will give the answer that in any field or whatever you have good knowledge about. Start your blog with the same topic.

What do you think of people? Should we do the same We should make a blog about whatever we have good information about.

I would like to tell you about it, no, we should not do this, we still have to see many things only to see what we have good information about.

That's not enough, let's say that you know everything and you have created a blog on it. But no one wants to know about that information, so you have to see whether people want to read your blog or not.

Now you must be wondering how this thing will be found out whether people want to read about that topic or not. Or say, how many people are there on the internet, who search to know about that information.

So for that, you will have to do Keyword Research according to the topic of your blog. If you want to make your blog on Health Niche. So, search through your topic and see if there is a search volume on Related Keywords from those topics.

You can use the Ahref tool to do Keyword Research. But for this, you have to pay a charge of Rs 300-400 per month and if you want to use the free tool then WMS will be very good for you everywhere. This is a Chrome Extension.

Apart from this, you also have another way by which you can choose the right topic of your blog and that is that you have to open Google
and type in its search box, Top 10 Blog + Your Niche This way you will get a lot to see whether people want to read the topic of your blog or not.

Find blog niche

And out of all the results that you will get on Google
, you open any one website, then you will get the names of the 10 best blogs made on that topic, then you should check the report of any website from that on Google from this website How much traffic is coming.

For this, you can use a similar web tool. Where you can know about any website, how much traffic is coming to that website every month and where it is coming from.

After doing so, you will also have to see how many posts you can write on that topic. If you can write some 50 posts related to that topic, then you can make your own blog on that topic.

If you are not able to understand anything after thinking 50 who write that topic then you should make your own blog on another topic. Because if you have created a blog on that topic, you do not have any content that you can post anything new on it.

These are some very popular topics on which you can start your blog, if you have good knowledge about any of these topics then you can make your own blog on these topics.

  • Marketing
  • Personal Finance
  • Make money online
  • Beauty
  • Sports
  • Food
  • Health and Fitness
  • Technology
  • Business
  • Career

So I hope you have now understood well how we should choose a good topic on our blog. Now you can start the process of creating a blog.

Keywords are not only subjective or preferred words as you choose. They can be generalized and based on general words related to a subject.

  • Visit Competitors Sites , check how they are using keywords in titles and descriptions
  • Use Google Ad-words to check the traffic and competition of a keyword
  • Try searching on google with ‘words’ relevant to subject and figure out how the top searches are using keywords
  • Follow different tools to check stats of traffic, competition of selected keywords
  • Use long tail keywords of low competition, that better help in retaining the long term ranking of keywords

    Keywords will automatically come into play.

    Thinking about writing valuable content while using the terms that your target audience searches most. No one searches for generic terms. Search queries are now very specific and long tail, sometimes very very niche.

    Start with very very niche and as you develop good content addressing the problems of audiences you can move to more generic terms and no one can stop your website from ranking high.

    I hope this helps.

Read More

4 Best WordPress Hosting Providers of India for New Bloggers

Leave a Comment

Today, no one can stay away from the online world. You find everyone right from a small kid to an old age connected to the online world. This is because it helps in fulfilling the requirements of all. Due to the COVID-19 pandemic, even the nursery going kids need to do their schooling online. Also, many were able to buy the essentials materials via online platforms since the shops were closed down.



Web hosting plays a key role in offering you the variety of online platforms. Without web hosting, the websites won’t be available to you. You need to host the website on a server which means you need to rent a space for your website to live, similar to humans. You get various types of web hosting solutions such as shared, dedicated, VPS, reseller, WordPress, application hosting and cloud hosting.

WordPress is a popular platform for blogs as well as other websites. It is because you can design your website for free in WordPress and also, you get several plugins and themes to develop a professional website. So, you can develop a website easily on your own.

There are several WordPress hosting providers available in the market and so, it would become difficult for you to select one. Therefore, below is the review of the best managed WordPress hosting providers of India.

MilesWeb

Started in 2012, MilesWeb is an Indian web hosting company that is the best WordPress supporter. They have participated in all the WordCamps helps in India. Apart from WordPress hosting, they offer different types of web hosting services such as shared, dedicated, reseller, VPS, WordPress cloud hosting, cloud and application hosting. They have a 24/7 available customer support service and users can contact them via live chat and email. Moreover, you get a 30 day money back guarantee so that you can claim for the refund within 30 days of service purchase if you don’t want to continue with them. Their state-of-the-art datacenters help to provide 99.95% uptime.

Managed &Cheap WordPress Hosting Plans













Features

·         Fully Managed WordPress

·         Free WordPress Migration

·         Built for Performance

·         Free Domain

·         Automatic WordPress Updates

·         Fast SSD Storage

·         Free SSL Security

·         WordPress Preconfigured

·         Fast Provisioning

·         Secure Email

·         Datacenter Choice

The managed WordPress hosting plans of MilesWeb help to boost your WordPress website’s performance with their Intel Xeon processors, SSD storage and hardware RAID 10.

A2 Hosting

Another popular web hosting company of India is A2 Hosting. They are very well-known for their fast loading TURBO plans. They offer very cheap as well as quality hosting plans under budget. They provide reliable WordPress hosting so that your website always stay up and running. They 24/7 support service so that you always have someone to resolve your queries.

Managed WordPress Hosting Plans



Features

·         Pre-installed WordPress

·         Free SSL Certificate

·         Global Servers

·         Free Website Migration

·         SSD Storage

·         Anytime Money Back Guarantee

·         Free Automatic Backups

·         1-Click Staging

A2 Hosting’s managed WordPress hosting plans are fine-tuned and offersuperior performance.

Bluehost

Bluehost is officially recommended web host by WordPress. They also provide different web hosting solutions such as shared, VPS, dedicated and ecommerce hosting. The company was started in 2003 and currently caters more than 20 million customers. The company was owned by EIG in 2010. They have a customer support team available 24/7 via live chat and phone. They don’t offer money back guarantee.

Shared WordPress Hosting Plans



Features

·         Automatic WordPress Installation

·         Microsoft 365 available

·         Free Domain for 1 Year

·         Automatic WordPress Updates

·         Secure Configuration of Login Credentials

·         WordPress Staging Environment

Bluehost’s shared WordPress hosting plans are affordable and offer you all the features needed to create and manage a WordPress website.

BigRock

BigRock is an Indian web hosting company started in 2010. They offer shared, reseller, WordPress, ecommerce, cloud, VPS and dedicated server hosting. They are a part of EIG group. They have a customer support team to help their clients during their web hosting journey and can be reached via live chat and phone. They don’t offer money back guarantee on WordPress hosting plans.

WordPress Hosting Plans



 Features

·         Intuitive Control Panel

·         Email Management

·         Better SSL Integration

·         Automated Cloud Backup

·         Anti Malware Protection

·         Ready-made Themes

·         SEO Friendly

·         Diversified Plugins

·         Blazing-Fast Load Time

·         Instant Scaling

·         Mojo Marketplace

·         JetPack Plugin

·         Auto-Backups

·         Auto-Secured

BigRock WordPress hosting plans offers various perks that make it easy for you to manage WordPress website.

Conclusion

When you are looking for affordable WordPress hosting, you will find several options. But since WordPress hosting is offered as managed and unmanaged it becomes somewhat easy to select one. If you are new to the hosting world, it is always better to select managed WordPress hosting plans as all is managed by the web host and you can focus on your business growth.

MilesWeb offers you managed WordPress hosting plans at affordable prices as compared to other providers. So, host your WordPress blog or website with them and focus on its growth.

Read More

Blog and Website Backend Security Risks to Consider in Development Progress

2 comments
Take measures in development to harden and keep your web backend secure.

Small businesses, banks, and many industries depend on web applications. From the point when building a web application, it’s crucial to be sure to have protocols to check vulnerabilities as the development evolves to avoid security breaches, data leaks, and financial issues.

The most dangerous web attacks are those that occur on the server-side where data is stored and analyzed.

What is Backend?

A web application is divided into two parts – Frontend and Backend.
The frontend is client-side, it’s the part the user interacts with. Typically, it’s built with HTML, CSS, and Javascript.
The backend is server-side. It’s basically how the application works, applies the business logic, changes, and updates. Some of the popular server-side tech stacks involve PHP, NodeJS, Java, Ruby, C, Python, database, security (authentication, access control, etc.), structure, and content management.
A little reminder before we start – authentication, access control & session management

It’s common for us to confuse the terms. So let’s clarify it quickly:

Authentication concerns proving user identity (eg., password, username, questions security, fingerprints)
Access control concerns what the user can access the application. It enforces the policy that users cannot act outside their intended permissions.
Session management concerns responses and request transactions associated with the same user. It is an exchange mechanism that is used between the user and the application after he authenticated successfully.

Let’s explore the following for better back-end web security.
Injection flaws



Since 2010, OSWAP classified injection as the #1 most dangerous web application risk.

Injection flaws allow a user to provide data containing keywords that will modify the behavior of queries built on the database. For example, let’s suppose we have a SQL script that checks if a matching entry exists in the database.uname = request.POST['username'] passwd = request.POST['password'] sql = "SELECT id FROM users WHERE username='" + uname + "' AND password='" + passwd + "'" database.execute(sql)
Copy


An attacker can now manipulate the password field using SQL injection, for example by entering the password ‘OR 1 =’ 1, which leads to the following SQL query:

sql = "SELECT id FROM users WHERE username='' AND password='password' OR 1='1'

By doing so, the attacker can access all the user tables of the database, the password being always valid (1 = ‘1’). If they log in as an administrator, they can make any changes he wants.
How to prevent it?

It’s very EASY to avoid injection flaws.

The best and simple way to verify if there are no injection flaws is a thorough manual source code review to check if queries in the database are done via prepared statements. You can also use tools to check for vulnerabilities.

And you should also do the following.
Use ORMs (Object Relational Mapping Tools).
Escape all inputs. A date field should never have anything else stored in them except dates.
Isolate your data so that only the things that should be accessed from a given location is held on in that location.
Write good handling error codes. Don’t make your database or your backend too verbose.

Troy Hunt got a brilliant course on SQL injection. If interested, you may explore that.
Broken authentication



As mentioned earlier, authentication deals with the credentials providing. It’s the frontline of defense against unrestricted access. However, poor implementation and non-respect of security policy can lead to broken authentication.

Broken authentication happens mostly by three patterns :
Credentials stuffings: where the attacker has a list of valid usernames and passwords and can automate attack to figure the credentials are valid.
Bruteforce attack: where the application permits weak passwords for users or admins.
Session hijacking: where application exposes session ID, URL, or doesn’t rotate after login.

In all cases, the attacker can gain access to an important account and depend on the business that can cause money laundering, identity theft, or disclose legally protected, highly sensitive information.
How to prevent it?

Before implementing the authentication system, ask yourself – what could an attacker achieve if the authentication system is compromised?

And according to the response, you can do the following.
Implement multi-factor authentication to prevent automated attacks.
Encourage (or force) the user to adopt a good password policy.
Limit failed logins.
Use efficient algorithm hash. When choosing an algorithm, consider the max password length.
Test the session timeout system and make sure the session token is invalidated after logout.
Broken Access Control



Access control exists to ensure what authenticated user is allowed to do. Authentication and session management are the foundation or access control rules. But when those rules aren’t well set, this can lead to significant issues.

Common access control flaws include:
CORS misconfiguration that allows unauthorized API access.
Metadata manipulation to direct access to methods.
Forced browsing: The attacker will try a URL, modify paths (eg.,http://website.domain/user/ to http://website.domain/admin), and can even discover important files.
How to prevent it?

Mostly, broken access flaws occur by ignorance about the essential requirements of effective access management.
Deny by default except public resources.
Disable server directory listing and be sure that backup files are not present.
Rate limit API access to reduce the impact of automated attacks.
Invalidate JWT tokens after logout on the backend-side.
Data Exposure

Also referred to as data breaches, data exposure is a cyber-threat that menace businesses and their clients.

It occurs when the application doesn’t adequately protect information such as credentials or sensitive data like credits cards or health records. More than 4000 records are breached every minute.



The impact on business is big from the financial side: An average breach can cost USD 3.92 million, according to IBM.
How to prevent it?

As a backend developer, you should ask what the information that needs protection are.

And then to prevent such flaws:
Encrypt sensitive data: For data at REST, encrypt everything. For data in transit, be sure to use secure gateways( SSL )
Identify the data that requires extra protection and limit the accessibility to only a bunch of legitimate users only by enforcing key-based encryption.
Avoid weak encryption algorithm: use up-to-date and strong algorithms.
Have a secure backup plan.
Insecure deserialization

Serialization and deserialization are concepts used when data is converted in object format to be stored or send to another application. Serialization consists of converting data in object format like XML or JSON to make them usable. Deserialization is just the reverse process.

Attacks against deserializers can lead to denial-of-service, access control, and remote code execution (RCE) attacks if there are classes that can be modified to change behavior.

The second example of the OWASP top 10 document provides a good illustration of PHP object serializer :a:4:{i:0;i:132;i:1;s:7:"Mallory";i:2;s:4:"user"; i:3;s:32:"b6a8b3bea87fe0e05022f8f3c88bc960";}
Copy


This is a supercookie containing information like user ID, the level of the user, and the hashed password.

An attacker can change the serialized object to get access to admin privileges:a:4:{i:0;i:1;i:1;s:5:"Alice";i:2;s:5:"admin"; i:3;s:32:"b6a8b3bea87fe0e05022f8f3c88bc960";}
Copy

How to prevent it?

It’s crucial not to accept serialized objects from untrusted sources.

You should also:
Never trust user input.
Validate data: If your application except for a string, make sure it’s a string before using it
Use a check to be sure that data hasn’t been changed. It’s useful you are sending data between two trusted sources(eg., storing data client-side).
Server XSS



Server XSS (Cross-site scripting) is a type of injection when an attacker uses a web application to send malicious code to different users. It occurs when the attacker posts some crafted data containing malicious code that the application stores. This vulnerability is server-side; the browser simply renders the response.

For example, in a forum, user posts are saved in a database, often without verification. Attackers take this opportunity to add posts with malicious scripts. Subsequently, other users receive this link by email or see the post in question and click on it.
How to prevent it?

After primary identification of all the operations that are potentially at risk of XSS and that need to be protected, you should consider the following.
Validate input: check for input length, use regex matching, and only permits a certain set of characters.
Validate output: If the application copies into its responses to any item of data that originated from some user or a third party, this data should be HTML-encoded to sanitize potentially malicious characters.
Allow limit HTML: for example, if you have a comment blog system, only allow usage of certain tags. If you can, use a suitable framework to user-supplied HTML markup to try to make sure that it does not contain any means of executing JavaScript.

Conclusion

The development phase is crucial for web application security. And, you should consider including a security vulnerabilities scanner in the development life-cycle, so the identified issues are fixed prior to production.
Read More

Easiest Ways to Become a Freelance Programmer in 2021

Leave a Comment
What could be better than being your boss? You could work at a time that is convenient for you and work with people that you want to work with. You could also take holidays whenever you wanted to or even work 24/7 to expand your career. Whatever you want to do, you can do it as a freelance programmer. However, you should also keep in mind that while freelancing provides you total freedom to shape your career, you also need to be disciplined, hardworking, and invest a substantial amount of time before you see great results. But you WILL see great results in the long term if you keep working!

Photo: Google official Facebook Page

Now the question that might come into your mind is “How to start freelance programming”? Fear not! This article aims to answer your question so that by the end of it, you can get started on your freelancing journey and build a great career in the future. So let’s get started.

1. Learn the required Programming Languages

What is the most important thing you need to know to become a freelance programmer in 2020? It’s programming languages of course! How can you offer your services as a freelance programmer if you are not an expert in at least one programming language? That is the fundamental requirement for becoming a successful freelance programmer. Currently, some of the popular programming languages are PythonJavaPHPJavaScript, Swift, C#CC++Ruby, etc. with Python leading the group in popularity! You can also learn multiple programming languages as they will help in taking on multiple projects and increase your reach among prospective clients. Now the important question is “How to learn programming languages?” Well, if you are studying Bachelors or Masters of Computer Science in college, then you should learn to program there. Otherwise, you can always sign up for online programming courses Assam School Of Internet Marketing.

2. Focus on a Niche

As they say, it is always better to be a specialist than a generalist! You will be paid a lot more as a freelance programmer if you specialize in a niche. So after you have learned programming in any language, decide a niche that appeals to you and learn all you can about that. You can do more research by looking at freelancer sites or job sites to understand which skills are in demand for freelancers in 2020 and which will help you succeed in your freelancing career! For example, Data Science and Machine Learning in-demand technology these days and you can learn Python, R, SQL, etc. to succeed in that. You could also work on developing your Statistical and Machine Learning skills as they would provide an edge in Data Science.

3. Set basic Working Rules

You are your boss when you work as a freelancer. Chances are that this can make you lazy or complacent. So some basic working rules are required to become a successful freelance programmer. The most important thing you need as a freelance programmer is discipline. So the first rule is to have a fixed schedule that is strictly adhered to. You should also set a fixed basic pay rate for your clients which can later be adjusted on a case by case basis. Moreover, you should also fic a rough schedule of meetings, updates, deadlines, etc. with the clients before the commencement of the project so that all the parties concerned know what is happening at all times and you are also motivated to work and deliver best results!

4. Build your online portfolio

How do you introduce yourself to prospective clients? How do you convince them that you are as good as you say and perfect for the job? You don’t have to do anything as all this will be done by your online portfolio! It is an extremely necessary tool in your arsenal as it is your introduction to prospective clients. It can be used to showcase your past projects as well as the testimonials you got for them. This will increase the confidence that prospective clients have in your abilities and also you to secure more freelancing gigs. Moreover, your online portfolio should include interaction opportunities such as links to your social networking accounts so that clients can easily contact you if required. You could even use your GitHub profile to host your programmer portfolio and make connections with other programmers that would increase your visibility.

5. Have an Online Presence

How would you attract online clients if they don’t know you exist? It’s almost impossible! So you need to have a strong online presence and actively market yourself so that prospective clients are attracted to your programming services. And that’s where Content marketing comes in! Content marketing is extremely helpful in finding prospective clients. Online content marketing involves creating an online presence. This may include creating a portfolio website, a blog where you share your experiences in freelance programming, a professional account on LinkedIn, an Instagram account with programming pics, a YouTube channel that teaches how to become a freelance programmer, etc. To make sure that you are successful in Content Marketing, ensure that all your online accounts have the same name. This will create a uniform brand identity for you and also ensure that your clients can easily find you on various online platforms.

6. Have an Offline Presence

It is great to have online connections but you cannot neglect the real world! You should also make offline connections with other freelancers and tech experts who can guide you in your career as a freelancer and also refer you to clients if you are good enough. After all, you never know when or where opportunity knocks on your door! You can attend tech community events in your city or state to meet like-minded people in your profession in real life and make connections who might be useful in the future. Check out online sites such as Meetup or Eventbrite as they organize meetings for people with similar interests in different cities. Find out a freelancing event in your field that is happening in your city and attend it to create valuable new offline connections. And maybe even new friends!

7. Know your Target Audience

Who are your clients? Who are the people you aim to impress with your programming skills? Well, that depends on your talents. If you are a Python and Machine Learning expert, chances are you want to be hired by a company that is working on Artificial Intelligence and Data Science. Similarly, it is very important to establish your target audience in the beginning and get to know them very well. This involves understanding the location, industry, age, gender, etc. of the target audience. Then you can create a direct connection with the target audience using various services such as blogging, Email, YouTube, etc. that cater directly to what your audience might need.

8. Expand your Communication Skills

What would you do if you had all the technical knowledge but you couldn’t communicate with your clients? You would fail as a freelancer! So always remember that communication skills are an essential part of freelance programming. It is very important to communicate with clients to get a sense of what they require and deliver that as per specifications. If you cannot ever understand what your client wants, how are you going to deliver? Also, communication skills are essential in forming professional ties to retain clients in the long-term. In case you are not the best at this, don’t worry, you can polish your communication skills through various methods! If you are in university, you can take public speaking or writing classes to help you out. Otherwise, you could access online professional communication courses but always remember that practice makes perfect!

9. Contribute to Open Source Projects

Suppose you are a newbie in freelancing and don’t have a vast portfolio. You don’t have much experience that you can show to future clients as an indication of your skills. What do you do then? Contribution to open-source projects can be used to build credibility for prospective clients. Open-source projects are those that have their source code publically available so you can contribute to improving the code. You can work on the issues of already existing open source projects or even create your open-source projects. Either way, open-source projects provide credibility and are an excellent booster for your portfolio. Which can provide freelancing opportunities in the future!

10. Stay abreast of Current Technologies and Languages

Programming is a constantly changing field where trends come and go. Therefore it is necessary to stay abreast of current technologies and languages if you want to remain relevant. You can do this by subscribing to publications such as VentureBeatThe Verge, WIRED, etc. You can also join online courses to learn new skills that help you remain relevant in the market. Also, follow popular tech leaders in the world such as Mark Zuckerberg, Jeff Bezos, Satya Nadellaetc. to know what’s new in the industry! All of this will help you in obtaining industry-relevant skills which will, in turn, leads to more clients and increased potential for earning in the future.
Finally, you should know that to become a successful freelance programmer requires a lot of patience, a great work ethic, and a strong network of clients. But this is not impossible to obtain! You can achieve all this with continued growth and it will eventually lead to insane growth in your freelancing career.
Read More
Previous PostOlder Posts Home