It is imperative that you backup any data that you have online.
If you have an online bookstore using a database and you’re not backing up daily, you are running a serious risk of losing some your business’ valuable assets.
While your inventory can be rebuilt, what would you do if you lost your customer database? Especially when simple utilities exist that will allow you to automatically receive an email, or have your database FTP’d, so you can store your critical business assets offline.
If you know of other utilities for other databases, please let me know and I will include them here. I think it is very important to maintain backups at all times.
You can email me at paul [A.t .] booksellingonlineblog.com
As originally posted on www.BookSellingOnlineBlog.com:
Whenever you host an application online, the potential for hackers to infiltrate your system is there.
More often than not, software programs involved in the web industry are always targetted. PHP, Perl, Linux, Apache, MSSQL, MySQL, IIS, Tomcat, and a number of other platforms are constantly being researched in order to find exploits.
In terms of book sellers, this means our customer databases, revenue transactions, inventories, and contacts can all become potential targets.
I don’t want to scream “The Sky Is Falling!”, but as business owners we still need to address the possibility of insecurities.
Using the “easiest target is the most attractive target” principal, here are some simple tactics that can help you be less interesting to potential hackers:
Protect all admin directories with .htaccess
Believe it or not, a webpage that asks for a username and password is still not as secure as the pop up authentication window. The webpage authentication only protects your pages whereas .htaccess authentication protects all files within a directory. This is especially important if you’re using open source applications.
For an example, try loading an image using it’s full page in a browser from an admin directory. Where people have relied on the page authentication, the image will still load – that is a hole that can be easily plugged.
A major drawback to open source programs is they’re open source At any given time, a hacker has the ability to understand how the software works and develop holes in its security.
Here is how you can install .htaccess to help deter hacking:
- Create a text file called htaccess.txt
- Put the following into the file:
AuthName “Protected Area”
- Make sure the location: “/home” is below your webroot (that means no files from that directory can be loaded through a browser)
- Go to a password generation site, like this one, and enter a username and password
- Copy and paste the result into your newly created passwd.txt
- For example, username and password asdf / asdff comes out like this:
- You can have as many users as you like in this file
- For example, username and password asdf / asdff comes out like this:
- Save that value into the passwd.txt file (it will only have that one line)
It will be a little annoying to login twice in order to get to your backend applications, however well worth it to lower your chances of being hacked.
I am definitely going to attempt to filll the void left by R. and help bring technology and books a little closer together.
I have also enjoyed this blog and will do my best to continue it’s tradition. Please feel free to comment and give me a little direction if you have any questions that you’d like answers to.
Although I have discontinued my posts to the Tech Ramblings blog, it still receives a fair amount of traffic and it does seem to me that it would be extremely useful if new content was being posted regularly to the site. Recently, a friend from the blogosphere, emailed me and requested the opportunity to add to the editorial content on Tech Ramblings. I thought it would do no harm, and would be good to keep the site alive, so I was only too glad to provide Paul with editorial rights to the site.
Paul keeps a close eye on the bookselling trade and has a good sense of how technology relates to the trade. He offers some valuable advice on his own personal site, and I believe that his posts will only add to the value of this blog.
Meanwhile, all is good with myself. It has been a very busy year so far, and I have been offering as much advice as I can to the technology team at Rare Book Review, who have decided to start their own tech-related column on their own website. Its still just starting out, but it looks positive. My employer seems happy with my involvement here and I may just get to post some of my own opinions on their site as well.
I will keep administrative rights to Tech Ramblings and will keep a close eye on it in the future. If I get the chance to post the odd comment or small bit of editorial, I will do so. Meanwhile, I leave the heart of the blog in Paul’s hands and hope that he has plenty to offer you.
Thanks for all of your support.
I’m now stepping beyond my intention, and posting again to my blog, only because my last post seems to have caused more of a furor than I expected. I appreciate many of the comments that have been made about my situation and understand that some perceive the limitations on my postings to be a form of censorship. However I would like to clarify a number of points before this spirals any further out of control.
Firstly, I have decided to discontinue posting of my own free-will. My employer has not demanded that I take down the blog, only that if I continue with it he has more of a hand in how it is run. Some may see this as an infringement on my rights, however I see it as more in line with Ian Kahn’s thinking, that my employer would like to bring the blog closer to home and link it more closely with his business. My decision to rather abandon the blog is simply a recognition that if this becomes yet another business project to be run by the IT department, I would firstly lose some of the flexibility and freedom in my posts and secondly it would impact on my workload and the expectations of the company.
The second point that I’d like to make is that I do not consider my employer to be narrow minded in any sense of the word. Yes, he maybe doesn’t realise all of the ways in which technology can benefit his business, and perhaps does not grasp all of the power that is generated through the building of online community. Or perhaps, this is my techno-centric framework and at the end of the day, it doesn’t translate to much in a business sense. However, to be fair to my employer, he has trusted me in all of the IT decisions I have made so far. He has allowed me to move all of our server software across to an open source paradigm, in an effort to cut costs and to explore development options that were not available to us before. This, in my opinion, is massively forward thinking and open minded. My employer is very encouraging in the projects that I take on and gives me a lot of free reign when it comes to making decisions about technology and sometimes gives me freedom to present ideas which will help with marketing, which is well outside of my remit. On the whole, he pays me well, looks after me and is generally encouraging of the work that I do.
Part of my employer’s concern was that I had not made him aware of my blog directly, and he felt that since it was related to the industry, this was somewhat underhanded on my part. And that’s a fair criticism. My reasons for keeping quiet about it were initially because I wanted to build up some traffic and articles before presenting it to him. And eventually because I felt that discussing it with him, would probably put me into the situation in which I am now.
Finally, I’m posting this article during my working hours, from my work PC, as I believe that this posting will help clear up any ill-feeling that may be circulating around the net and which may have some impact on our business. Generally I posted my articles during my lunch hour, but from my work PC. I guess you could argue the company resources thing either way. But at the end of the day, I have not been censored or treated poorly by my employer. I have just made a decision as to how I would like to continue both with my work, and with respect for my employer’s wishes.
Perhaps in future, I may post the odd article on somebody else’s blog, or I might contribute to one of the magazines that deal with the trade, but for now, I’ve got to focus on what I’m employed to do. Please just enjoy what I have left here as a mark of my enjoyment working in the trade and the positive experience that I have had doing so.
To regular readers of my blog, you may have noticed that there have not been any updates for a couple of weeks now. Toward the end of last month, my employer called me in for a meeting and brought the existence of this blog into discussion. He felt that this blog was potentially a conflict of interest and that he was not certain that he wanted me to continue writing for it. My response was that I felt that the blog as a whole provided a number of incoming links to his site, was written anonymously and represented my personal experiences working in the trade, as such I felt that it had no direct impact on his business and that if anything it helped to benefit him through cross-linking.
Unfortunately, my employer felt that by linking to other book dealers I was acting contrary to his interests as a dealer. While he has expressed an interest in using my writing skills in other areas of the business, and has suggested that I could continue writing for this blog if he can influence who I link to and which articles can remain online, I have decided that I would prefer to return my focus simply to getting my job done and I will no longer blog about anything to do with the rare book trade. I will however leave this blog online, so that any of the notes that I have left up that have proved helpful to anybody else can continue to be used.
I appreciate my employer’s position and he has treated me very fairly and looked after me while I have worked for him. I thank you all for your readership and for your support while I shared what I could of my experiences. Good luck and happy blogging.
The good folks at Fine Books have just posted a good article on the value of Old Books. In the article, they mention that the Rare Books and Manuscripts Department at the American Library Association have released a revision of the classic reference Your Old Books.
I really enjoyed the write-up at Fine Books, because friends frequently tell me about a stash of old books that they have that they are convinced must be worth something. Of course, more often than not, a small bit of research shows that most old books are not worth an awful lot. The article concludes that spending money on books is less of an investment and that the value lies more in the entertainment value. This conclusion may appeal less to the bookseller than the collector. But its an important message. And while I am aware that a proportion of the books sold in this industry are often sold based on their investment value. The heart of the collector is more likely to be grounded in the sheer pleasure of owning the book than in its monetary value.