Website Design

From IndieGuide

Jump to: navigation, search

Creating websites is a huge topic. It's a also a topic most relevant for all Indies, as the Internet is the main marketing and distribution channel. We aim for providing all information you need to know when it comes to websites in form of overviews, checklists and, most of the time, links to dedicated sites that deal with the details.

We are still starting off with this section, so for now we kick off with all sections below; we can move them to dedicated pages (sub-topics) at a later stage, once sufficient content has accummulated and a definite structure emerged.

Building a web site

As an Indi dev, you will most likely want a website at some point in time. A website can serve as a support platform, community portal and information center and thus it is very important to have a proper one in place when you release your first game. It usually is a good idea, though optional, to also set up a blog and/or a forum, whichever you prefer.



Development and Web Server Administration

First of all, if you don't plan on spending a fair amount of time learning how to properly set up a dedicated server, you probably shouldn't get one for developing/distributing your game. A dedicated server come with a lot of possibilities, one of them is the ability to get hacked after which your precious server is turned into a zombie for a giant mail bot network, sending out spam until it dies. If you want to avoid similar scenarios, you might want to learn how to properly operate one.

If you don't want to spend all the time on that, you can get a managed server (more expensive) or only a webspace (cheaper, a lot less possibilities) to host your website.


Security checklist

In case you decided to give a dedicated server a spin, this checklist should serve as a basic guideline for staying secure.

  • Use a Unix/Linux/BSD-based operating system. You will find administrating a Windows server system will come with a great amount of displeasure, frustration and security issues.
  • Close any open ports. Open ports that have services running behind them are a welcome sight for script kiddies and exploiters the like. To scan for open ports use nmap. "nmap -sT enterIPhere" will scan for default ports and a tell you if they're open, closed, or filtered (just as good as closed).
  • Update your packages regularly. Really, do it. If it breaks your configs from time to time it's because you were using deprecated commands. It will take less time reconfiguring them than setting up a new installation because your current one got hijacked because of exploitable services.
  • Update your web application regularly. This one is not as critical because a hijacked web application usually does not contain the power to threaten your underlying operating system but if a forum's database is downloaded by some script kiddie and eventually published on the web you will still be in trouble.
  • Use long passwords. Cracking your precious 9 character pass phrase you use everywhere can take 5 minutes with rainbow tables. A 12+ character password is more appropriate for critical stuff.
  • Properly configure your web server. For example, if you enter an invalid URL, Apache2 shows its standard 404 error page by default followed by its server signature. This signature reveals which modules are loaded and which version they are, the stuff you don't want anybody know. The directive to change this behavior is "ServerSignature Off".
Retrieved from "http://www.indiedevguide.com/wiki/index.php/Website_Design"
Personal tools
Advertisement