Archive | February, 2006

Find and enjoy the pictures on your computer in seconds.

27 Feb

Picasa 2

Java Software Download

27 Feb

FREE JAVA SOFTWARE DOWNLOAD

Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks

27 Feb

SUMMARY
When you point to a hyperlink in Microsoft Internet Explorer, Microsoft Outlook Express, or Microsoft Outlook, the address of the Web site typically appears in the Status bar at the bottom of the window. After you click a link that opens in Internet Explorer, the address of the Web site typically appears in the Internet Explorer Address bar, and the title of the Web page typically appears in the Title bar of the window.

However, a malicious user could create a link to a deceptive (spoofed) Web site that displays the address, or URL, to a legitimate Web site in the Status bar, Address bar, and Title bar. This article describes steps that you can take to help mitigate this issue and to help you to identify a deceptive (spoofed) Web site or URL.
MORE INFORMATION
This article discusses steps you can take to help protect yourself from spoofed Web sites. To summarize, these steps are:• Install the MS04-004 Cumulative Security Update for Internet Explorer (832894).
• Verify that there is a lock icon in the lower right Status bar and verify the name of the server that provides the page that you are viewing before you type any personal or sensitive information.
• Do not click any hyperlinks that you do not trust. Type them in the Address bar yourself.

Install the MS04-004 Cumulative Security Update for Internet Explorer (832894)
For additional information about this security update, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/Bulletin/MS04-004.asp
This article also discusses steps that will help you identify spoofed Web sites and malicious hyperlinks.
Things that you can do to help protect yourself from spoofed Web sites
Make sure that the Web site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) and check the name of the server before you type any sensitive information.

SSL/TLS is typically used to help protect your information as it travels across the Internet by encrypting it. However, it also serves to prove that you are sending data to the correct server. By checking the name on the digital certificate user for SSL/TLS, you can verify the name of the server that provides the page that you are viewing. To do this, verify that the lock icon appears in the lower right corner of the Internet Explorer window.

Note If the status bar is not enabled, the lock will not appear. To enable the Status bar, click View, and then click to select Status Bar.

To verify the name of the server that appears on the digital certificate, double-click the lock icon, and then check the name that appears next to Issued to. If the Web site does not use SSL/TLS, do not send any personal or sensitive information to the site. If the name that appears next to Issued to is different from the name of the site that you thought provides the page that you are viewing, close the browser to leave the site. For additional information about how to do this, visit the following Microsoft Web site:
http://www.microsoft.com/security/incident/spoof.mspx
Things that you can do to help protect yourself from malicious hyperlinks
The most effective step that you can take to help protect yourself from malicious hyperlinks is not to click them. Rather, type the URL of your intended destination in the address bar yourself. By manually typing the URL in the address bar, you can verify the information that Internet Explorer uses to access the destination Web site. To do so, type the URL in the Address bar, and then press ENTER.

Note The Address bar does not appear if it is not enabled. To enable the Address bar, click View, point to Toolbars, and then click to select Address Bar.

Some things that you can do to identify spoofed sites when the Web site is not using SSL/TLS
The most effective step that you can take to verify the name of the site that provides the page that you are viewing is to verify the name on a digital certificate using SSL/TLS. But if the site does not use SSL/TLS, you cannot conclusively verify the name of the site that provides the page that you are viewing. However, there are some things that you can do that, in some cases, may help you identify spoofed sites.

Caution The following information provides general guidelines based on well-known attacks. Because attacks change constantly, malicious users could create spoofed Web sites by using means other than those that are described here. To help protect yourself, type personal or sensitive information on a Web site only if you have verified the name on the digital certificate. Also, if you have any reason to suspect the authenticity of a site, leave it by closing the browser window immediately. Frequently, the quickest way to close the browser window is to press ALT+F4.
Try to identify the URL of the current Web page
To try to identify the URL of the current Web site, use the following methods.

Use Jscript commands to try to identify the actual URL for the current Web site

Use a JScript command in Internet Explorer. In the Address bar, type the following command, and then press ENTER:
javascript:alert(“Actual URL address: ” + location.protocol + “//” + location.hostname + “/”);
Caution Use caution when you type script directly in the Address bar. Script that you type directly in the Address bar can take the same actions on the local system as the user who is currently logged on.

The JScript message box shows the actual URL Web address for the Web site that you are visiting.

You can also copy the following JScript code and paste it in the Address bar for a more verbose description of the Web site URL:
javascript:alert(“The actual URL is:\t\t” + location.protocol + “//” + location.hostname + “/” + “\nThe address URL is:\t\t” + location.href + “\n” + “\nIf the server names do not match, this may be a spoof.”);
Compare the actual URL with the URL in the Address bar. If they do not match, the Web site is likely misrepresenting itself. In this case, you may want to close Internet Explorer.

Use the Internet Explorer History pane to try to identify the actual URL for the current Web site

In the scenarios that Microsoft has tested, you can also use the History Explorer Bar in Internet Explorer to help identify the URL of a Web page. On the View menu, point to Explorer Bar, and then click History. Compare the URL in the Address bar with the URL that appears in the History bar. If they do not match, the Web site is likely misrepresenting itself and you may want to close Internet Explorer.

Paste the URL in the Address bar of a new instance of Internet Explorer

You can paste the URL in the Address bar of a new instance of Internet Explorer. By doing so, you may be able to verify the information that Internet Explorer will use to access the destination Web site. In the scenarios that Microsoft has tested, you can copy the URL that appears in the Address bar and paste it in the address bar of a new session of Internet Explorer to verify the information Internet Explorer will actually use to access the destination Web site. This process is similar to the step that is discussed in “Things that you can do to help protect yourself from spoofed Web sites” section earlier in this article.

Caution If you perform this action on some sites, such as on e-commerce sites, the action can potentially cause your current session to be lost. For example, the contents of an online shopping cart may be lost, and you may have to repopulate the cart.

To paste the URL in the Address bar of a new instance of Internet Explorer, follow these steps:1. Select the text in the Address bar, right-click the text, and then click Copy.
2. Close Internet Explorer.
3. Start Internet Explorer.
4. Click in the Address bar, right-click, and then click Paste.
5. Press ENTER.

Some things that you can do
to identify malicious hyperlinks
The only way that you can verify the information that Internet Explorer will use to access the destination Web site is by manually typing the URL in the address bar. However, there are some things that you can do that, in some cases, may help you identify a malicious hyperlink.

Caution The following information provides general guidelines based on well-known attacks. Because attacks change constantly, malicious users could create spoofed Web sites by using means other than those that are described here. To help protect yourself, type personal or sensitive information on a Web site only if you have verified the name on the digital certificate. Also, if you have any reason to suspect the authenticity of a site, leave it by closing the browser window immediately. Frequently, the quickest way to close the browser window is to press ALT+F4.

Try to identify the URL that a hyperlink will use

To try to identify the URL that a hyperlink will use, follow these steps:1. Right-click the link, and then click Copy Shortcut.
2. Click Start, and then click Run.
3. Type notepad, and then click OK.
4. On the Edit menu in Notepad, click Paste.
By doing this, you can see the full URL for any hyperlink and you can examine the address that Internet Explorer will use. The following list shows some of the characters that may appear in a URL that could lead to a spoofed Web site: • %00
• %01
• @
For example, a URL of the following form will open http://example.com, but the URL in the Address bar or the Status bar in Internet Explorer may appear as http://www.wingtiptoys.com:
http://www.wingtiptoys.com%01@example.com
Other steps that you can take
Although these actions do not help you to identify a deceptive (spoofed) Web site or URL, they can help limit the damage from a successful attack from a spoofed Web site or a malicious hyperlink. However, they restrict e-mail messages and Web sites in the Internet zone from running scripts, ActiveX Controls, and other potentially damaging content.• Use your Web content zones to help prevent Web sites that are in the Internet zone from running scripts, running ActiveX Controls, or running other damaging content on your computer. First, set your Internet zone security level to High in Internet Explorer. To do so, follow these steps:1. On the Tools menu, click Internet Options.
2. Click the Security tab, click Internet, and then click Default level.
3. Move the slider to High, and then click OK.
Next, add the URLs for Web sites that you trust to the Trusted Sites zone. To do so, follow these steps:1. On the Tools menu, click Internet Options.
2. Click the Security tab.
3. Click Trusted sites.
4. Click Sites.
5. If the sites that you want to add do not require server verification, click to clear the Require server verification (https:) for all sites in this zone check box.
6. Type the address of the Web site you want to add to the Trusted sites list.
7. Click Add.
8. Repeat steps 6 and 7 for each Web site that you want to add.
9. Click OK two times.

• Read E-mail Messages in Plain Text.

For Outlook 2002 and Outlook 2003:

307594 OL2002: Users Can Read Nonsecure E-mail as Plain Text
831607 How to View All E-Mail Messages in Plain Text Format in Outlook 2003

For Outlook Express 6:
291387 OLEXP: Using Virus Protection Features in Outlook Express 6
By reading e-mail in plain text, you can see the full URL of any hyperlink and examine the address that Internet Explorer will use. The following are some of the characters that may appear in a URL that could lead to a spoofed Web site: • %00
• %01
• @

• For example, a URL of the following form will open http://example.com, but the URL that appears in the Address bar of Internet Explorer may show http://www.wingtiptoys.com:
http://www.wingtiptoys.com%01@example.com

REFERENCES
For more information about Uniform Resource Locators (URLs), visit the following Word Wide Web Consortium Web site:
http://www.w3.org/addressing/url/url-spec.txt
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Article from http://support.microsoft.com/?id=833786

Design Links

27 Feb

Open Source Web Design

Preventing Image Bandwidth Theft With .htaccess

27 Feb

by Christopher Heng, thesitewizard.com

Judging from thesitewizard.com’s web statistics, my article “How to Protect Your Images from Bandwidth Theft (PHP Script)” appears to be exceedingly popular. And no wonder too: I read complaints about websites stealing another site’s images and making the victim pay for their bandwidth almost every other day. This article provides another solution to the problem of bandwidth theft, one that does not require the webmaster to modify any existing web pages nor install any scripts.

System Requirements
The solution outlined in this article requires your site to be hosted on a machine using the Apache web server and that your web host allows you to override the server’s configuration using a .htaccess file. For the more technically inclined, it uses the facilities provided in the mod_setenvif Apache module.

If this is not the case for your website, you cannot use the suggestions given here. You might wish to check out my PHP solution, How to Protect Your Images from Bandwidth Thieves, instead. The article may be found at http://www.thesitewizard.com/archive/protectimages.shtml

(To find out if your web server fulfills the requirements stated here, try checking up the documentation on your web host’s website – the information is usually available on their list of web hosting packages, price lists or on their order form. Alternatively, contact their technical support and find out from them.)

Steps to Take
Protecting your images using a .htaccess file is trivial.

Put all the images you wish to protect from being stolen (bandwidth-wise) in a separate directory.

Create an ASCII text file named .htaccess and save it in that directory. Note that the name starts with a fullstop (or period) and is entirely in small letters (ie, lowercase). Cut and paste (unless you’re using IE 6 in which case you just have to type it yourself) the following lines into that file:

SetEnvIfNoCase Referer “^http://www.your-domain-name-here.com/” locally_linked=1
SetEnvIfNoCase Referer “^http://www.your-domain-name-here.com$” locally_linked=1
SetEnvIfNoCase Referer “^http://your-domain-name-here.com/” locally_linked=1
SetEnvIfNoCase Referer “^http://your-domain-name-here.com$” locally_linked=1
SetEnvIfNoCase Referer “^$” locally_linked=1

Order Allow,Deny
Allow from env=locally_linked

Change “your-domain-name-here.com” to your real domain name. If your site can be accessed using other domain names (eg “www.your-domain-name-here.net”), be sure to add an additional SetEnvIfNoCase line for each of those domain names (with the URLs appropriately changed to the URLs of your domains. On the other hand, if your site can only be accessed using one domain, for example, using only “www.your-domain-name-here.com”, then delete the line with “http://your-domain-name-here.com”. The cut and paste code above caters to the usual case where most sites can be accessed with or without the “www” prefix.

Do not correct my spelling in the code snippet given above. “Referer” (with only one “r” in the middle of the word) is the word that needs to go into the .htaccess file – do not change it to “Referrer”.

That’s all there is to it. The above file should protect all images that have “.gif”, “.png”, “.jpg” and “.jpeg” extensions.

Remember to use an ASCII text editor (also known as “text editor” or “plain text editor”) to create the .htaccess file. Do not use Microsoft Word or Wordpad. Notepad (found on all Windows systems) is fine.

Explanation: .htaccess to Block Unauthorized Image Usage
Whenever a browser sends your web server a request for an image, it usually also sends the URL of the page that linked to that image. The above .htaccess file causes the server to check this URL (“Referer” in the above snippet) and if it is one of the authorized URLs that you specify, it will set an internal flag called “locally_linked”. This internal flag is technically called an “environmental variable”. If the URL sent is not in this list of authorised URLs, the flag (or environment variable) is not set. Note that we also set the “locally_linked” variable if the browser does not send any URL at all: this occurs when the visitor accesses your site using a browser or a proxy that suppresses the referring URL.

The web server then checks if the file requested has an extension in the list given above (gif, png, jpg and jpeg). If so, and the “locally_linked” variable is set, it will send the image. Otherwise it an error will be sent.

What Happens When A Bandwidth Thief Links to Your Image
After you create the .htaccess file, if some other site tries to link to your image from their site, they will find that the image will not display on their site. On the other hand, your images should generally load fine on pages on your site.

Potential Problems
Like the PHP solution, this method relies on the HTTP_REFERER variable (the variable that contains information about the referring page) being properly sent by the visitor’s browser. A number of modern browsers as well as some of the anonymous surfing proxies and firewalls allow the user to change this header. These browsers or proxies will thus either transmit HTTP_REFERER headers that have some user-specified value or not bother to transmit them at all. There are also buggy browsers around that unpredictably transmit the wrong HTTP_REFERER header on occasion.

When this occurs your visitor will either not view the image even when he is on your site (which means that your own page will have broken link images), or he may be able to view your images even when it is displayed on the copyright infringing thief’s site.

Hopefully the percentage of people who encounter this is small, but you have to be aware that these situations do occur.

Copyright Infringement Issues And Alternative Solutions
Besides the issue of paying for some other websites’ traffic when a bandwidth thief links to the images on your website, there is also the issue of copyright infringement. When someone links to your proprietary images in order to decorate their pages, that person has actually infringed on your copyright.

In addition to using the .htaccess file to protect your images, you may also want to send the offending webmaster an email and/or a letter explaining that he/she is violating your copyright and asking him/her to stop the infringing practice. Sometimes that simple message would more than suffice.

If that does not work, you can always inform his/her web host of the copyright infringement. Reputable hosts are often very careful about hosting sites which infringe copyright. You will have to furnish proof, of course. If that does not work, you can try complaining to the upstream bandwidth provider. And finally, of course, you can get a lawyer.

I mention the above because sometimes, in the search for a solution to protect their bandwidth, people forget that they have rights that they can legally enforce through other means as well. I suppose this problem of overlooking alternative solutions applies particularly to the more technically savvy people, who tend to look for a software solution to everything even when there might be a simpler approach!

Copyright 2001-2003 by Christopher Heng. All rights reserved.
Get more free tips and articles like this, on web design, promotion, revenue and scripting, from http://www.thesitewizard.com/ or subscribe to the FREE newsletter by sending an email to subscribe@thesitewizard.com.

This article can be found at http://www.thesitewizard.com/archive/bandwidththeft.shtml

Related Pages
How to Set Up a Custom 404 File Not Found Page on Your Website

How

to Protect Your Images From Bandwidth Thieves (PHP Solution)

How to Create Image Rollovers on Your Site (JavaScript)

What is favicon.ico?

Tips on Choosing a Good Domain Name for your Website

Which Web Host Would You Recommend? (FAQ)

Accepting Credit Cards on Your Website (without a Merchant
Account)

My Biggest Website Regrets

Free HTML / CSS Editors, Free Web Editors

 

New Articles / Pages
HTML and CSS Validation: Should You Validate Your Web
Page?

How to Use Different CSS Style Sheets For Different Browsers (and How to Hide CSS Code from Older Browsers)

How to Check Your Website with Multiple Browsers on a Single Machine (Cross-Browser Compatibility Checking)

Mozilla Composer Tutorial 3: Creating Data Tables

Free Mailing List Hosting Review: Yahoo! Groups

Glossary of Frequently Used Webmaster Terms

Your Website’s Spelling and the Search Engines

The Changing Face of Email Newsletter Publishing: Tips for
Newsletter Publishers

Set up an ISA Server with a Cable Modem Connection.

27 Feb

In this tutorial we will look at how to setup and configure ISA Server to work with a Cable Modem connection that uses dynamic IP address allocation.

Perform the following steps to setup your ISA Server to work with a Cable Modem:

First, install the cable modem. After the cable modem is installed, open a command prompt and type the ipconfig /all command. You should see what appears in the figure below. Make a note of the physical address of the cable modem.

From the Run Command, open Regedt32. When a new Network Card is installed and your IP address isn’t specified, Windows 2000 will automatically assign it an address using Automatic Private IP Addressing (APIPA). To disable APIPA, you need to create a key in the Windows registry at HKEY_LOCAL_MACHINE -> SYSTEM -> Current -> Control -> SetServices -> TcpipParametersInterfaces[your_adapter’s_MAC_address]. Create the Value IPAutoconfigurationEnabled and set it to 0x0.

Restart the server for the changes to take effect. Now, open a command prompt and type ipconfig /all. Note that the IP address of the adapter Cable Modem is now configured to 0.0.0.0 and that the parameter Autoconfiguration Enabled is now set to No.

Open the ISA Management console, expand your server or array, and then expand the Access Policy node in the left pane. Click on the IP Packet Filters node, and then double click on the DHCP Client packet filter.

On the General tab, enable the DCHP Client packet filter by putting a checkmark in the checkbox for Enable this filter.

On the Filter Type tab, leave the default settings and do not change them.

On the Local Computer tab, choose the option This ISA Server’s external IP address and type 0.0.0.0.

On the Remote Computer tab, you need to specify the IP address of the remote DHCP Server. If you don’t know the address of the remote DHCP server, type the ipconfig /all command after restarting the computer. You DHCP server’s address should be listed there. After you obtain the DHCP server’s IP address, select the This remote computer option and type in the IP address of the DHCP server. Click Apply and then click OK.

Restart the ISA Server. Your Cable Modem should work fine! Open a command prompt and type ipconfig /all. You should see the IP addressing information assigned to your Cable adapter.

Note: if the cable connection still does not work, you need to stop the Microsoft ISA Server Control (isactrl) and type ipconfig /renew at the command prompt. Then restart the ISA Server Control service.

To stop the ISA Server Control Service, open the Services applet from the Adminstrative Tools menu. Right click on the Microsoft ISA Server Control and stop it. Then issue the ipconfig /all command. After issuing the renew command, restart the ISA Server Control service by right clicking on it and clicking Start in the Services applet.

Run ipconfig /all again and you should find joy!

Edited by Thomas W Shinder MD MCSE

Author: Alexandre Cavalcante Alencar
Technical Support / Director
Aspec – Assessoria, Processamento e Contabilidade S/C Ltda
Microsoft Certified Partner
http://www.aspec.com.br
Phone: +55 (85) 254-3223
Fax: +55 (85) 254-4779
Cell: +55 (85) 9995-3649 / 9995-3302

Alexandre Cavalcante Alencar is a technical support / director of Aspec,
develop, support, consulting, account firm located in Fortaleza, CE Brazil
specializing in account software. Current project is to develop a practical
how to manual for the ISA Server and Windows 2000 OS Server/Professional.

Making Money From Affiliate Programs

27 Feb

Affiliate programs are a great way to generate income if you don’t have a product of your own to promote yet. You know that already. But it’s NOT, despite what you’ve heard, just a simple matter of signing up for this or that affiliate program and placing free and paid classified ads all over the place to generate traffic to the Website they give you or to get people to click on your autoresponder link. There’s more to it than that. Much more.

When I started out in this business in May 1999, I signed up for Cookie Cutter. Like many of you I thought that I could simply absorb the information provided and then resell it to others. I followed all the advice about advertising in other people’s ezines and all of that. I looked forward to some very round numbers. Well, I got one alright. A big fat ZERO. And that’s how it stayed until I realized the truth. That if I was going to make any money in this business I had to start from scratch. In saying that, I don’t want to take anything away from Cookie Cutter. It was and is a marvelous product in terms of what it can teach you in a very short period of time if you’re starting from ground zero. (Debate rages about its merits in terms of a business opportunity but that’s another story.)

In this article, I tell you what worked for me. It’s nothing earth- shattering or particularly profound. It’s simply reality and common sense. Here’s what you need to do to make any significant income from promoting other people’s products.

YOU NEED A WEBSITE
Sorry, but yes, you do. A lot of people pushing their affiliate program will tell you, if you ask the question “Do I need my own Website?”, “No, you get this beautiful 25 page Website for free!” Great. How are you going to get people to visit it? And how are you going to get people to visit YOUR YouBeaut.com Website in preference to everyone else’s YouBeaut.com Website (all 50,000 of them)?

Well, let me tell you, the time, effort and expense you would have to spend would be MUCH better invested in your OWN unique and interesting Website that will attract traffic simply because it IS unique and interesting.

That said, you pick your affiliate programs to fit in with and complement your Website Not the other way around. You do NOT create your Website to fit in with and complement your affiliate programs. So, start with what you know, what interests you, what you’re passionate about. THAT should be the subject matter of your Website Then, and only then, should you start researching which affiliate programs out there fit in with the Website you have created. More about that later.

YOU NEED AN EZINE
You should support your Website by publishing an ezine at least on a monthly basis but preferably weekly. Why? A few reasons:

First, it reminds your readers that your site exists (assuming they signed up at your site in the first place) and hopefully prompts them to visit again.

Second, you develop a targeted mailing list of subscribers interested in the subject matter of your ezine and subscribers that you can direct mail to (judiciously, of course).

Third, you can accept paid advertising in your ezine once it hits 1000 subscribers or so and fourth, you can use it to advertise your affiliate programs.

In addition, assuming you take your ezine publishing duties seriously and it’s not a mere regurgitation of other people’s articles without any purpose other than to keep your name in front of an audience (and an ever-decreasing one it will be if that’s all you do), you can use it to develop your reputation as an expert in your field by making the original articles you write for your ezine available to a wider audience by submitting them to other ezine publishers. Believe me, there’s no shortage of ezine publishers out there who rely exclusively on other people’s work!

Establishing your own Website and ezine takes serious time and work. You can’t build either in a weekend. It will take you several weeks of effort to get it into good enough shape to take it public (and even then you won’t be satisfied but you have to start at some point). And it will take several more weeks of time and effort publicizing the fact that your Website and ezine exist and to start seeing some traffic trickling in.

SELECTING AFFILIATE PROGRAMS
Once you have an established Website and ezine, you can start using them to promote your affiliate programs in a serious way. You can, of course, start promoting affiliate programs from day one, it’s just that you won’t see any results until you reach what I think of as the “established” stage. By this I mean you have a few hundred subscribers to your ezine and maybe a hundred unique daily visitors to your Website These numbers are on the very low end and your sales will reflect that but you’ll at least be on your way by this point.

Once you reach the “established” stage, you need to be very selective about the affiliate programs you choose because you are only going to select a very few of them and they need to be good performers. Some Internet marketing so-called experts will tell you to pick one or two programs and market them exclusively for big returns. That’s good advice on one level – it keeps you focused, and that’s important – but on the other hand you’re at the mercy of the owner of the affiliate program. If they go out of business so do you.

So, pick a small handful of programs to promote but make sure they complement each other (so that someone who is interested in one program is likely to be equally interested in the others). It should be obvious but it bears stating – don’t pick programs that have no relevance to the subject matter of your site! Your chances of selling to your Website visitors are much higher if what you sell is closely related to the subject matter of your site. It was the subject matter of your site that attracted them in the first place. They are already a qualified prospect if what you sell from your site is relevant to that subject matter.

COMMISSION STRUCTURES
If you have a mega traffic site, then you can make up for in volume what a particular program’s commission structure may lack in terms of straight dollars.

But if you have a lower traffic site, then you need to make sure your traffic is very targeted, but go for higher commission programs.

In other words, if you’re a mega traffic site, by all means sign up with Amazon.com and make maybe three bucks a sale. If you make a hundred sales this week you’ve got three hundred bucks you didn’t have before. But if you’re a lower traffic site, focus on making just three sales a week of a product that pays a hundred bucks a pop and you’re even with your mega traffic brethren in the commission stakes.

My current best selling program earns me $90 a sale. I don’t do anything different to promote that than I do the program that makes me $20 a sale. If it takes the same amount of time and effort to make a sale from each program, why wouldn’t I focus my energies on the $90 commission product?

Contrary to what many believe, it is no harder to sell a $247 product than it is to sell a $50 product. Don’t prejudge your audience. Make sure you offer programs that are relevant to their interests (and which you’re proud to promote – that should go without saying but just in case …) and the mere fact that you’re bringing targeted buyers and highly relevant products together will do the rest, statistically speaking. Never, never forget – making money in an online business is a numbers game, pure and simple. Generate enough traffic and you’ll generate sales. But if you generate traffic that doesn’t match your product line, forget about it.

MISCELLANEOUS CONSIDERATIONS
To finish off, here’s a few miscellaneous considerations to take into account when selecting your affiliate programs.

How Long Do the Cookies Last?
Always go for programs that will credit you with the sale even if the customer doesn’t buy on
the first visit. That high paying program I mentioned above? 90% of the sales come from the follow-up messages sent by the owner of the program once I give him the lead.

That’s pretty typical of all affiliate programs. You’ve heard that it takes an average of seven exposures to a message before a prospect will buy, right? Well, what happens to your commissions if you only get paid for direct sales (i.e. where the customer buys on the first visit following a direct link from your site)? Right. You get maybe 10% of the commissions you would have earned from the program if the customer was tagged as yours for a period of time (and preferably for life).

Always read the terms and conditions of the affiliate program carefully before investing your time and effort. If it says anything like “if customer later makes a purchase on a repeat visit that does not originate from your link, you will not qualify for a commission on such sale” keep looking.

Some programs will place a cookie on the customer’s hard disk for 45 days or so which means that if that customer returns in three weeks to eventually make a purchase, that customer will be identified as “yours” and you will get the commission. Some programs even offer “lifetime customers”, that is, the customer is yours for life even if they come back in three years time and buy a completely different product.

Stats Reporting
Look for real-time reporting of statistics including hits and sales. Then check to make sure that the hits the affiliate program records are in line with your own stats tracking. This is easy to do. I use Roibot to track all clicks I’m interested in monitoring whether it’s a program I’m promoting or whether I’m just interested in how many people click on a particular link to an article, for example. (To check out the Roibot suite of marketing tools, click this (Roibot) link: http://www.roibot.com/).

Frequency (and Amount) of Payments
Some programs will only pay once you accumulate a certain amount of commission dollars. That’s OK … it keeps admin costs down and therefore makes more of the profit available for payment of generous commissions … but if it’s disproportionately high compared to the amount of the base commission, consider another program.

If it takes you a year to accumulate $50 in commissions, ask yourself how likely is it that this particular company will still be around in one years? Even if you have no concerns on that score, if it’s taking you a year to accumulate $50 worth of commissions, this is not a program that’s giving a particularly good return on your investment of time and effort. Look for something more productive.

How Long Established?
Related to the previous discussion, think twice before investing too much time and effort on newly established programs. Add these to your portfolio by all means, but make your staple programs the tried and trues.

What is Their Policy on Spam?
Nothing irritates me more than to receive spam from someone promoting one of the programs that I promote (well, OK, other things do irritate me more but you get my point). Not because I get into a tizz about spam per se (unlike apparently 90% of the Internet population I have more important things to worry about), but such tactics bring the program into disrepute because it suggests that the owner of the program condones spam and if the owner of the program condones it, how much value does he or she place on the program? Not much.

So look for programs with strict anti-spam policies.

SLOW AND STEADY WINS THE RACE
Finally, a word about patience. This is a slow and steady wins the race game as well as a numbers game. Don’t spit the dummy, throw in the towel, chuck the Glomesh onto the shagpile (or whatever your vernacular equivalent of a dummy spit is) because you don’t make a single sale in your first month with a new program.

By all means take a closer look at how well the product fits in with the demographics of your audience (Website and ezine) but if it’s a good fit, don’t throw the baby out with the bathwater (enough with the metaphors already, OK). Instead, refine your marketing approach, tweak your ads, brainstorm for more creative ways of promoting the program.

Don’t just write the program off as bad until you’re sure it’s not going to work for you. There may be some peculiar demographic factor common to your group that you’re not aware of but until you’ve given it a good try, don’t assume that’s the case.

As a general rule, so long as you’re sure that the product is a good fit, work with it for a year to give it a real chance of performing for you. The Internet landscape is strewn with the carcasses of would-be successful entrepreneurs whose only mistake was giving up too soon. Don’t be one of them.

——————————————————————————–

About the author: Elena Fawkner is editor of A Home-Based Business Online … practical home business ideas, resources and strategies for the work- from home entrepreneur. http://www.ahbbo.com

Entireweb Newsletter