Some time ago, a client asked us to set up their adCenter account. It had been running smoothly with minimal attention. We do not spend much time with it because the spending is modest. Microsoft emailed us because the payment method was expiring. I forward the correspondence to our client with their login credentials, and ask him to update the payment method. (I prefer not to handle payment credit card info.)

My client attempted to update the expiration date on his card and succeeded, but somehow he accidentally de-activated the account. I spent a few minutes trying to re-activate the account. Apparently there is no option to do that. I then started an online chat with Microsoft Support and ask them to restart the account. Incredulously, support can’t reactivate the account. They suggested opening a new account.

We don’t want to waste the time or effort to open a new account. Nor do we want to lose ready access to all the account history. We decided that Microsoft adCenter is lower priority than other things we could now do to generate ROI, so they have effectively lost this client.

With any Web 2.0 user interface, users will accidentally hit the wrong button. It’s guaranteed to happen. Every action needs to be undoable for a reasonable length of time.  More significantly, when Microsoft is in second place, they cannot afford to offer bad usability and disempowered customer support.

Another challenge Microsoft faces is that their UI does a really poor job of supporting agencies. While writing this column, I wanted to login and get the specifics of what I don’t like about their system for linking client accounts to an agency login, but alas, I ran into this problem:

Microsoft adCenter is experiencing problems

Microsoft adCenter is experiencing a problem that prevents it from continuing. Information that can help resolve the problem is now being sent to the adCenter site maintenance team. You can return to the Microsoft adCenter sign-in page now, or sign in again later. We apologize for the inconvenience, and thank you for your patience.

More Ways Microsoft Can Improve AdCenter Usability

What I’d really like is for Microsoft to take a good look at Google’s My Client Center. I need to be able to easily link and unlink client accounts to my login. I need to be able to provide employees with an account that they can use to access all of my accounts.

As of now, when I add an employee to adCenter, I need to go into each customer account and give them access.  This is a huge pain, enough to make us not want to bother with adCenter for all our smaller B2B customers.

Microsoft adCenter has been in the market for years. Why aren’t these features available yet? Doesn’t Microsoft understand that most business owners don’t have the technical skills to set up their own PPC accounts? The path to getting all these small businesses to advertise is to make it frictionlessly easy for ad agencies and consultants to set up and manage PPC account for clients.

Over the years, I’ve put hundreds of clients into Google AdWords, but just a few dozen into adCenter. Until Microsoft improves their user interface, they will continue to miss opportunities.

Another peeve is that adCenter does not display cost per conversion. I have to run a report or put data into Excel and then cross reference. That’s hugely inefficient.  The cost per conversion data should be available in the management console on the same screen where I can change the bid. That is the single most critical piece of information necessary to manage bids.

How about ecommerce tracking? Why doesn’t adCenter allow me to track the value of sales so that I can discern the value per click? Does Microsoft not want me to be able to calculate return on investment (ROI)?

Google AdWords lacks this feature too; they’ll show value per click, but not ROI. Yahoo! used to show return on ad spend (ROAS), which was great. Microsoft, why don’t you leapfrog Google and show us ROAS the way Yahoo! used to?

Finally, Microsoft should support Chrome and Safari. It doesn’t help sell more ads when you disrespect the customers’ choices of software and hardware. A less fancy UI that is more solid and more widely compatible would be worth more to me, and I would bet, many other advertisers.

Hacking

Matt’s Cutts recently stated on the official Google blog that, for the fifth year in a row, they will be placing a lot of emphasis on hacked sites in 2011. In 2007 Google started scanning sites for malware and removing them from search listings. At the time Google said, “In the past year, the number of sites affected by malware/badware grew from a handful a week to thousands per week.” In August 2009 Google said, “[W]e have seen a large increase in the number of compromised sites since April. The number of entries on our malware list has more than doubled in one year, and we have seen periods in which 40,000 web sites were compromised per week.”

Malware is inserted in sites by hackers looking to build botnets that can then be rented out for criminal purposes. But not all hacking results in malware deployment. Some hackers are black hat SEOs looking to do link building. When Google detects spam links, they can ban the site, or I think more appropriately, label the site as hacked.

This year I had a client suffer this type of hacking. Another SEO performed a site review, and referred the client to me to fix everything that was wrong. Among the items to be repaired were some oddball links that kept appearing in their header and footer. We’d take out the links, and they’d appear again in a few hours. Apparently the server had been compromised and a hacker had uploaded a php file that would deploy the links. Finding this file among the many thousands of files on this ancient (yet highly profitable) website was the first step. Removing the script helped, but to be safe I convinced the client to switch to a better hosting provider, and they’ve had no trouble since.

How can you prevent hacking? Use a good hosting provider and don’t share File Transfer Protocol (FTP) passwords. Use a unique, strong password for each user for each site. When somebody no longer needs access to a site, cancel their FTP account. If possible configure your web server’s firewall to lock down FTP and web hosting control panel access to the IP addresses where your computers are located. This will prevent anybody from getting in, even if they have stolen or guessed a password. Passwords are typically compromised when one of your developers gets a malware infection on their computer. Given enough time and developers, this is very likely to happen.

Backups

Backups are critical. If you get hacked, or more commonly, make a mistake editing your site, you need to be able to go back to a working version. Too many people assume that their hosting provider is taking backups, only to discover that when needed, the backups aren’t helpful. Ask your provider how often they take backups, what they back up, and how long those backups are retained. Some providers take seven days of rolling backups. If you have a problem, you need to discover it within seven days or you are out of luck. Other providers may take a monthly “image” of your virtual private server. Restoring that backup could take your website, database and email boxes back a month—not something you would want to do. Hosting is a commodity business where cutting corners is rewarded with additional profit. Many hosting provider backups are grossly inadequate.

Another reason to have reliable, up-to-date backups is in case you get into a dispute with your hosting provider or web developer—or they suddenly disappear. If you don’t have your own copy of the latest code, your negotiating position will be much more complicated. Yes, you can hire a lawyer and force the other side to hand over your code and data, if they retained it, but why would you want to suffer that delay and expense? Over the last year I’ve had two clients get into this situation, and it cost them a bundle. Your best option is to choose a third party backup provider so that you don’t leave the fox guarding the hen house.

Site Scanning

All those scanning services that tell people your site is safe are nothing more than security theater. Notable security expert Merrick Furst told me that the best scanning available only detects 30% of threats. Most modern threats are polymorphic, which means that the code changes from instance to instance in order to defeat scanning algorithms. Real security requires verifying the files on your server to ensure that none of them have been tampered with. File integrity monitoring (FIM) systems can do that for you, but they require an expert server administrator. Even without such a system you can reduce your risk by clearing cruft files from your server, periodically inspecting to make sure no unexpected files have appeared, and making sure that the latest timestamps on your files match the last time you edited the site.

Parasitic Hosting

Even if you don’t have a high volume site, there is a risk that cybercriminals could abuse your servers as a platform for distributing malware, sending spam, or launching denial of service attacks. Do you have a portfolio of trusty old websites that you don’t pay much attention to? Those are an attractive target for parasitic hosting. The bad guys can have their fun, misusing your server, your brand and your trust. Meanwhile, you suffer the loss as your virtual property becomes blighted and develops a bad reputation. If you have sites and servers running on autopilot, you need to check them periodically to make sure they aren’t being abused. File integrity monitoring can help, or you can inspect server logs to look for suspicious web traffic.

Denial Of Service Attacks

This year I had a client who was repeatedly hit by denial of service attacks emanating from China. The client believed that a competitor was responsible. The site went down repeatedly for days at a time, and eventually the hosting provider, Earthlink, cut off the victim’s hosting service because the attacks were impacting Earthlinks’s data center. My recommended replacement hosting provider was able to fend off the attacks. It pays to use a competent hosting provider so that your site doesn’t get taken down by an unscrupulous competitor. The cost of web site and email disruption is much greater than the cost of buying the best available hosting. When selecting a hosting provider, look for somebody who has a reputation for responding quickly and is technically competent. Hosting is often priced as a commodity service, but not all hosting is the same quality.

PCI Compliance

What this jargon have to do with search marketing? PCI stands for payment card information. If your conversion action is to take somebody’s money, you may be handling payment card information. Deep in the contract between you and your merchant processor, there is probably a clause that says your site must be certified “PCI compliant” by a vendor such as Trustwave, or else you are liable for hundreds of dollars per customer record if there is a data security breach on your site. In other words, if a hacker steals credit card info from your site or database, you will be sued out of existence. To top if off, states have laws that require you to notify their attorney general and every one of your customers in that state if you suffer a data security breach. This recently happened to one of my friends. It cost him $50,000 in legal fees, printing and mailing costs just to send out the required notification letters. The guy couldn’t sleep for months, worried that he was going to get sued for ten times that amount by Visa.

An excellent approach to solving PCI compliance is not to store or handle any credit card information on your site. You may be able to fob the entire problem off to Google Checkout or Paypal. If however, you have an osCommerce cart, XCart, ZenCart or similar site, and you store customer credit card numbers in your cart’s database, you definitely need to start asking questions. I once found an unencrypted database backup file containing thousands of customer credit card numbers, expiration dates and addresses in the top level directory of a site. It was a half-million dollar penalty waiting to happen. Can you afford to run that risk?

The Importance Of Managing Risk

Risk is an unrealized expense, possibly one that could put you out of business. Now would be an excellent time to review your risk exposures and start managing them properly. Your website is a valuable asset, possibly as valuable as your car, home or office building. You probably have an alarm system and insurance on those assets to protect against loss or liability. Shouldn’t you treat your websites with the same level of care?

If we allow the open internet to become overrun with malware and hacked sites, users will flee to the protection of walled gardens. That would be a very bad thing for search marketers and search engines alike. So let’s work together to confront these problems.

Back in 2008 Google reported that malware infected pages had increased to more than 1% of all search results. Google posted a malware statistics update last week. Malware infections have more than doubled since April 2009. Search results containing a url labeled as harmful have remained level in the range of 0.5% to 0.9%, an improvement. While the web as a whole has become more dangerous, Google’s been doing an even better job clearing their search results.

I know one reason why there’s been a dramatic rise in malware on the Web since April. A nasty malware attack has been targeting web developers to steal their passwords. Stolen passwords are used by the bad guys to automatically deploy iframe injection attacks to innocent web page.

If you access web sites via File Transfer Protocol (FTP) or Secure File Transfer Protocol (SFTP), this attack is targeting you. All you need to do is browse an infected page using an insecure browser. Badware will be deployed to your machine, and it will find the files used by FileZilla, or possibly other FTP programs to store passwords, and silently send those files back to a server in China. Then an automated bot attack will use FTP to edit your web pages, infecting them with malware. Then your sites will drop out of the search results. Can you image the uncomfortable conversations when all your sites get hacked at once and you have to admit responsibility?

What can be done to reduce this risk of search Armageddon?

1. Use a more secure browser such as Chrome or Firefox with the NoScript add on for routine browsing.
2. Don’t use any FTP program that stores passwords locally in plaintext, such as FileZilla. To date, Dreamweaver has not been reported to have been compromised. Dreamweaver encrypts passwords and stores them in the Windows registry.
3. Consider using a Mac or Linux instead of Windows. As the most popular operating system, Windows is the most popular target for attacks.
4. Make sure your machine and server are fully updated and patched. Turn off unnecessary services and software to reduce the attack surface.
5. Register your site with Google Webmaster Tools and Bing Webmaster Center. Check regularly to see if there are any malware reports (or other issues) with your sites.
6. If you suspect a malware infection, check Unmask Parasites,
7. View your site’s reputation at McAfee SiteAdvisor.
8. Reduce the number of people and computers that have access to your web server.
9. Keep a backup copy of your web pages. In case of infection, it’s a race to see if you can fix the site before search engines (and users) discover the problem and dump you.
10. Choose the hosting provider that has the quickest response time, not the cheapest price. If your site gets hacked, you may need their help to change all the passwords.

As the web becomes more dangerous, customers become more suspicious, reducing opportunities for everyone. Please do your part to make the web safer, and to reduce your risks.

About a month ago Monitronics had deployed a new site built with DotNetNuke and the Solpart version 1.7.2 menu system. You can see what technologies were used by reading the comments in the source code. DNN is an open source framework for building websites that run on ASP.NET. DNN’s Solpart menu system relies on JavaScript.  In the past I have recommended ripping out that menu system and using something else.  Like most companies working with DNN, Monitronics just went with the default menus.  When I visit their site with scripting disabled in my browser (Firefox with the NoScript add-on), I see nothing: no main menu items, and no drop downs.  In former times, this would have been a bad omen for SEO.

As promised, Google has spidered the new JavaScript menus.  The Google cache shows all the menu items, lined up in a neat list with links fully operational.  Google is also showing reasonable Sitelinks for a search on [Monitronics], which is a good indication that the site has been properly spidered.  When I look at the Yahoo cache, I see the main menu text, though not the drop downs.   Yahoo has cached the text generated by JavaScript rather than the Javascript code itself. However, Yahoo has failed to spider the drop down menus and failed to extract the menu links.  When I visit Microsoft’s cache, all the menu links are there, organized in the same neat hierarchy as shown in Google’s cache, and the links work.  When a website is built with Microsoft technology, I’d expect the Microsoft search engine to be able to decipher the code, and it seems like Microsoft is doing a good job reading DNN JavaScript menus.

Does this mean we can forget about search engine friendly menus?  I would not ignore the issue, but before investing resources in a new menu system, I would check the performance of the old system.  If something is working, or partially working, it might be better to put those resources towards another priority. Getting good performance from Google and Microsoft, and having Yahoo index a site via its sitemap is perhaps 90% as effective as having fully spiderable menus.

In November DNN posted a note that their newest menu system, version 1.8.0 is “SEO compatible”. Perhaps Yahoo’s spidering capabilities will soon catch up with Google’s and Microsoft’s. Depending on the potential traffic that could be generated by interior pages of a site, the web site owner needs to decide whether it is worth the investment of redoing a menu system to gain that final 10% performance, or whether procrastination might be an effective strategy. In 2009 I think Google and Microsoft will master JavaScript, Yahoo will follow and SEOs will have fewer menu gripes.

PostScript, January 12, 2009: Upon investigation of reader comments, it appears that DNN’s menu system includes a user-agent cloaking module.  Some details are available in a thread at the DNN Community Blog.  Apparently the module serves up search-friendly menus when the user agent matches a search engine spider.  The Firefox User Agent Switcher provides a method of testing.  First, install that add-on, and then import a list of user agents, such as this one.  Switch your user agent to Googlebot, Yahoo Slurp, or MSNbot to see the same pages as appear in all three search engine caches.  Oddly, the cloaking module does not provide correct output for Yahoo.

People debate whether this sort of cloaking is black hat or accessibility programming.  It appears that the search-engine version of the page is identical in content to the one served to users.  There appears to be no deception.  In addition, I think it would be odd for the search engines to ban a large number of sites built using a common menu system, the details of which are probably not apparent to the majority of webmasters managing these sites.  It remains an open question whether the search engines could read these menus without the assistance of friendly cloaking.

Nevertheless, the essential advice of the article remains correct.  Before replacing a menu system, check the actual performance.  Don’t assume that a menu won’t work with search just because of JavaScript.  Search engines claim to be able to read JavaScript, and some menu systems provide their own code fixes when they detect a search engine spider.

To make matters much worse, McCain’s home page layout completely breaks when Javascript is disabled, placing the golf gear tab dead nuts at the page’s focal point. McCain’s menus also fail, which probably does not help the search rankings of his inner pages. Those who heard my spiel at SMX Advanced Developer Day know that I browse with Firefox and the NoScript add-on for the sake of security, and to help identify usability problems with websites.

Barak Obama’s webmaster seems to have done better. Obama’s home page is fully functional with scripts disabled. Even the pop up menus work, because they’re driven by CSS.

Only about 2% of desktop users browse the web with scripts disabled, but these users often have a larger than average voice on the Internet. For instance, Googlebot ignores most scripts.

Google released a similar product, called AdWords Editor, on January 24, 2006. AdWords Editor has been popular with advertisers and agencies, especially those managing large campaigns because it allows bulk editing of multiple entries and easy movement and copying of campaigns, ad groups, ads, and keywords within accounts.

Natala Menezes, Product Manager for Microsoft adCenter, said, “Our vision is a desktop client version of adCenter, fully functional, not just an editor.” In addition to the features provided by Google’s AdWords Editor, Microsoft adCenter Desktop also provides tools to help advertisers research and select additional keywords.

Microsoft lags behind Google and Yahoo in market share for pay per click (PPC) advertising. One problem faced by Microsoft has been advertisers’ reluctance to spend the time and effort to develop and expand ad campaigns for Microsoft’s 6.3% of the market, versus Google’s 67.9%. Microsoft hopes that adCenter Desktop will reduce “friction” by making it easier and faster to build Microsoft ad campaigns.

Reducing friction for advertisers is just part of Microsoft’s battle against Google. Yesterday Microsoft announced a deal with HP to provide Microsoft Live search as the default feature on new HP computers. “Search still has a unique value proposition. It is not a commodity today,” said Menezes, who emphasized Microsoft’s commitment to winning a larger share of the search market by providing a better service to users and better quality clicks to advertisers.

Moves by Microsoft to intensify competition against Google are likely to be welcomed by the search marketing industry. Industry analyst Jim Hedger of Webmaster Radio said, “I think most people in the search marketing community supported the Microsoft attempt to acquire Yahoo!, not because it was the best thing for Microsoft or Yahoo!, but because it would create competition in an area where there isn’t any currently. Competition is good. It keeps prices down, refines systems, and keeps all players honest.”

Advertisers in good standing, meaning those who are in compliance with adCenter terms and conditions and who have an active account, are eligible to join the adCenter Desktop beta test. “Go to the online form. If you are qualified, you will probably get access fairly quickly,” said Menezes.

Jonathan Hochman has two computer science degrees from Yale. He is a principal of Hochman Consultants, an internet marketing firm.

1. Don’t repeat yourself. Use server side includes for headers, footers, menus, and standard <head> items such as links to CSS documents and external JavaScript files.
2. Balance tags in server side includes. If an include file starts with <div> it should end with </div>. This way each file can be viewed in Dreamweaver design view, and includes files do not depend on each other.
3. Place JavaScript in external files and reference them as needed.
4. Each page must have a unique <title> and <meta name=”description” content=”This is a sample.”>. Don’t put these in server side includes.
5. The title should be <title>Name of Company – Name of Page</title> or <title>Name of Company – Name of Category – Name of Page</title> unless you are told otherwise.
6. The description should be the first one or two meaningful sentences of content unless you are told otherwise.
7. Please make all links and references to images, CSS and JavaScript root relative by starting them with a slash, "/". If you use Dreamweaver, set the “Links relative” option to “Site root” in the Site Definition wizard. Root relative links don’t break when files are moved from one directory to another.
8. Too many files in one directory makes things hard to find. Use subdirectories.
9. Run your code through a validator and keep it clean. Removing trivial errors makes real errors easier to spot.
10. Use CSS with HTML elements like <div>, <span>, <p>, <h1>, and so on, to format things. Only use layout tables when they produce better results or cleaner code than CSS.
11. Use heading tags, unordered lists and numbered lists to organize content rather than spacer graphics and nested tables..
12. Consistently use the simplest URLs. Link to “/” instead of “/index.php” or “/news/” instead of “/news/index.php”.

These recommendations may help sites work better, make pages look good on different browsers and mobile devices, cause pages to load faster, save money, and boost search traffic. If you’d like to discuss or debate these ideas, meet me at SMX Advanced Developer Day.

Jonathan Hochman has two computer science degrees from Yale. He is a principal of Hochman Consultants, an internet marketing firm.

Success in search marketing campaigns often depends on the nitty-gritty details of execution. That is why I have spent a lot time investigating different tools that help automate our work flow and promote teamwork. One of my favorites goes by the apt and clever name of Subversion.

Subversion, also known as SVN, is free open source software that provides revision control of source code, web pages, and other documents. Revision control means that all current and past versions of each file are saved, with notes about who edited them and what they did. If a bold change goes terribly wrong, a few clicks restores a prior version of the site. Revision control also permits multiple editors to work on the same files without wrecking each others’ work. After updating their local files, everybody can be confident that they have the latest versions. Most edit conflicts are automatically resolved.

Revision control software is much more efficient than ad hoc arrangements such as emailing files back and forth or using Dreamweaver’s FTP synchronization feature. A web server is for serving web pages, not for syncing files. Our Subversion server provides much faster data transfer, and Subversion tracks changes line by line, so it only transfers the lines that have changed, rather than whole files, saving even more time.

Here are a few situations where Subversion helps most:

Eliminating the IT bottleneck. When a website is hosted in-house, the IT department often does not provide web server FTP access for security or management reasons. They usually want to control all changes, rightly so, because they are responsible. However, IT staff are busy or may lack experience in search optimization. It normally takes three times longer to teach a client how to fix their own website than to just do it for them. IT departments like Subversion because it saves them time and provides an audit trail and a reliable backup copy of the website in case the server ever suffers a meltdown. When a client is on Subversion, even if I do not have FTP access, I can still grab the latest copy of their website, make the necessary edits, and commit them to the repository. Then I ask the client to pull updated files from the repository, review the changes on a development server, and release them to the live site. Verifying and releasing a website update is faster, and requires fewer skills, than editing.

Replacing content management systems. One of the selling points for content management systems is that clients can edit their own website, especially when multiple people are involved. Content management systems usually introduce design rigidity, causing website improvements to take longer and cost more. When websites have a catalog with thousands of parts, or a shopping cart, a content management system is obviously necessary, but when a website is just brochure-ware, content management systems can be a poor investment and an impediment to search marketing. With Subversion, we allow clients to use Dreamweaver or Contribute to edit sites themselves. Everybody on the team uses Subversion to coordinate changes, and if somebody wrecks the site, we can roll back to the prior version. With Subversion as a safety net, the editing process goes faster, and more people can have access.

Delegating work.When managing staff, I need to see what they are doing and be able to jump in on a moment’s notice when help is needed. Having direct, immediate access to the source code makes it easy to fix a bug in the middle of the night when a client complains. I do not need to tell everybody “sync your files” or risk having them erase my change. Subversion handles that automatically. If a client emails a request, any employee can help themselves to the latest code from the repository, and make edits. Without Subversion, having more than one person working on a site risks confusion.

Backups and using multiple computers.My nightmare scenario used to be losing my computer. What if it breaks? I’ve switched most of my business management tools to cloud computing, such as Basecamp and Freshbooks. But I still have a few important files on my machine, plus all the websites I am working on. Subversion provides secure cloud storage for all those critical files. Subversion makes both of my computers interchangeable. I can right click on any folder to quickly synchronize files from the repository.

Subversion has two components: a server that stores sets files (called modules) and a desktop client for accessing the server. The Subversion server can be installed locally or on a remote machine. I prefer to use a hosted service such as CVSdude, where they handle all the details for a nominal monthly fee. Tortoise SVN is the most popular Subversion client for Windows. Tortoise asks for the URL of the repository, a user id, and a password. All files in a module can be checked out, edited as needed, and then changes are committed. Tortoise integrates into Windows’ File Explorer. Folders show a green check mark if they are current, or a red X when they have been changed.

In 2007 Forrester Research called Subversion “the sole leader in standalone software configuration management (SCM).” When something that good is free, you think most people would use it. However, most search marketing professionals I speak with have never heard of Subversion.

Jonathan Hochman has two computer science degrees from Yale. He runs an Internet marketing consultancy and a web development shop.

Have you been searching for Jesus? On Google, Wikipedia ranks first for that search. How much is that first place ranking worth? According to Wikipedia’s public traffic stats, about 14k page views on a typical day, and 19.3k on Christmas. The redirect Jesus Christ, which points to the same page, gets about 25% as much traffic, and Christ adds another 10%.

Maybe you’re not the religious type. Have you been looking for sex? You are not alone, at least not online. The top ranked sex page gets 45k views per day. Love only gets 18k per day. Wikipedia readers prefer sex to love by a 5:2 ratio. Even on February 14th, St. Valentine’s Day, the power of love peaks at just 31k. Virginity, also listed first, gets relatively little action with 1.7k dailies.

While sex is a consistently popular topic, regardless of current events, news-related articles show much more traffic variation. The article on waterboarding, ranking first, ran between 2.8k and 74.6k visitors per day during February 2008.

A total of 465k people viewed the article that month. Since the United States presidential election season began, editors have been fighting over the article lead that says, “Waterboarding is a form of torture.” The phrase appears on the search engine results pages in a way that creates severe negative publicity for the Bush Administration. Several conservative editors have tried every which way to remove the incriminating phrase from Wikipedia. They finally became such nuisances that they were banned from editing.

Barack Obama, Hillary Clinton, and John McCain have wiki pages that rank third. Wikipedia blows away both Democratic Senators’ official web pages, but not the two campaign sites with their multi-million dollar budgets. Barack had 2.6 million monthlies to Hillary’s 858k. John McCain had a respectable 1.6 million views. George W. Bush was the wallflower with 106k views (but he is still more popular than virginity). When compiling these stats, I added variations together, such as Hillary Clinton and Hillary Rodham Clinton, because redirects generate separate totals.

The top organic ranking for search engine optimization gets 4.3k page views per day. A Search Engine Land article that received 788 Diggs generated about 8k page views in about 24 hours. So the wiki article is equivalent to going popular on Digg every other day. I can assure you that writing one featured Wikipedia article is much easier than writing three articles per week that make the home page of Digg.

How about the article on Danny Sullivan (technologist)? Wikipedia ranks seventh, behind Search Engine Land, Search Engine Watch, Danny’s personal blog, and the wiki article about race car driver Danny Sullivan. Seventh is not worth much: just 45 people per day view the article.

Wikipedia biographies of living people frequently appear in third position, right behind the subject’s own website. For instance, Matt Cutts’ article draws 75 to 128 visitors per day, Vanessa Fox’s 20 to 44, and Jason Calacanis’ 100 to 500, depending on how badly he behaves and whether his friends and foes are monkeying the article, as they often do. If you are thinking about creating an article to promote something, given the modest traffic volumes drawn by these rather high profile people, you might want to think of something else. Articles generate traffic when the search term already has volume. Creating a new page does not cause people to search for it.

Let’s look at one more example. Say a network of travel blogs writes a business plan predicting 2 million page views per month within a year. What does that mean, and how successful would the site have to be to hit those numbers? Clues are freely available. Wikipedia ranks second on Google for New York, Los Angeles, Paris, and London, and first for Tokyo, Moscow, Sydney, and Hong Kong. Those eight articles generate a total of 1.9 million page views per month. I personally would not put my name on that business plan.

Jonathan Hochman has two computer science degrees from Yale. He runs an Internet marketing consultancy and a web development shop.

Exploits can take the form of spam posts, sock puppetry, trust fraud, and scams that use social engineering to take advantage of the good faith users. The exploit may also be by way of paid advertising that promote illicit or illegal activities (porn, pills, casinos, and payday lenders) or ads that insert malware on users’ computers. These anti-social and sometimes criminal activities are generally carried out despite the wishes of the site owners and community residents.

In the physical world, spam, scams, and unsavory promotions have parallels: billboards, liquor stores, and payday lenders on every street, and prostitutes and hustlers on every corner. These are the telltale signs of urban blight in a community and, left unchecked, lead to abandoned and neglected property and a spiral of decay. Urban blight creates flight; anyone who can afford to leaves.

Virtual blight in an online community drives away “respectable” traffic and depreciates the contributions of community members, reducing or destroying the value of a brand. Internet marketers invest substantial effort and money to make their websites successful and build a brand. To preserve that brand from the ravages of blight, marketers need to consciously combat it on their own sites and ensure that their marketing efforts do not create or fund blight on other sites.

The Ten Commandments for online marketers

1. There is one Internet. It is a shared resource. Any marketing strategy that relies on polluting the internet by pushing unwanted noise into community space is suspect. It is one thing to strategically place information scent that leads users to your site; it is another to spray that scent on every tree and fire hydrant.

2. You shall use neither bots nor macros to create links, nor spread comments promoting your site. Spambots can not only cause your site to be banished by search engines, they leave a huge footprint across the web and can tarnish your brand with a stink that can’t be washed off!
3. You shall not allow your advertising and affiliate dollars to go to scrapers, scammers, nor spammers.

Advertising budgets are the fuel that drives the spread of blight across the internet. Make sure your money is not promoting blight even if you must forsake short term profits in favor of protecting your brand. While it is easy and tempting to pour money into any channel with a positive ROI, you may be cannibalizing your brand in the process. Even if your strategy is making money and your brand survives, you are funding parasites who devalue the communities that support your business.

4. Honor your visitors. Do not sell impressions or links to companies you do not vet. As a publisher, you are endorsing your advertisers every bit as much as if you give them an editorial link. Caveat Emptor may be the motto of cut throat capitalism, but it is not a good strategy to protect your brand. If you are not satisfied with the moral and ethical practices of your advertisers, do not sell them advertising. Syndicated advertising networks offer an easy path to monetizing traffic in the short term but you risk associating yourself with the sites where you advertise.
5. You shall not make use of sock puppet accounts for vote stacking, spamming friend requests, nor other schemes. Sock puppetry and false friending is so obviously a form of fraud that no one can argue it is an ethical practice. Do not succumb to the argument that others are doing it if you want to build a sustainable business.
6. You shall not form cabals nor engage in elitist plots to disenfranchise people. Karma matters. If you treat others badly, they will eventually form a mob and come after you.
7. You shall not grieve other users by spoiling their fun, troll, nor post flame bait to get attention. Acting up to gain attention only works for a short while, then you get banned, filtered, and ignored.
8. You shall not scrape content, plagiarize, nor assist in the theft of virtual assets. Stealing content is stealing, simple as that. Scraper sites are the most prolific and pernicious form of Made For Advertising (MFA) sites.
9. You shall not distribute badware, scumware, spyware, nor malicious bots. This point is so self-evident it shouldn’t have to be mentioned, except that the proliferation of Malware is accelerating and the potential damage it can cause is frightening. Criminal activities ranging from identify theft, transaction fraud, click fraud, and distributed denial of service attacks are all being carried out by botnets that contain hundreds of thousands of compromised machines. Most of the global spam problem can be traced to these compromised computers as well. Despite the clearly criminal nature of malware, Google recently estimated that 1.3% of search result pages contained a link to a site that potentially could infect the user’s computer. Most of these exploits are distributed via Iframe injection through advertising networks.
10. You shall not covet your neighbor’s traffic, nor engage in parasitic marketing. If somebody is doing well, give them a pat on the back instead of trying to pick their pockets.

The commandments represent what Internet users already expect. Unfortunately, many players rationalize their own breaches whenever a little cheating is profitable. We, the Internet community, need to take a stand against blight. Major online properties need a code of conduct to ensure that they do not contribute to the problem, and they also need best practices for controlling blight. Investors should ask managers what they are doing to protect the value of online assets. Everybody needs to worry when the next advance in black hat technology has the potential to turn billion dollar web properties into a slag dump.

Jonathan Hochman has two computer science degrees from Yale. He runs an Internet marketing consultancy and a web development shop. Jonah Stein, who contributed to this article, is Managing Director of www.AlchemistMedia.com, an SEO/SEM Agency and creator of www.VirtualBlight.com, a site dedicated to organizing Netizens Against Online Spam, Scams & Scoundrels.