Web Analytics is great, and Google Analytics is both free and great so that’s got to make it really great. From it, you can find out lots of information about the visitors to your web site. You can see how many have come from Crawley or Kathmandu. You can find out if they’re seeing your web site with Internet Explorer on Windows or Safari on an iPhone. You can get so lost in the numbers that huskies might need to be dispatched to dig you out of a deep Google Analytics data avalanche.

That’s the problem. There’s so much information in Google Analytics it’s easy to become overwhelmed and give up just looking at the headline numbers on the dashboard sometimes. Are the number of visits and page views increasing? Is your bounce rate and new visits holding steady? Perhaps one day you get an unexpected spike in visits. You want to know where they came from, so you dig through the information till you find out; a footballer with a nose bleed in a bar was the cause of the first inexplicable spike in visitors I ever had to explain.

Doing this you’re not really using the information to improve your web site. You’re just supporting the status quo and reacting to outside forces. Like the alleged fist that may or may not have met with the footballers nose, allegedly. What would be really useful would be some basic, repeatable, reports that can produce actionable information. That’s where the three reports I’m going to describe here come in. Three reports from Google Analytics to identify pages for review and improvement.

The Three Reports

The three reports we’re interested in are the Most Viewed Pages, Entry Pages and Exit Pages Reports. You can find these in Google Analytics by following the instructions below. Make a table for each with the top ten pages for each report. I’ve included examples for a fictional web site for each of the reports.

Most Viewed Pages

This report lists the 10 Most Viewed Pages ordered from most viewed to least.

In Google Analytics go to Content, then Top Content and order by Pageviews.

Page	Pageviews
Home Page	24,000
Contact Us	1,900
Stay in Touch	1,700
Our Products	1,600
Our Staff	1,500
About Us	1,400
Product Z	1,400
Past Projects	1,100
Past Project 1	1,100
Product X	900

Entry Pages

This time you want to look at the landing pages for your site. For this we want to see the Number of Entrances, Number of Bounces and Percentage Bounces for the top ten entrance pages on your site.

Go to Content then Top Landing Pages and order by Entrances.

Landing Page	Entrances	Bounces	% Bounces
Home Page	24,000	14,000	58
Stay in Touch	550	200	45
Press Release Last Week	300	200	66
Our Products	200	100	50
About Us	150	70	46
Staff Directory	110	80	73
Our Staff	110	100	90
Past Project 2	100	70	70
Press Release  Last Month	90	90	100
Press Release Two Months Ago	90	30	33

Exit Pages

The last report is the pages that most people leave the website from. For this we want to know the Exits, Pageviews and Percentage Exit.

Go to Content, then Top Exit Pages and order by Exits.

Exit Page	Pageviews	Exits	% Exit
Home Page	24,000	16,000	67
Contact Us	1,900	1,200	63
Stay in Touch	1,700	700	41
Our Products	1,600	600	38
Our Staff	1,500	500	33
About Us	1,400	400	29
Past Projects	1,100	250	22
Product X	900	250	28
Product Y	800	100	13
Product Z	1,400	50	4

Identify Pages of Interest

Now you’ve got three tables make yourself a fourth table that lists all the pages and why each page is of interest.

Page	Page Views	Entry	Exit
About Us	Yes	Yes	Yes
Contact Us	Yes		Yes
Home Page	Yes	Yes	Yes
Our Products	Yes	Yes	Yes
Our Staff	Yes	Yes	Yes
Past Project 1	Yes
Past Project 2		Yes
Past Projects	Yes		Yes
Press Release Last Week		Yes
Press Release Last Month		Yes
Press Release Two Months Ago		Yes
Product X	Yes		Yes
Product Y			Yes
Product Z	Yes		Yes
Staff Directory		Yes
Stay in Touch	Yes	Yes	Yes

So now you’ve cut a path through the impenetrable jungle of reports and you’ve got a simple table that tells you between ten and thirty pages to focus your attention on. You’ve also got some basic information about each of the pages.

What to do Next?

Taking a look at the example above, the most important page for review is the site’s home page. It gets a lot of visitors which is good, but the bounce rate seems very high. Maybe it needs a redesign or some search engine optimisation (SEO) work, so that people finding it are the ones who are looking for the site.

There are lots of bounces on the Our Staff and Staff directory pages. A quick look at some other statistics for those pages might show that a staff member has the same name as a celebrity and so visitors to those pages are looking for someone else.

The Contact Us page has a very high exit rate. For the Contact Us page that might not be a bad thing. Visitors who want to know how to get in touch with our fictional company found what they were looking for.

The Our Products page is getting quite a few page views so spending a bit of time making it better could pay dividends. Maybe some nice new pictures or a bit of work polishing the text would be a worthwhile investment of time.

What to do Later?

Now you’ve done this once what can you do later?

If you thought this was useful, you can quickly get the information to do this again if you set up three Custom Reports in Google Analytics (opens new window). Then after a few months you can review the impact of the changes and identify further pages for review.

If you’ve the time and a large web site, you might want to expand the number of pages you look at, or go on to look at the next ten most viewed pages, landing pages or exit pages.

If you’re feeling adventurous you could use Google Website Optimizer (opens new window) to test different variations on a page to see which is the most effective. I’ll come back to that another time.

Denise, our lovely receptionist, read my blog post Carry on up the Internet: The Curse of Gerald Scarfe and asked what a Content Management System is.  So, always on the look out for something to post about, I thought I’d write an explanation…

So what is a Content Management System (CMS)?  Like a Ronnie Corbett monologue (opens new window) I’ll come to that in a minute.  First let’s have a look at how all web sites used to be made (and many still are).  Every page on the site had to be made using an editor like Wordpad on Windows or Vi on Unix.  You had to know how to write HTML markup code and later CSS.  If you added a new page and wanted it to be included in the navigation on every page you had to edit each of the files.  Then you had to use FTP to copy all the files from your computer to your web server.  It was a clumsy process that needed technical training to perform.  When you should have been worrying about the stuff that made up the page, you were worrying about making sure the page didn’t break.

Later software like Adobe Dreamweaver and Microsoft Frontpage came along that made some of this easier.  These still combined working on the site design and the content.  You also still needed to FTP the files to the web server.  Everyday users working on content still had to have special skills or pass content on to people who had those skills.

So what is a Content Management System?  If you look on Wikipedia you’ll see several different things listed under Content Management Systems.  Strictly speaking I’m just talking about a Web Content Management System.  This kind of CMS is computer software that makes running a web site easier.  It automates a lot of the routine work so a user can worry about their content and not worry about other stuff.  Many run as a secure, private part of the web site so an organisation’s staff can work on the site from different offices, home or anywhere else they can access the World Wide Web.

A good CMS makes it easy to add new pages and to edit existing ones.  It will include an editor for writing the content that goes into pages so a user doesn’t need to know HTML or CSS.  It will also automate tasks like making a site’s navigation, producing a sitemap and listing latest news articles on the home page.  It will take care of the look of the site.  It can make the site meets standards for accessibility and the underlying html code.  It can make pages that will work well with search engines.

Other features include the ability to add extra features to the site like video players, interactive maps or feeds from a new site.  They can include delegation and workflow so that different staff can have different levels of authority to work on the web site.  One user might be an author who writes content, another an editor who checks it and a third a publisher who approves it once the editor says it’s ready to go.

So what is a Content Management System?  In a nutshell a CMS lets the people who make the content for your web site, make your web site easily.

Spike Milligan: Policemen are numbered in case they get lost.

(The Goon Show: The Last Goon Show of All, 1972)

I couldn’t come up with a suitable (or should that be unsuitable?) quote from the Carry on Film’s for this post, so I hope you’ll forgive me for picking one from the Goons instead.

Last time in Carry on up the Internet: A bit of an Enigma I talked about how the club’s web site had managed to knock itself out of Google and other search engines using a robots.txt file. Having corrected the problem, they could have sat back and waited for the search engines to add them back in. With a bit of luck they’d be picked up in about a month. They asked if there was any way to speed this up.

In the early days of the web, you could submit yourself to search engines and listings sites (we used to run a service some of you may remember called Signpost that helped you do that). Submitting to search engine and directory sites fell out of favour for a few years.

In the last few years the biggest search engines have brought in a new way to let them know about your site. Funnily part of it involves using a robots.txt file on your site. Back in 2005 Google launched, Google Sitemaps, a way to tell Google about the pages on your site. Since then other big name search engines like Yahoo! and Bing have adopted the standard which is now known as XML Sitemaps.

By adding a file to your web site, usually called sitemap.xml, to your site you can tell the search engines about your pages to make it easier for them to find them. You can add a line to a robots.txt file to say where your sitemap file is to make it easy for the search engines spiders to find. While it is possible to write a sitemap file in a text editor there are several web sites and software that will produce one for you. Many content management systems, like Joomla and Liberato, can automatically make them behind the scenes.

When you update your site you can use websites like Bing’s webmaster tools (link opens new window), Yahoo! Site Explorer (link opens new window) and Google’s webmaster tools (link opens new window). If you're using a content management system, it can send a ping to the search engines to automatically let them know whenever your site changes.

So rather than sitting back and waiting for the search engines to come to you, you can proactively go out there and tell the search engines about your site.

After 15 years of working on the web, I have become a bit of a techno-sceptic. My day-to-day life may well be interwoven with a myriad of devices, websites and online services, but this hardly excites me anymore. To me, IT is just a tool to do something more interesting, and if it does not work or sounds too complicated, then I am simply not interested. Because of this, most of my colleagues would probably describe me as curmudgeonly (well, they might use other words, but they are not for publication).

However, this week I have been attracted by something shiny and new for the first time in ages; Google Chrome Beta (opens new window). Now a few of you will be saying “Old news, #fail, move on”, but I did try Chrome when it first came out and it was OK, but I simply did not need another browser in my life at the time. This is particularly after the great Apple Safari for Windows debacle, which “broke” my iTunes when I installed the first version. That was a black day, having to download and re-install more software and more importantly being separated from my tunes.

Anyway, back to the new Chrome Beta. This for me has the following highlights:

• It loads fast; Firefox and Internet Explorer need a kick in the pants and dynamite to get going in comparison
• It is quick to use; page load, working with tabs, configuring, just feels more fluid than its compatriots
• But the best thing of all are the Extensions (opens new window); so I can now get to my Gmail, Google Calendar and Google Wave from one click on the toolbar, and I can tweet from there too
• If you are a Developer there is a Developer tools feature and a Firebug Lite Extension (opens new window) if you hanker for this Extension from Firefox
• Oh, and you can make it look pretty with themes

The more I used Chrome, the more I was impressed. When I considered the volume of tasks I have to complete everyday in the browser window, its simple approach to providing a browser that just works, fast, really counts. I have not had to make time in my life for an extra browser; I have in fact saved time by switching to Chrome Beta and only using the others when I absolutely need to. Try it, I hope you like it too.

There is one “but”, if you do switch to Chrome. Don’t be surprised if you wake up the next day with the realisation of how much time you have wasted using [insert browser of choice] up until now. Then you too may feel a little curmudgeonly.

Dr. Tinkle: It's an enigma Matron. An enigma.
Mr. Roper: I'm not having another one of those.

(Carry on Doctor, 1967)

Back in Carry on up the Internet: How Big are We? my friend added Google Analytics to the club’s site. A few weeks later I was chatting to them and they said there was something odd with what they were seeing in Google Analytics; they didn’t get any visitors from Google. I took a quick look at the reports and it was worse than that, they didn’t get visitors from Microsoft Live Search (now Microsoft Bing), Yahoo! (soon to be Microsoft Bing), any of the search engines I recognised (soon probably all to be called Microsoft Bing, except of course, Google).

I had a quick look at their site and the Google Analytics code looked right. I tried a few searches for them on Google, Yahoo! and Microsoft Bing. Even though their name is quite distinctive they didn’t come back in any of the searches.

So I did a bit more digging and found the problem; a little file on their website called robots.txt. A robots.txt file is a powerful tool for webmasters. It lets you tell Internet bots (sometimes known as web robots or simply bots) what they are allowed to look at on your site. Bots are software that runs tasks automatically on the Internet such as web spiders that are used by search engines to index the web. For example, Googlebot is used by Google to collect the information to build the index for Google’s search. The robots.txt for their site denied access to all bots.

I asked them if they really meant to do that. Someone had told them about botnets and spam bots. They had an image of gangs of leather clad beastly bots rampaging around the Internet laying waste to any web site that crossed their path. Think Tron (soon to be Tron Legacy) meets Mad Max Beyond Thunderdome. After a quick bit of research they’d found a simple solution, a virtual ASBO to stop the bad bots in their tracks, using a robot.txt file to ban them from the site.

It sounds good in theory, but unfortunately it wasn’t a real solution. The robots.txt file is more like the polite notice you see by the roadside in picture postcard villages asking you to drive carefully than a checkpoint that stops bots but lets other visitors in. When Googlebot and the other search engines bots visited the site they found it and obeyed the instructions in it and promptly ignored the site. Meanwhile malicious bots would simply carry on regardless.

A simple rewrite of the robots.txt file made it friendlier to good bots and let the search engines back into the site.

[Dick Turpin points his pistol at Madame Desiree]

Madame Desiree: That doesn't scare me. I've seen bigger ones in my time.
Dick Turpin: That doesn't surprise me.

(Carry on Dick, 1974)

One of the things I’m asked about is from people who have a web site for their business but they can’t tell if they're getting any benefit from it.  Sometimes a customer will say they found their web site or they’ll be contacted through their web site, but if you’re not directly trading online how do you measure how well your web site is performing?

Take the club I mentioned in Carry on up the Internet: You haven’t got Mail.  They had their web site but they didn’t know anything about how well it was working.  They didn’t know how many people visited their web site, which pages they looked at, or anything else about how well their site was doing.  Their web hosting didn’t include any usage statistics or access to log files.  If they’d had access to their web server’s log files they could have used software like AWstats to see how they were doing.

I suggested they could add Google Analytics to find out what was happening on their site.  Google Analytics is a great, free tool that we’ve used successfully with a lot of our clients.  Now for some, a tool which describes itself as “…the enterprise-class web analytics solution that gives you rich insights into your website traffic and marketing effectiveness.” may sound a little bit of overkill.  When I told them it had over 80 different reports I could see the look of fear forming behind their eyes. 

I had a feeling I was about to metamorphose into Michael Winner in an advert for car insurance.  So I took a step back and showed them the Google Analytics dashboard.

One of the great things about Google Analytics is that you can decide how far to dig into it.  If you’re just starting out you can see the most important information for your site on the dashboard.  Straight away you can see how many visitors you’ve had, how many pages they viewed, how much time they spent on the site, where they came from and the top five pages they looked at.  Once you’ve dipped your toe in the water, you can dig deeper into Google Analytics and figure out what else is useful for you.

Adding it to a site is easy if you’re using a templated content management system but if, like the club you are writing each page by hand, copying and pasting the code into a small web site isn’t too difficult either.

Managing a corporate website, extranet or intranet presents significant challenges. As a common business tool your website must offer your customers, partners and employees relevant and high-quality content.

Umbraco is a content management system (CMS) that gives you the flexibility, responsiveness and control over your content. It makes it easy for non-technical staff to update and maintain information without requiring expensive technical support resources.

As Umbraco is web-based there is no software to install. The system is accessed via a web-browser, so that your staff can update your site wherever there is Internet access and a PC.

Umbraco gives your staff the appropriate control over information, whilst delivering real cost savings by reducing long-term maintenance costs.

You can check out three Umbraco-based web sites below (all links open a new window):

• Health and Safety Laboratory
• Central Manchester University Hospitals Genetic Medicine
• NHS South West Essex Community Services

Captain Potts: Your rank?
James Bailey: Well, that's a matter of opinion.

(Carry on Sergeant, 1958)

In the second of this erratic series of posts about web site problems, I want to take a look at a problem which I’m going to call the Curse of Gerald Scarfe.

We were reviewing a companies existing web site before developing a new, content managed site.  The existing site wasn’t bad, a little out of date, a slightly dated design and hard to maintain because it didn’t have a content management system.  However something wasn’t quite right.  The site was illustrated with high quality images of business people at work.  There was something slightly unnatural about them, as though they had been taken from the odd angles that were trendy in Reportage in the late ‘80s.  The images' proportions had been distorted when they’d been added to the site, not far enough to be really noticeable but enough to have an effect.  Unfortunately the result wasn’t a Gerald Scarfe cartoon but rather off-putting, long-faced people.

Fortunately one of the benefits of using a CMS for their new site was that the image sizes were automatically included by the system. So the Curse of Gerald Scarfe (opens new window) couldn’t creep back into their new site.

Our newest baby was a year old on the 4^th September. The Connect Learning Centre, on Whitby Road in Ellesmere Port, has become a focal point for adult learning in “The Port” and has yielded many success stories.  So, as proud parent (the Centre’s Business Development Manager), I decided the first birthday should be celebrated with a party.

Topping the list of local luminaries were the Mayor of Ellesmere Port, Councillor Tony Sherlock and Colin Charlton, our CEO. Sipping coffee and munching chocolate biscuits were some of the brilliant learners who we have helped take advantage of free government funding to become more employable. They impressed the Mayor and Mayoress with their learning and skills.

Our Area Managers were there too; ready to begin interviewing local candidates with Colin for a new post in the Centre.  Colin explained to the Mayor that we endeavour to employ local people and proudly introduced a glowing Debra Smith, one of the first learners through the doors of our new centre, now an assessor for our NVQ programme.

At 10.30, the Mayor departed, leaving the washing up but assuring us that he would be back to take a computer course when his term of office ended next year.

Over the past few months, I must have had to remember hundreds of passwords, thinking of all the projects we have been working on. That is on top of all of those other passwords I need outside of work for my own website, to network socially and to check how much money I have not got in the bank. This ever-growing complexity, and demand on my increasingly limited memory, has left me mulling over the importance of password security.

While writing this post, I’ve read quite a few articles about password security.  Many of them open with one of two pitches.  The first is that passwords are annoying.  The second is that you need to be really paranoid about your security online.  Now the first is true and the second probably doesn’t hurt, but both are distractions from what a password should be.  A good password should be like having a good lock on a door.  It’s the difference between a good, solid five lever deadbolt lock and something that can be opened with a credit card.

Passwords are a good, cheap form of security.  Just as you can fit a door with security systems from the next Tom Cruise Mission Impossible blockbuster, you can, in principle, fit a website with a variety of gadgets for authentication, like the card readers available from some banks.  In most cases, the cost of the extra security will outweigh the benefit if the passwords used are strong.

While passwords are used in lots of places, I’m specifically interested in protecting content management, ecommerce and other systems and services that make up websites.  These passwords may be used to access your site’s CMS or might be protecting services hosted elsewhere like Google Analytics or Twitter that you use for your business.

Password Cracking

If a hacker can find where to log in to a site’s administration system, they can attempt to break into it by guessing or obtaining a password.  There are two basic ways they can do this: guessing and social engineering.

If a password is really bad; say a password of “password”, “12345” or “qwerty”; a hacker may be able to guess it and try it manually.  If they are a little more determined, they may resort to using software to try a list of commonly used passwords.  An automated software attack might try a dozen passwords or it might try many thousands of possible combinations.

Social engineering relies on some of the skills a con artist uses to take money from the unwary and a variety of investigative skills.  They persuade you to give up your password, they work it out from information they can find out about you, they go through your rubbish for scraps of paper you’ve thrown out and they gain access to where you’ve got the password written down on a post-it note by a variety of ruses.

Bad Passwords

There are a range of things you can do to make it hard to guess or break passwords by an automated attack.

To make it hard for them to crack or guess using easy to discover information about you, don’t use:

• Dictionary words
• Names or other proper nouns
• Foreign words

Avoid personal information like:

• Phone numbers
• Birthdays
• Car registration
• Postcodes
• Children, spouses or other relatives names

Don’t use business information such as:

• Business names
• Business address
• Web site address or name
• Product name

Don’t try to make a bad password good by, for example, using a backwards version of a bad password, or obvious substitutions like 3 for E or K for C.

Good Passwords

Good passwords are usually longer.  They should be at least 6 characters long.  They should include a variety of characters not just A to Z.  Good passwords should include special characters (like @, + and #) and numbers.  Many systems will let you use uppercase as well as lowercase letters or spaces.  Some systems may allow Alt characters to be used.  Specific systems may have specific security features you need to be aware of.

Keeping it Safe

Once you’ve got a good password you need to keep it safe.

Don’t give out passwords, especially not to requests by e-mail or phone.  If a researcher offers you chocolate for your password when you get off the bus, do tell them a fake one.  You shouldn’t be denied chocolate in the name of security.

Don’t share passwords with other people.  If you can have separate accounts, make sure everyone has their own account.  Shut accounts for users who have left.  Not just because someone who has left may not care as much about your security anymore but because an unused account is a tempting target for an attacker.

Don’t use the same password on multiple systems.  Especially don’t use the same password for personal and work systems.  That way if one of them is breached you are only worrying about problems at work or home, not both at once.

If you need to keep a record of an important password, which cannot be recovered or automatically reset, put it somewhere secure.  Ideally put it in a sealed envelope with a signature over the seal and put it in a safe or a secure, locked container.  When you change a password, destroy any record of it by shredding it.

Avoid putting them on post-it notes or under your keyboard. This is the equivalent of putting a key under the plant pot by your front door.

It’s also a good idea to change your passwords every few months.

Passwords for New Users

Many systems require an administrator to create accounts for new users and allow them to set up the user’s starting password.  Avoid using weak passwords when giving them out to new users as a shockingly large number of them will never change them, especially if they are easy to remember.  Also don’t use the same one for several users.

Going a bit Further

There are a wide variety of other measures you can consider in addition to using good passwords which won’t cost you the earth.  We are very happy to work with our clients to discuss ways in which they can help improve security.