Why is it recommended that my web store be accessed via http://www.example.com?

[Zean]

Why is it is recommended the web store be accessed via
http://www.example.com
instead of
http://www.example.com/store ?

[gilby]

Why is it is recommended the web store be accessed via
http://www.example.com
instead of
http://www.example.com/store ?

<beg rant>
If your website IS your store then why make it one click further away from your customer.

If you have some other existing website content that is so important that it has to be the main website, and you want to "add on" a shopping cart, then put it as an after thought in a sub directory off from whatever your main site is.

Me I want to sell stuff so my shopping cart IS my main site. Where customers will find it as easy as possible.
</end rant>

[RodG]

Why is it is recommended the web store be accessed via
http://www.example.com
instead of
http://www.example.com/store ?

What gilby said, plus I'll go one further. Why make your store be "http://www.example.com" when "http://example.com" can achieve the exact same results but with 3 less characters?

Cheers
Rod

[gilby]

What gilby said, plus I'll go one further. Why make your store be "http://www.example.com" when "http://example.com" can achieve the exact same results but with 3 less characters?

Cheers
Rod

Don't listen to what RodG says....
He has his shop at "http://shop.example.com"

I prefer having the "www" left in as most (of my) customers expect it and understand it.

[RodG]

Don't listen to what RodG says....
He has his shop at "http://shop.example.com"

What is shocking is that you actually think that it's shocking.

I prefer having the "www" left in as most (of my) customers expect it and understand it.

I think a short lesson in networks is in order. Your 'preference' is based on ignorance. .

Here is an output of nslookup showing a partial list of various hosts on our network. Feel free to verify these for yourself.

root@sue:~# nslookup vcsweb.com
Name: vcsweb.com
Address: 96.127.133.252

root@sue:~# nslookup www.vcsweb.com
www.vcsweb.com canonical name = vcsweb.com.
Name: vcsweb.com
Address: 96.127.133.252

root@sue:~# nslookup shop.vcsweb.com
shop.vcsweb.com canonical name = shop.ozpost.net.
Name: shop.ozpost.net
Address: 184.154.169.226

root@sue:~# nslookup ozpost.vcsweb.com
ozpost.vcsweb.com canonical name = ozpost.net.
Name: ozpost.net
Address: 184.154.169.226

root@sue:~# nslookup ozpost.net
Name: ozpost.net
Address: 184.154.169.226

root@sue:~# nslookup svr0.ozpost.net
Name: svr0.ozpost.net
Address: 202.124.241.200

-----------------------------------------------------

What you should take particular note of is that

1. vcsweb.com is the name of our main *domain* it is located at IP Address: 96.127.133.252. In reality, this is just host called "vcsweb" in the "com" *domain*

2. The *host* called "shop" within the vcsweb.com *domain* doesn't actually exist. It is an alias (canonical name = shop.ozpost.net) used for where our shop is actually located, namely IP Address: 184.154.169.226

3. The *host* called "www" within the vcsweb.com *domain* doesn't actually exist either. It is an alias (canonical name = vcsweb.com) that we've been forced to implement because people have been brainwashed into thinking that a website will always exist on a host called "www".

4. ozpost.net (the host/domain where our shop is located) also has its own hosts on even different networks, svr0.ozpost.net is located on a host with the IP Address: 202.124.241.200.

IMPORTANT: "www.vcsweb.com" and "shop.vcsweb.com" are therefore two *different* hosts on two *different* networks, and our secondary domain (ozpost.net) is spread across three different hosts on three different networks.

Don't listen to what RodG says....

'Tis better to listen to me than to you. At least I *know* a little bit about networks (and the firewalls used to protect them).

Rgds
Rod (Adv dip network security).

[gilby]

Nice one RodG

What gilby said, plus I'll go one further. Why make your store be "http://www.example.com" when "http://example.com" can achieve the exact same results but with 3 less characters?

Cheers
Rod

Well as your quote says, we were talking about ease of typing in the name and saving characters......
So my "http://www.example.com"
is one letter less than your "http://shop.example.com"
(No customer really cares that its on a different server somewhere)

3. The *host* called "www" within the vcsweb.com *domain* doesn't actually exist either. It is an alias (canonical name = vcsweb.com) that we've been forced to implement because people have been brainwashed into thinking that a website will always exist on a host called "www".

Thank you for "proving" my second point....
That people, brainwashed or otherwise, are happier to see "www" in the url.

Now I think its time I shouted you a beer
and take the rest of the night off.

Regards gilby (Assoc Dip in hard knocks, GIAE)

[RodG]

Nice one RodG

Well as your quote says, we were talking about ease of typing in the name and saving characters......
So my "http://www.example.com"
is one letter less than your "http://shop.example.com"

True, but no "www" is still 3 characters less than that, and I seriously can't recall a time (other than now) where I've ever typed, instructed, or even publicaly referenced the host where our shop is located. People access it via link on our main site http://vcsweb.com , or via http://ozpost.net where we have a redirect in place.

(No customer really cares that its on a different server somewhere)

I do my best to educate people that adding a 'www' to a domain name that only offers web services is a pointless idea, and that 'www.example.com' is a different host than 'example.com' (which *should* answer the OP's question), but it is as futile as trying to teach christians(?) about evolution. They let their beliefs get in the way of the facts. Nonetherless if I/we don't try they'll never understand.

Thank you for "proving" my second point....
That people, brainwashed or otherwise, are happier to see "www" in the url.

Only those that wish to live in ignorance. My *real* peeve about this though is that almost all modern browers will automatically ADD the "www" without the user needing to type it in the first place, so now we have an entire generation of people thinking the "www" equates to 'web server', when they *should* be understanding that it is the "http" that completes this equation.

The fact that web browsers do this also brings back my point that it is pointless having people type 'www' in front of a domain name anyway.. just like it is pointless having people type the 'http://' portion of the URL into thier browser (because the browsers will automatically add this too). So, on this basis, why do people insist on using 'www' if they typically end up on the same site whether they type it in or not?

I can appreciate that a typical end user doesn't need to know most of this stuff (thanks to the over enthusastic web browsers), but I am assuming that everyone reading this forum has some sort of control over a HTTP server running an online store (probably ZenCart), and I *firmly* believe that it is important for us to understand the difference between a site that uses "www" as a host name and a site that doesn't use it. There would be a *lot* less support issues these people understood this very basic fact.

More importantly, every hacker on the planet knows these basics, and will use this knowledge against us. How is a person supposed to secure their site if they don't understand/appreciate that 'www.example.com' and 'example.com' are actually two different sites (even if they resolve to the same host). They could completly lock down 'www.example.com' without realising that a hacker could just as easily compromise the site by exploiting a weakness in 'example.com'?

Then don't get me started on SSL (https), which may or may not be on the same site/server as the non SSL host. How many people do you think there are reading this thread that have wasted money buying an SSL certificate for 'example.com' and wondering why it doesn't work with 'example.com' (or vice verci?).

Why don't we see more sites with names like 'www.example.com' for non secure web services, and 'secure.example.com' for the SSL enabled sites? What is the point of naming a host if the name doesn't reflect (to the public) what the host is actually used for?

Take a look through these forums and take note of how many people have issues trying to set up for SSL, and you'll almost always find that the cause is due to a lack of basic understanding of networks and hosts. The difference between a 'www' named host and a host by any other name is a part of this basic understanding.

How many people here have their store running on 'www.example.com' and don't even know that they also (probably) have a host in *thier* domain called 'cPanel', another called 'mail', and yet another called 'ftp', and that by default these *all* point to their online store?

How many people here insist on 'protecting' there store with an .htaccess file, not realising that this only 'protects' against Web exploits, and that they have a host called 'ftp.example.com' that points to thier store that remains completely unprotected from attacks using the FTP protocol (.htaccess doesn't even get looked at) ?

How many people here don't realise that the host they call 'www', like ours, doesn't actually exist as an entity, but is nothing more than an alias to where their store is *really* located?

It would be really nice if I could estimate these things as appying to less than 10% of the people reading this thread, but realistically I'm expecting this information to actually come as a shock/news to over 90% of the readers.

As I say, typical end users really don't need to understand any of this, but we are NOT typical end users. We need a higher level of understanding in order to protect the end users that access our stores. The person that posed the original question is a 'merchant in training' and as such, we should be trying to teach him/her a little about some of the things that is relevent to running a store, and not perpetuating misinformation because 'that's what customers expect'.

Your response did both myself and the OP a tremedous disservice. (Although I'm sure that due to this ongoing discussion I have fed them too much information, too soon, and much has now gone over their heads)

Now I think is time I shouted you a beer
and take the rest of the night off.

I'll drink to that. :)

Regards gilby (Assoc Dip in hard knocks, GIAE)

I've also attended the school of hard knocks (I've not always been this arrogant/confident) <g>
Did you really attend GIAE?

Cheers
Rod (TAA40104) :)

[Zean]

Thank you all so very much for taking the time to share your thoughts regarding the question . . .

Why is it is recommended the web store be accessed via
http://www.example.com
instead of
http://www.example.com/store ?

Are there any security issues or procedures or advantages/disadvantages that are different depending upon which of the above is chosen?
Are there any advantages/disadvantages with respect to SEO?
Are there any advantages/disadvantages with respect to design flexibility?

Thanks again!

[gilby]

Thank you all so very much for taking the time to share your thoughts regarding the question . . .

Hmmm.. It would appear that we haven't answered the question that you really want answered.

Why is it is recommended the web store be accessed via
http://www.example.com
instead of
http://www.example.com/store ?

The fact that you are asking this implies that you have an existing website in the root of your website?
If you do it appears that you want to use zen as an add on shopping cart to your existing website and not disturb your existing website?
imo a better solution is to use zen as your website. Most existing websites can be replicated within zen. Show us a link to your existing site!

Are there any security issues or procedures or advantages/disadvantages that are different depending upon which of the above is chosen?

None that I know of in itself!
You may have security issues with whatever you are running outside zen in the root.

Are there any advantages/disadvantages with respect to SEO?

Rumor has it Google takes more notice of the website root and less the further away from it you are in successive levels. But as with all things google, its only a rumor.

Are there any advantages/disadvantages with respect to design flexibility?

Thanks again!

There is one advantage and that is where you perform an upgrade.
Normally you create a new website in a sub directory for testing and when you want to go live you only have to rename the existing store sub directory to something else and the test sub directory to store and you are live. If it is in the root you will have to move the test files to the root. This does take a little longer.
Even so I believe (imo) having your store in the root out weighs having it in a sub directory.

[RodG]

Hmmm.. It would appear that we haven't answered the question that you really want answered.

Well, we did get a little sidetracked with the techy stuff :)

I appreciate that you probably aren't interested in having my 'approval' to this latest reply, but for what its worth, I couldn't have given a better response, and this is back to the high standards that I've come to expect from you.

Rumor has it Google takes more notice of the website root and less the further away from it you are in successive levels. But as with all things google, its only a rumor

Although I don't dissagree with this, the way a typical crawler works is to first start at the website root and then progresively dig down to the deeper levels, so a store in the root folder is likely to not only be indexed faster, but any changes made will also be refelected in the search results a little faster. There is probably some kind of limit imposed on how many levels any given search engine will crawl as well. I wouldn't expect a store located in www.example.com/bob/stuff/stores/store1/ to get a very good ranking (assuming it gets indexed at all). Having said that, a site 3 levels down could rank better than a top level site if it has good content and good backlinks.

As for security, it could be argued that the deeper the store is located, the more secure it will be (security by obscurity). Personally I feel that this method of 'securty' as actually quite risky as it leads to a false sense of security. However, it is quite effective against many script attacks (which is why it is recommended that we rename our /admin/ folder).

Cheers
Rod