I am Joannes Vermorel, founder at Lokad. I am also an engineer from the Corps des Mines who initially graduated from the ENS.

I have been passionate about computer science, software matters and data mining for almost two decades. (RSS - ATOM)


Entries in web (25)


Tracking file downloads in Google Analytics AND Google Adwords

Google has not one web analytics system, but two of them, namely Google Analytics and Google Adwords. For the average webmaster, this situation is quite a pain, because most of the tracking code must be duplicated. To make the situation worse, Google Adwords does not support any straightforward solution to track file downloads.

For the sake of my own μISV, I have designed the following script that enables both Analytics and Adwords tracking in a single function.

// Tracking.js - Joannes Vermorel,, 2007
function dhtmlLoadScript(url)
var e = document.createElement("script");
e.src = url;

function lokadTracker(path)

google_conversion_id = 10683XXXX; // use your own ID here
google_conversion_language = "en_US";
google_conversion_format = "1";
google_conversion_color = "FFFFFF";
if (1) {
google_conversion_value = 1;
google_conversion_label = "pageview";

In order to track a file download just embed the script here above, and intercept the onclick event of your download link

<a onclick="lokadTracker('/')" href="" > Foo <a>

Migrating to a DNS hosting provider

I have recently migrated all the DNS data of toward DnsMadeEasy, a provider specialized with DNS hosting. For a long time, it did not even crossed my mind that such low cost independent service would actually exists.

DNS stands for Domain Name System. In simply words, the DNS converts the domain name address into a IP address. Look for the DNS wikipedia, if you want to know more.

Why do I need to know anything about DNS?

As a webmaster, DNS are most usually completely handled by your hosting provider. If your web requirements are simple, you might not even cross DNS settings, everything being completely handled by the hosting provider.

Yet, if you start to rely on 3rd party hosted services such as blog hosting and forums hosting, you may have to update your DNS settings so that the URL is instead of With those 3rd party hosted service, your internet domain becomes a patchwork that includes machines owned by various hosting providers. For example, both and are hosted by 3rd party companies.

Why should I bother about DNS?

At present time, there are many dirty cheap hosted services. Lokad is still a uISV but relies already on almost a dozen of various hosted services providers. And, in very center of this small network lies the DNS. If the DNS go wrong, then the whole network is going to be in deep trouble.

Until very recently, Lokad was relying on the DNS management provided by a low cost regular hosting provider. The DNS hosting was really reliable, we never encountered any issue at that level. Yet, I was a bit concerned by the fact that the "Lokad network" was dependent on a regular hosting provider to manage all the information related to the other hosting providers. This situation was making this particular hosting provider much more critical to the whole network than it ought to be.

Thus, I have decided to migrate everything to DnsMadeEasy. As a result, I am gaining flexibility for potential further hosting migrations. One might argue that I have simply moved for critical node for my previous hosting provider to DnsMadeEasy. That's true. But DnsMadeEasy is completely dedicated to DNS management. Thus, they are not competing with other providers that are referred by the DNS.


Screwturn powered front-end for your mISV

I have just finished to migrate all the web content of into a brand new skinned Screwturn wiki instance. Thanks to the design skills of Sergey Pozhilov, the result does not look bad :-) .

I have been writing about wiki misuses in the past. One of my recommendation of at the time was do not use wikis for public diffusion. I still believe that this recommendation is a good one (even highly popular forums have hard time to get anybody contributing to a wiki). In fact, even if is now hosted in a wiki instance, the accesses have been restricted to the Lokad team. Thus, we are using Screwturn as a CMS and not as a wiki.

This migration was the 3rd step:

  1. At first, the Lokad web application and website were mixed. As a result, it was taking as much effort to update the web application or the website. The situation was just painful by design.

  2. Web application and website have been separated. The website was now regular static HTML. The update overhead was still significant, FTP being just a pain when it comes to fix typos.

  3. We have hired a professional designer to get a decent XHTML skin and then we have migrated the web content into a skinned Screwturn instance. The update overhead is now super-low.

Do not break URLs: When migrating your web pages, it's important to include the proper redirections. I have been using UrlRewritingNet, a nice open-source URL rewriting tool. UrlRewritingNet is very convenient to migrate ASP.NET pages because ISS does not intercept the requests even before they hit the ASP.NET machine.

Benefits of the Screwturn CMS for your mISV

I have been relying on a CMS for 48h to manage, I do not think I am ever going to move backward toward a static HTML again.

  • wiki markup is more compact and more readable than HTML. Page editing becomes easier and faster. Ok, most wikipedians have been knowing that for ages, but I would expect the percentage of websites relying on compact markup to be still quite low.

  • snippets are really convenient for website templating. The concept is both simple and powerful. After going through 70 web pages, I find snippets way more practical than ASP.NET master pages.

  • spell checking is native because Firefox becomes your IDE. Visual Studio should have been supporting spell checking for ages, meantime you can still use CodeSpell.

  • native user accesses management simplifies the task of integrating external contributors, typically professional translators, writers or proofreaders...

Scripting tricks for Screwturn

When it comes to skinning an ASP.NET application, the goal is to change the minimal amount of lines of ASP.NET code (optimally zero) during the skinning process. This process ensures that upgrading toward the next version of the ASP.NET application will be painless. Thus, I have been resorting to a couple of client scripts to avoid touching the ASP.NET code.

The search box is using

<a href="javascript:document.location = 
+ encodeURI(document.getElementById('TxtSearchBox').value);">search</a>

The Edit and History links are using

<a href="javascript:document.location = 'Edit.aspx?Page=' + encodeURI(
document.location.pathname.substring(1,document.location.pathname.length - 5));">Edit</a>

<a href="javascript:document.location = 'History.aspx?Page=' + encodeURI(
document.location.pathname.substring(1,document.location.pathname.length - 5));">History</a>

Finally, the navigation tabs rely on a small script dynamically adjusting the CSS classes.

<script type="text/javascript">
var navItem = document.getElementById('HomeTab');
navItem.className = 'active';

Spam 2.0 or the spammers reloaded

Spammers are legions, and unfortunately, most recent systems are just very weak against adversarial behavior (see my previous discussion on the Google case ).

In the last few months, I have just noticed no less than 4 new kinds of spammers.

Spam 2.0 released, buy now!
  • P2P spam targeting file-sharing applications such as Emule. The basic idea is the following: spread, through the P2P application, a virus that breaks into the P2P application itself. Once the P2P application is infested, all the incoming requests will return the virus wrapped under the name of the incoming query. For example if the incoming request is "some illegal song" then, the infested P2P application will claim the file "some-illegal-song.mp3.exe". Nasty but effective.

  • SMS spam with incentive for the recipients to call a very expensive phone number. Indeed, sending SMS is not free (as far I know); thus you need a strong incentive like "To the owner of 0123456789, you've won a Nitendo Wii, call 987654321 to claim your prize". No need to tell that 987654321 is anything but a tool-free number.

  • Instant Messaging spam targeting applications such a Skype. Actually, I would suspect that some black hat guys managed to pass through the "usual" white-listing systems because I end up, once or twice a day, forcefully connected into huge conference calls (with roughly of 200 people); the spam being sent through the conference canal.

  • Virtual Worlds spam targeting popular MMPORGs such as World of Warcraft. Basically, spammers just start flooding the main discussion canals with commercial links. So far, it was mostly Warcraft-related (like buying Warcraft gold coins with US Dollars), but I suspect that pretty soon, spammers will realize that they are able to sell fake drugs and fake watches on Warcraft too.

Spam has already upgraded toward the version 2.0 but I am still waiting the delayed release of Cypercop 2.0.


Minimal back-office for your eBusiness

I have been running two eBusinesses (namely and and back-office systems play an important role in your business.

Basically, there are 3 unavoidable elements for any eBusiness back-office

  • Account & User deletion
  • Error logs reporting
  • Business oriented dashboard

Account & User deletion: IT'S THE LAW, well, at least in Europe, but I suspect that many other countries provide similar laws, rules or guidelines. Intuitively, if a user who has just created an account asks for a deletion of his account (including all the user-related data), complying is a legal requirement. For example, I have been asking for months the people of StrikeIron to delete my account (mostly because they keep pinging deprecated Web Services URLs of Lokad that do not exist anymore); but they never complied so far. I am not going to sue them for that, but I would suspect that they simply never implemented the delete account feature in their back-office.

Error logs reporting: Running your application on your own web server has a huge advantage: collecting the exceptions that are thrown on your web server is mostly trivial. Many tools (such as ELMAH) can be deployed within hours to provide efficient error logs reports. Exceptions are not the only kind of bugs that your visitors can encounter, yet, it's so easy to keep track of them that you must not disregard such a cheap way of detecting bugs.

Business oriented dashboard: It exists many generic web analytics tools ranging from raw webserver logs to sophisticated user tracking system. Yet, when you design a web application, those elements are most probably going to be only a rough estimate of what your users are actually doing. Indeed, it's often much more interesting to design simple (yet highly specific) indicators that reflects some key aspects of the usage of your application. Those indicators could be critical to quickly estimate impact on a web marketing campaign.