A few days ago I have finally finished reading the OpenX Ad Server: Beginner’s Guide book, by Murat Yilmaz, that PACKT publishing sent me for review. The book deals with the aspect of installing and configuring the open-source OpenX Ad Server in order to serve advertisement campaigns on your websites. Being a beginner’s guide, the book doesn’t require advanced IT skills, stating that basic level would be enough to follow the subject. The reader should feel comfortable with using an FTP client, or cPanel’s file management features in case of using a managed web hosting service, and creating and administering a MySQL database.
Every chapter is divided into three distinct parts which might repeat: an introductory section with explanations, a “Time for action” section where guided by screenshots (a lot of them actually) the reader is shown how to perform various steps, a “What just happened?” section - which I personally find extremely annoying - that highlights the outcome, a “Pop quiz” section that should help the reader verify his/hers accumulated knowledge and the “Summary”.
The first chapter should get you going with OpenX by showing how to install the application under a web server and how to configure it. Unfortunately, this is the very moment when the author misadvises the reader to create a major security hole by setting the file permissions on some of the application’s folders to 777 (yes, OpenX Ad Server is officially supported on Linux only). What this means in non tech-savvy language is that everybody has access to the respective folders: the owner (in this case the owner should be the user under which the web server runs), the group to which the owner belongs and everybody else. This would allow every script kiddie and medium talented hacker to make a breach into your system. Of course, OpenX has to be able to write into its own folders, but by no means those folders should have the 777 mask. In order to safely install OpenX I advise you to set the file permissions to 755 on folders (the owner has read/write/execute permissions while everybody else, including his group, has only read and execute permissions) and 644 on files (read/write for the owner, read for everybody else). If you have access to your server’s shell this can be easily done by issuing these commands:
The only reason for which the folders need the execute bit is to be able to browse into them. Another factual error encountered in chapter one is that the author assumes the reader is using Windows Vista when all the operations needed to install and configure OpenX are platform independent.
Chapter two should give you the basic understanding of how OpenX works by doing some trivial operations like defining and adding an advertiser, a campaign, a banner and a website on which to display the campaign. All of these concepts are detailed in the next chapters by showing the reader the full capabilities of OpenX. With an abundance of screenshots, each action is guided every step so that you won’t get lost on the way. Being the first time when I work with OpenX I can’t seem to find anything that’s missing from this book, comparing the contents with the features of the ad server. Everything is explained in detail and in a simple language, in some sections very “simple” (see below). I like the fact that the author describes how to integrate OpenX Ad Server with popular platforms like Google AdSense, Blogger or Wordpress. Furthermore, the details offered for selectively serving your ads according to the websites’ content are pretty well explained.
Chapters 7, 8 and 9 are about administering OpenX: user accounts, user roles and upgrades to the system. With almost 65 pages out of a total of 267 (a quarter of the book), these chapters could have included a security advisory section with topics like using OpenX on an SSL enabled web-server, web-server security and how to protect OpenX of unauthorized access.
The major drawback of this book is the language used. The author isn’t a native speaker, neither am I, but from pages 10 to 22 I have spotted 20 grammar mistakes, bad formed phrases or typos and this proportion seems to be constant throughout the book (you can convince yourself by reading the sample chapter available here). This comes as a surprise because the book has officially been reviewed by two other people, namely Jose Argudo and Mert Erkal, and of course the editors. Even if the content is interesting and helpful, this aspect of poor language (which is not at all excusable) corroborated with bad security practices and the fact that some of the guides aren’t described as being platform independent lowers the value considerably, down to the point where the money asked for the printed book or for the e-book version is not at all justified.
If PACKT would republish the book by correcting all the inadvertences described above, I would recommend it for all of you who are beginners in administering your own online advertisement network. Otherwise it simply doesn’t worth buying it because OpenX has proper documentation that should help you get started, which is freely accessible, and the user interface is pretty straight-forward.