Website Speed as the Most Valuable Consumer Experience, HTTPS as a Ranking Factor, WordPress Security Fix and more news

4 Min read

The website experience that consumers value most

52% of the US consumers say high performance is the quality they value most in website experience, according to Limelight Networks’ recent report. Website performance is the most important digital eperience, meaning that no buffering streams and fast loads go ahead of fresh and updated content. These are some of the report’s key findings:

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%
  • 59% of respondents say they will wait no more than five seconds for a webpage to load before becoming frustrated and leaving the site.
  • 37% say they will leave and buy a product from a competitor if a website is slow, and 26% say they might/are not sure.
  • 50% of respondents say most of the time they use either a smartphone or a tablet to access websites; 85% use a mobile device at least some of the time to access websites.
  • 44% of respondents are willing to wait longer for a website to load on a mobile device; 40% expect websites to be equally fast to load on mobile and desktop.

A high performing website is key to a great web experience. 60% of consumers abandon the site if it takes more than 5 seconds to load. While laptops are still the most used device, 50% users use a smartphone or a tablet to access sites and 40% consumers expect websites to be equally as fast on mobile as to desktop.


Read more at MarketingProfs.

You can download the full report here.

Google Now Factoring HTTPS Support Into Ranking; CloudFlare On Track to Make it Free and Easy

Google announced that they will start taking into account whether a site supports HTTPS connections in their ranking algorithm. Your site’s HTTP support should be your priority if you care about your Search Engine Optimization. In a very fast response, CloudFlare pushed a new code allowing to load SSL certificates on demand, meaning that a certificate only needs to be in a data center, not on a particular server, before HTTPS traffic needing the certificate is directed to that server. When a request is received, the server can now dynamically retrieve the correct certificate even if it hasn’t been previously loaded into memory, allowing to continue to shift traffic to manage the network even if the SSL certificates for millions of domains are being managed.

Read the full report at CloudFlare blog and official Google blogs here or here.

HTTP/2.0 and DASH: planning tomorrow’s improved video delivery

HTTP traffic has grown extensively due to the immense growth of multimedia traffic. It could be seen as the protocol to deploy new services and applications and it is also heavily used by the industry, providing advanced features for modern internet architectures:

  1. It is a content centric protocol that decouples names from addresses through DNS
  2. It provides caching elements and middle boxes as reverse and forward proxies
  3. It enables scalable and flexible content deployment with content distribution, already leveraged by Content Distribution Networks (CDN)

HTTP streaming solutions such as Microsoft Smooth Streaming and Apple HTTP Live Streaming do not use HTTP/1.1 pipelining with persistent connections, which could increase the streaming performance by up to 30 percent. However, there are not many proxies that support HTTP/1.1 pipelining with persistent connections, due to the Head-of-Line (HoL) blocking problem.

For RTTs that are typical for mobile access connections, the link usage only ranges from 75% to 85%, caused by TCP slow start that influences every segment request. HTTP/1.1 resolves this issue with persistent connections and pipelining, enabling RTT tolerance and link usage higher than 93% for fixed and mobile access connection. HTTP/2.0 offers these functionalities implicitly, while in case of HTTP/1.1 it is not possible to use these features at any time due to proxies and servers that do not support these features, as they are optional and not mandatory.

Check the full report at StreamingMedia.

Evolving web threats demand new approaches to security

DDoS attacks are on the rise in Asia Pacific with over 1,153 attacks being reported and 188 countries recording online threat and malicious activity in 2013. The main concern with security is the lack of adoption and the inability of businesses to adapt and change according to the security landscape. Attacks are damaging and force organizations to regularly audit their security solutions and update tools to be in line with best practices. Most of the enterprises rely on web application firewalls which can often lead to lagging data performance and poor user experience.

Organizations today need a well-rounded security solution that will scale reliably and evolve itself to provide protection from a growing list of online threats. With the attacks evolving and increasing, the solution is to employ a trusted third-party supplier with the technology, skill and experience to defend critical business applications against attacks and to deliver external and internal company networking.
Full article at InformationWeek.

Major security vulnerability in WordPress, Drupal could take down websites

WordPress and Drupal are used by millions of websites. The latest statistics from W3Techs shows WordPress alone powers nearly 23% of the web. The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly. Both WordPress and Drupal have released patches for their applications. Users and web hosts simply need to upgrade to the latest version to protect against the vulnerability.

The vulnerability uses what is called an XML Quadratic Blowup Attack, it just repeats one large entity with tens of thousands of characters over and over again. The attacker needs to fingerprint the available memory limit on the victim’s server. A successful attack will bring down the system. The attack will have zero success if it overwrites the PHP limit, simply because the server will reject the overwrite. WordPress 3.7 introduced automatic updates to help protect it’s users from DDoS’ Blowup Attacks.

Read the full article at Mashable and be sure to upgrade!



Latest Articles

How to Defeat Bad Bots in 2024 (and Why It’s Still So Hard)

Introduction  Bots today outnumber human users in eCommerce sites: From 15% in 2017, to 30% in 2019, to 64% in 2021. Some extreme cases we’ve witnessed peaked in 90-99.8% bot traffic. But perhaps the more concerning bit is the traffic share of bad bots: an approximate 39% of all internet traffic in 2021.   Hackers are […]

Dr. Eduardo Rocha Senior Solutions Engineer & Security Analyst @ GlobalDots
13th June, 2024
Cut Big Data Costs by 23%: 7 Key Practices

In this webinar, we reveal a solution that cuts big data costs by 23% and enhances system efficiency - without changing a single line of code. We’ll also explore 7 key practices that will free your engineers to process and analyze data at the pace and scale they need - and ensure they never lose control of the process.

15th April, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential