Website Speed as the Most Valuable Consumer Experience, HTTPS as a Ranking Factor, WordPress Security Fix and more news

The website experience that consumers value most

52% of the US consumers say high performance is the quality they value most in website experience, according to Limelight Networks’ recent report. Website performance is the most important digital eperience, meaning that no buffering streams and fast loads go ahead of fresh and updated content. These are some of the report’s key findings:

  • 59% of respondents say they will wait no more than five seconds for a webpage to load before becoming frustrated and leaving the site.
  • 37% say they will leave and buy a product from a competitor if a website is slow, and 26% say they might/are not sure.
  • 50% of respondents say most of the time they use either a smartphone or a tablet to access websites; 85% use a mobile device at least some of the time to access websites.
  • 44% of respondents are willing to wait longer for a website to load on a mobile device; 40% expect websites to be equally fast to load on mobile and desktop.

A high performing website is key to a great web experience. 60% of consumers abandon the site if it takes more than 5 seconds to load. While laptops are still the most used device, 50% users use a smartphone or a tablet to access sites and 40% consumers expect websites to be equally as fast on mobile as to desktop.

Book a demo today to see GlobalDots is action.

Optimize cloud costs, control spend, and automate for deeper insights and efficiency.

Book a demo today to see GlobalDots is action.
Table highlighting factors affecting web experience with performance ratings.

Read more at MarketingProfs.

You can download the full report here.

Google Now Factoring HTTPS Support Into Ranking; CloudFlare On Track to Make it Free and Easy

Google announced that they will start taking into account whether a site supports HTTPS connections in their ranking algorithm. Your site’s HTTP support should be your priority if you care about your Search Engine Optimization. In a very fast response, CloudFlare pushed a new code allowing to load SSL certificates on demand, meaning that a certificate only needs to be in a data center, not on a particular server, before HTTPS traffic needing the certificate is directed to that server. When a request is received, the server can now dynamically retrieve the correct certificate even if it hasn’t been previously loaded into memory, allowing to continue to shift traffic to manage the network even if the SSL certificates for millions of domains are being managed.

Read the full report at CloudFlare blog and official Google blogs here or here.

HTTP/2.0 and DASH: planning tomorrow’s improved video delivery

HTTP traffic has grown extensively due to the immense growth of multimedia traffic. It could be seen as the protocol to deploy new services and applications and it is also heavily used by the industry, providing advanced features for modern internet architectures:

  1. It is a content centric protocol that decouples names from addresses through DNS
  2. It provides caching elements and middle boxes as reverse and forward proxies
  3. It enables scalable and flexible content deployment with content distribution, already leveraged by Content Distribution Networks (CDN)

HTTP streaming solutions such as Microsoft Smooth Streaming and Apple HTTP Live Streaming do not use HTTP/1.1 pipelining with persistent connections, which could increase the streaming performance by up to 30 percent. However, there are not many proxies that support HTTP/1.1 pipelining with persistent connections, due to the Head-of-Line (HoL) blocking problem.

For RTTs that are typical for mobile access connections, the link usage only ranges from 75% to 85%, caused by TCP slow start that influences every segment request. HTTP/1.1 resolves this issue with persistent connections and pipelining, enabling RTT tolerance and link usage higher than 93% for fixed and mobile access connection. HTTP/2.0 offers these functionalities implicitly, while in case of HTTP/1.1 it is not possible to use these features at any time due to proxies and servers that do not support these features, as they are optional and not mandatory.

Check the full report at StreamingMedia.

Evolving web threats demand new approaches to security

DDoS attacks are on the rise in Asia Pacific with over 1,153 attacks being reported and 188 countries recording online threat and malicious activity in 2013. The main concern with security is the lack of adoption and the inability of businesses to adapt and change according to the security landscape. Attacks are damaging and force organizations to regularly audit their security solutions and update tools to be in line with best practices. Most of the enterprises rely on web application firewalls which can often lead to lagging data performance and poor user experience.

Organizations today need a well-rounded security solution that will scale reliably and evolve itself to provide protection from a growing list of online threats. With the attacks evolving and increasing, the solution is to employ a trusted third-party supplier with the technology, skill and experience to defend critical business applications against attacks and to deliver external and internal company networking.
Full article at InformationWeek.

Major security vulnerability in WordPress, Drupal could take down websites

WordPress and Drupal are used by millions of websites. The latest statistics from W3Techs shows WordPress alone powers nearly 23% of the web. The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly. Both WordPress and Drupal have released patches for their applications. Users and web hosts simply need to upgrade to the latest version to protect against the vulnerability.

The vulnerability uses what is called an XML Quadratic Blowup Attack, it just repeats one large entity with tens of thousands of characters over and over again. The attacker needs to fingerprint the available memory limit on the victim’s server. A successful attack will bring down the system. The attack will have zero success if it overwrites the PHP limit, simply because the server will reject the overwrite. WordPress 3.7 introduced automatic updates to help protect it’s users from DDoS’ Blowup Attacks.

Read the full article at Mashable and be sure to upgrade!

Advertisement for GlobalDots promoting website speed,reliability,and cost reduction using a Content Delivery Network.

Latest Articles

What is an API Security Audit?

 In January 2024, a misconfigured API exposed 650,000 private messages. These included passwords and internal communications. No exploit chain. No zero-day. Just a public-facing endpoint with no authentication. This wasn’t an isolated incident. From T-Mobile and Twitter (now X) to Kronos Research and the US Treasury, attackers have consistently used APIs as entry points. They […]

Ganesh The Awesome
26th June, 2025
The Ultimate API Security Checklist for 2025

APIs are now the top attack vector in enterprise apps. In 2024 alone, breaches tied to APIs cost an average of $4.88 million, and that number is rising fast. Attackers exploit gaps in API authentication, input validation, and outdated endpoints to compromise systems. Legacy controls no longer suffice, and the OWASP API Top 10 outlines […]

Ganesh The Awesome
26th June, 2025
10 API Security Best Practices for 2025

APIs are the backbone of today’s interconnected software. They power everything from mobile apps and SaaS platforms to internal microservices and partner integrations. But their rapid growth has left many security teams flat-footed. In 2025, many attackers prefer to exploit API misconfigurations hiding in plain sight. What used to be fringe cases (token leakage, zombie […]

Ganesh The Awesome
23rd June, 2025
API Security in 2025: Practical Assessment & Modern Protection Strategies

APIs are no longer an edge case. In 2025, they’re a core requirement for maintaining trust, compliance, and operational continuity. As organizations build more API-driven systems—from customer apps to internal microservices—the exposure risk compounds. And quickly, too. Even mature security teams are finding that traditional tools can’t keep pace with the volume, velocity, and nuance […]

Ganesh The Awesome
23rd June, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services