Website Performance

In this report I will be splitting the content into two parts. The first consisting of the client side and server side factors that affect the performance of a website. In the second part I will be detailing security risks and protection mechanisms involved with website performance.

The performance of a website is dependent on countless factors both client side and server side. Client side means that the factor is the result of something on the client’s end, the user, you. Server side means that the factor is the result of something on the server’s end, the host, them. Below I will give many examples and explanations for both client side and server side factors that affect website performance.

Client side factors include; download speeds, choice of browser, cache memory, processor speed, and other hardware dependent factors.

Download Speed is the speed of which a computer could download information from the internet. This can be tested using ‘speed tests’, most popularly used is ‘http://www.speedtest.net/’ which provides users with information on their upload and download speeds. Download speeds affect the performance of a website for the client because slower speeds will take more time to download the information required to load the page. This issue is growing smaller and smaller since most ISPs offer connections more than adequate to load the vast majority of sites and only those with excessively large files or large amounts of dynamic elements will prove difficult. Google has a very small amount of information on it’s homepage making it easier to load on any connection. Apple’s website has a very dynamic layout making it incredibly difficult to open on slower connections.

Cache Memory is a form of memory used with websites to temporarily store versions of webpages on the client’s device. This means that anytime the user may try to access the site, it will use the cache form rather than send another request to the host. This both causes less stress on the server side and gives a quicker loading time to the client. However, there becomes a line with cache where is outweighs the benefit. Should the cache grow incredibly large, it may begin to slow the client’s device, which in turn would slow the loading time of websites. To avoid this, it is recommended that users delete their cache from time to time or at least delete the unimportant cache to avoid it growing excessively large.

Browser Choice is a choice users can make when using their device. As of 2016, the most popular browser is Google’s Chrome which is available on every device besides Windows Phones. This is likely because Chrome is the one of the fastest browsers available and has a range of additional features that are integrated into the browser such as; an app store, cloud storage and conference calls. The fact that Chrome is the fastest browser makes it the best choice for getting the best website performance client side. Browsers like Windows’ Edge (formally Internet Explorer) have been praised for having the fastest startup time and page load time, but when it comes to simple page loading, Chrome is the best browser for the job.

Processor Speed is probably the least relevant one nowadays as the vast majority of processors are capable of loading websites in reasonable times, but some are still not up to standard. Processor speed affects the speed at which a website can be loaded because a it takes the device more time to process the information sent from the host. Similar issues are found with RAM, Chrome is notorious for requiring excessive amounts of RAM whilst in use so it is important that these pieces of hardware are adequate for sufficient website performance too.

Server side factors include bandwidth, traffic, file extensions and efficiency of scripts and programs.

Bandwidth is the amount of space the data has to send and receive, this is an issue as smaller bandwidths restrict the amount of data that can be sent to and from the server, regardless of the client’s connection speeds. There isn’t much that can be done to improve bandwidth and would require relocation of the website, be it from a different physical location or just to a better host.

Traffic is the term given to the amount of users that access a website (also referred to as ‘hits’) this is hugely significant with website performance. Traffic is predictable for the most part and isn’t often an issue. Most hosts prepare for known increases in traffic such as Amazon on Black Friday or Steam on Christmas day. These increases are prepared for. When websites aren’t prepared for increases in traffic, they crash. This can be avoided by limiting the number of user on a site by delaying them or just queueing them on a one in, one out basis. Though this does solve the crashing problem, it does, in most cases, cause users to lose interest and go elsewhere or just give up, losing potential customers or ad revenue. Traffic isn’t necessarily all from people though. Some people will write programs termed a DOS attack. There are different types of DOS attacks, most commonly DDOS meaning distributed denial of service. This causes the server to repeatedly send/receive data on a massive scale that is impossible for the server to handle causing either a crash or a massive decrease in performance.

File extensions are very important for large websites. Files of different mediums like audio, video, image and text all have different ways to store themselves. Different file types exist for different reasons, some may be to preserve maximum quality in images, others to send to other people other internet connections quickly. Website designers must decide between the file types they choose for all the assets used in a website. For images, many websites would opt to just use JPG as it is much faster for a client to load and takes up less space on the server. However, some might opt for         TIF as it utilises lossless compression meaning the image can be perfectly reconstructed from the compressed information. This is useful for photo sharing websites. But it is vital to remember that the more something is compressed, the less time it’ll take to be loaded by the client.

The efficiency of the code used in a website is very important as the more code there is to be executed, the longer it’ll take for the client to see the information. This is especially important for code that is required to execute before the web page actually loads. Scripts written in PHP are often used for more dynamic web page content which might take longer to load and would need to be executed prior to the loading of the web page. Websites written in basic HTML with a little CSS for formatting are much easier to load but aren’t as appealing to modern dynamic websites. Also, code needs to be written efficiently, using loops where possible and trying to shorten the amount of tasks that must be performed before the website can be loaded. This is dependent on the ability of whoever built or is building the website.

To conclude, client side factors are important but are the fault of the client and ultimately their responsibility to fix. Server side factors are down to the owners to fix and improve on for doing so will likely increase traffic to the website and generate more positive reviews. These are important consequences for website owners to consider as it impacts the owner’s image a lot, especially if it’s an e-commerce site or personal portfolio.

This second half will focus upon the security risks and safety mechanisms involved in website performance. The security risks involved include; spoofing/phishing, software exploits, viruses and hackers.

Spoofing is a term given to the action of faking the identity of a sender of information to make it look like a legitimate source. This is often used to gain access to higher permissions or accounts. In websites, this sometimes involves a user pretending to be of authority regarding the website to trick other authorities in the website server to give them the permissions. Phishing is a similar technique, where one would send an email posing to be from a bank or trusted sender asking for the user to go to a website and log in with their bank details/ private credentials. The individual responsible for this might choose your identity to use and misuse the trust you and your web clients have.

Software exploits are problems or weaknesses in the software that can be used to an attacker's advantage to gain access to private information or abuse higher than public permissions. Software is exploited when someone finds gaps in security and uses it to bypass safety mechanisms employed by the site. These exploits might simply exist of fault in design or may come about because of errors created when handling invalid requests. Such exploits may cause the website to slow and become more difficult for users to load it, it might simply terminate all operations temporarily so the software engineer can patch the security issue.

Viruses are small pieces of software that are produced with malicious intent. These are made to spread and cause harm wherever they go, be it to mess with the web pages themselves or to hide on a web server so that they can be downloaded by visitors to the site. Many viruses on websites are designed to take advantage of those with lesser technological knowledge, advertising wild promotions or offers in an attempt to trick people into accepting downloads. They are also capable of destroying entire websites, stealing information and harming host to client relations (e.g. users probably won’t visit again if they suspect danger on the site). Viruses are also likely to take up space and interfere with other bits of data, meaning the website will begin to struggle to load and sift through finding relevant information. The alteration of data might even cause the website to crash or become unreadable for the user.

Hackers are individuals that are skilled in programming languages, able to write code and find workarounds for security measures. Hackers aren’t all malicious, many just do it to test their skills or out of boredom with no ill intent at all. Unfortunately, many will use their skills to break into web servers and seek out private information or take information hostage using ransomware. Skilled hackers are pretty much able to whatever they please with a website once they’ve gained the highest level of permissions, anything from terminating the website, to completely altering it or even redirecting the URL elsewhere. This would have quite a detrimental effect on the website's performance.

Security mechanisms that are involved with website performance are; firewalls, SSL and standard practices.

A Firewall is a piece of software that is employed the server upon which the website is being hosted to keep a log of each bit of data sent to and from the server. It also restricts what can and can’t be sent to the server. This avoids things like viruses gaining access to the server. They work by analysing the data packets that are sent between nodes heading to the server, based on what the data it and where it came from, it will either be accepted or rejected. This is an essential piece of software for basically any machine, server or personal computer. It’s also a default feature of the vast majority of operating systems. A clean, infection free server allows for optimal transmission of data, meaning the website performance is the best it can be.

SSL is a secure socket layer, this is software that is utilised between the web server and the WAN connection. This is used to allow easy transmission of encrypted data between known and trusted nodes across the internet. It guarantees safety and privacy of information, this is very important as it allows the user to know that the website they are using is safe and secure.

Standard Pracise is what many would call common sense. Simply ensuring that all precautions are taken with having a website. Be certain that all admins aren’t giving out passwords or private information. Make sure administrator accounts are secured with strong and regularly changed passwords, don’t use ‘12345’ or ‘admin’ as the password as these are easily guessed. Also use a combination of special characters, letters and numerals. Its also important that any machine that is used to access server details must be correctly logged out of and shut down, especially public computers.

To conclude, security risks and safety mechanisms play a large role in the performance of a website. Things like viruses and hackers can cause huge decreases in the performance of a website as far as even taking the website down. Spoofing and software exploits can cause disputes between server hosts and website owners causing problems and may require the website to go offline whilst conversations are had and patches are produced. Firewalls, SSL and Standard Practise are the three most efficient security mechanisms is keeping a website up to optimal performance levels and would cost nothing to use.