5 Ways to Speed and Secure Your Site for Black Friday

1 comment

Editor’s Note: This article was first published Nov. 25, 2015. 

If you’re in the US you may have already taken off for the Thanksgiving holiday weekend (it is, after all, one of the busiest travel days of the year), but for many small businesses it is crunch time to make the final touches on their websites so they are ready for the onslaught of holiday shopping traffic this weekend.

Bigger sites and online stores have likely already figured out their strategy for surviving the holiday traffic, but small website owners need not worry as there are still several last minute things to make sure a website is scalable and secure Black Friday through Cyber Monday.

SEE ALSO: How Can Web Hosting Companies Help E-Commerce Retailers Stay Secure?

According to WPEngine founder Jason Cohen, it is not too late for most website owners to make simple changes to their website. Managed WordPress hosting provider WP Engine has 40,000 customers ranging from personal sites to enterprise, and runs some of the biggest WordPress ecommerce sites.

Cohen shared some quick and easy tips with the WHIR that will help small businesses get their sites suited up for the holiday traffic.

  1. Get on a CDN

While a CDN is easy to implement, sites that don’t get a lot of traffic and enable a CDN can still be slow because of the way CDNs update their cache.

“The trouble with sites that don’t normally get a lot of traffic is that when you enable a CDN they have servers all over the world, and those servers need to get your stuff in its cache, so you end up actually getting hit a lot from all those servers,” Cohen said.

CDNs where the user pushes the content such as AWS S3 Cloudfront, or MaxCDN (which has something called a push zone, as opposed to a pull zone) may take a little bit work on the user’s part but can help speed a site’s loading time, he said.

  1. Mobile Matters

It’s no secret that shoppers are increasingly turning to mobile devices to do their holiday shopping. There may be factors that don’t make a difference in terms of speed on a desktop, but they are much more noticeable on a mobile device.

Take, for example, the number of objects on a page.

“In particular the number of objects on the page is really big because the number of times the mobile device has to back and forth to the server, no matter how big those objects are, that actually drastically increases the time,” Cohen said.

To decrease the number of objects on a page, users should look at their CSS files or Javascript files and combine them, which can be done for free with a WordPress plugin like BWP-Minify. “You can install that in two minutes,” he said, “and it will combine the files and make them one.”

“Getting back to that CDN, you can then put that object on a CDN and then you’re really cooking,” Cohen said.

SEE ALSO: Cross-Border Ecommerce Offers Opportunity, But Costs Give Shoppers Pause

  1. Images – Bigger Isn’t Always Better

Images can be critical when it comes to closing a sale on an ecommerce site. But it doesn’t mean that the image has to be so huge that it adds to a site’s loading time.

“People will take the photos given to them by their photographer, and the image is megabits and megabits in size and it is gorgeous, but on a tiny little phone you don’t need all of the data on that image for it to still be crisp and good looking,” Cohen said. “There are different things you can do about that, different tools. It kind of depends on how you’ve built your site.”

“The general notion of not using the biggest, most high resolution photo but rather the one that is appropriate for the device is one that will make it faster,” he said.

  1. Decrease Objects on Page to Increase Site Speed

One of the things that isn’t often talked about when it comes to optimizing site performance is decreasing the total megabits of all the objects on a web page, Cohen said.

This is easy to measure with free tools such as a developer tool within Firefox called Y Slow or an online tool called Webpagetest.org. (Cohen admits it’s a bit technical but tells users to look for how stuff was downloaded by the browser, which shows up at the bottom of the report.)

“What you see, for example, is that it doesn’t take that many images to add up to a couple megabits. A nice, good-looking image might be 200 KB,” he said.

“You’re lucky if a phone gets over 100 KB per second, so two or three MBs is half a minute. Some of the pages have already shown up because the page can start rendering but it might take half a minute before the whole page is rendered, which is a really long time.”

So what’s the compromise? Put less above the fold or just use the most important images.

  1. Scalable – But Don’t Forget About Security

Above all else, make sure you don’t have credit card information passing through your website.

“You should never, ever have credit cards passing through your site,” Cohen said. “It doesn’t matter if the hosting company says its okay or your developer says it’s okay and secure, it isn’t okay and in fact it happens to be against the law in many cases,” he said.

“When something happens like fraud you want to be completely buttoned up,” he said, so it is important to work with a service like Square, PayPal, Stripe or Braintree to process credit card payments. It isn’t too late to get signed up with these services either, companies like Stripe and Braintree are easy to get started with, Cohen said.

Being secure is not always easy or convenient, but it is always worth it if it means saving your customers and your reputation.

“In terms of security on the front-end of the site there’s always a trade-off between convenience and security,” he said. “Two-factor authentication is a lot more secure and it is annoying because you have to get text messages all the time and stuff like that. Having a really complicated password is more secure and annoying. “

“There’s other ways to lock down WordPress,” including making files or databases on a website read-only, he said. “You could say during my period of ‘crazytown’ I’m actually okay being less agile and more annoyed because in exchange I’m getting much safer during the time when I need to be extra, extra safe because I could get a bulk of my sales right now.”

Add Your Comments

  • (will not be published)

One Comment

  1. “You should never, ever have credit cards passing through your site,” Cohen said. “It doesn’t matter if the hosting company says its okay or your developer says it’s okay and secure, it isn’t okay and in fact it happens to be against the law in many cases,” he said." This is why I NEVER suggest paying extra to keep your credit card information on your website. I always tell my website design clients let the link go to PayPal (or where ever) for security. If there is a breach, the customer isn't even on your site. Now the lawsuit goes to the credit card company and NOT to you.