I’ve been using Ghost for a while, but I’m now in the process of moving back over to WordPress. Whilst I’ve been using Ghost(Pro), I’ve still maintained Cloudflare in front of that directly, to have more control over the caching and security configuration.
One of the main reasons I’ve been using Cloudflare is to cache everything at the Cloudflare edge to increase end user performance. The below rules set caching on everything other than the Ghost editor and the post preview functionality.
Note: The below was useful for my personal blog where there was very little change from day to day. If your site changes, especially on the same pages, you’ll need to take care using these rules.
When designing for critical applications, such as e-commerce sites or applications, where Performance, Availability and Securityinfluence revenues, it is important to optimise at multiple points for success.
Location, Location, Location
With an ever increasing number ofData Centre locations and providers to choose from, it is generally possible to keep data and application systems within the same continent as users when working on a regional market, sometimes even within the country. Even for global applications, whilst theincrease in legal complexity may introduce challenges for some markets, it is still possible to provide your users with a highly performant site.
One of the methods to achieve this is by using a Content Delivery Network (CDN) to serve your site from multiple locations worldwide, which (given the choice available of providers) likely includes from a Point of Presence (POP) within the country or countries of your target market.
CDNs (orContent Delivery Networks to give them their full name) run multiple servers in multiple geographic locations with plentiful and high quality networking connections and compute resources. These can, depending on the company and their business model, run into the hundreds of thousands of servers, in hundreds of locations, with multipleTerabits (1,000 Gigabits) of connectivity.
Security has been a hot topic for many years and when talking with customers about a multi-layer security design we are often recommending TLS (Transport Layer Security) as one of the basic components. This is often followed by more detailed questions about the benefits, costs and implementation compared with other, more discussed components which are front of mind for CSOs/CTOs. Below are some of the most common reasons for and myths against deploying TLS for your environments.
Pro: Performance and SEO benefits
Google haslong said that speed is a ranking factor but did you know they are nowusing HTTPS as a ranking signal? As part of your Search Engine Optimisation strategy, why not add an easy additional boost to your environment using HTTPS, which gives the two fold benefit of ranking increase for simply using HTTPS but also a potentially significant increase for performance and reduce the time needed to load your pages via the use of HTTP/2. You can compare this usingvarious tools.
Pros: Encryption and Authentication of your site
HTTPS when used correctly allows all website content to be securely encrypted in transit, meaning any malicious network devices between the user and the secure hosting environment supporting the website or application cannot access your data “on the wire”, helping to keep information such as Usernames/Passwords/Emails secure and private. In addition it allows authentication of the website/application to the end user, allowing them to identify that the site they are visiting is not being spoofed or maliciously edited (such as by rogue Wi-Fi network hotspots inserting advertising or malicious redirection).
If your business involves online retail or eCommerce, then you should be used to investing in areas such asA/B testing to determine what changes improve your conversion rates and you may be aware of the effect of performance on users in general, but from experience the amount of organisations who have a tight focus on performance when building their site is pretty small.
There are many tools that are available to test the performance of your site for users: