section.io Website Performance and Security Blog

Varnish Cache released their latest 5.2 version late last week and it is already available on section.io’s globally distributed Application Edge.

section.io is pleased to announce another feature to help websites stay online when extreme traffic peaks arrive. A Virtual Waiting Room can ensure that your website stays up and serving customers when an extreme traffic event would otherwise have caused a complete outage.

Since before PCI DSS 3.2 was published, section.io has provided delivery infrastructure with early TLS protocol versions disabled to allow customers to adopt the PCI requirements ahead of the June 2018 deadline. For many other customers though, disabling early TLS would have prevented too many visitors from being able to access, or complete transactions, on their websites.

During my time at section.io I have seen the websites of our customers and our partners go offline due to a seemingly innocuous administration error: failing to renew their domain name registration on time. This issue was recently brought to the forefront recently when the popular marketing tool Marketo failed to renew their domain name, and were shut out of their system for several hours.

AJAX calls, which stand for Asynchronous JavaScript And XML, are becoming more popular as web applications look to bring in personalized items dynamically. AJAX calls are one method to load personalized content separately from the rest of the HTML document, which allows for the full HTML document to be cached, improving back end load time.

Each year the holiday season seems to roll around more quickly, with Thanksgiving decorations popping up before Halloween has concluded and winter-themed decorations and merchandise appearing in stores mid-September. For retailers, holiday sales dominate promotions beginning in mid-November and go all the way through post-season blowouts in January.

It’s become common knowledge that the speed at which pages load is a crucial part of user experience, and recently page speed has become more and more important in other areas - Google’s search engine ranks pages based on page load time (specifically, time to first byte), and Facebook has announced that it will prioritize links that load quickly in its newsfeed over those that are slow to load, saying “We’ve heard from people that it’s frustrating to click on a link that leads to a slow-loading webpage. In fact, even more broadly on the internet, we’ve found that when people have to wait for a site to load for too long, they abandon what they were clicking on all together.”

If you use Varnish Cache on your website or are visiting a website that caches content with Varnish, chances are at some point you will come across the Varnish server error: Error 503 Service Unavailable / Guru Meditation with an XID number. A 503 error means that the web server trying to be reached is unavailable - this could be because it is overloaded, down for maintenence, or not fully functional for another reason.

We’re pleased to release Varnish Cache 101: A Technical Guide to Getting Started with Varnish Cache and VCL. Varnish Cache is a powerful HTTP accelerator that is popular due to its speed and flexibility, as it allows users to cache both static and dynamic content, resulting in extremely fast page load times. However, it can be difficult for new users to learn how Varnish works and Varnish Configuration Language.

There are several challenges to deploying a robust security solution on your website or application. As we have discussed previously, hackers, bots, and attack types are becoming more and more advanced, and it can be difficult to block all known and unknown threats using older rules-based Web Application Firewalls. In addition website security solutions can be frustrating to integrate with modern developer workflows such as DevOps and Agile.