Sometimes we come across a blog that is so good that we just have to share it. We will highlight a few of our favorites each month here on the blog, but don't forget to see what else we are sharing on Twitter and Facebook.
Find Out How You Stack Up to New Industry Benchmarks for Mobile Page Speed
When it comes to website traffic and page views, site speed is everything; that goes for mobile as well as desktop. It’s surprising, then, to find that Google cites the average time to fully load a mobile landing page as 22 seconds. With 53% of mobile site visitors leaving a page that takes longer than three seconds to load, 22 seconds is a big problem.
Especially in the eCommerce realm, a slow site can have a huge impact on performance. Not only do slow-loading pages bring down page views, they increase the chances of cart abandonment and lost sales. In fact, Google found that despite the fact that more than half of overall web traffic comes from mobile devices, mobile conversion rates are lower than desktop. “In short,” Google says, “speed equals revenue.”
Some other startling statistics from Google’s mobile site speed study:
- 70% of pages analyzed took nearly seven seconds to load visual content above the fold, and it took more than 10 seconds to fully load all visual content
- As page load time goes from one to five seconds, the probability of bounce increases 90%
- And as page load time goes from one to 10 seconds, the probability of bounce increases 123%
A security vulnerability in Cloudflare’s services, known as Cloudbleed, was recently discovered. The issue arose when a memory leak occurred in Cloudflare’s HTML parser. Because of this, requests being transmitted through the parser were accidently showing up in the HTML being parsed.
This means that contents of these requests were found in the HTML of pages. It was a slim chance, about one in every 3.3 million requests, but a chance all the same that a request through Cloudflare could potentially result in a memory leak of submitted requests.
This leaked content could include anything from an email address submitted to sign up for a newsletter, to bank account usernames and passwords, should the bank use Cloudflare. The chances of this happening to you are small, but it is certainly a real risk.
For protection, we always encourage enabling of two-factor authentication when available, especially sites that contain personably identifiable information, and reset all passwords regularly – especially after issues like this.
You can read more about this issue on Cloudflare’s blog.
If you have any further questions, please do not hesitate to reach out.
Magento Security Updates
Magento has recently announced software updates that provide a range of improvements, including a fix for the recently discovered Zend Framework 1 security vulnerability and quality updates to catalog, payments, and sales modules in Magento 2.
Updates include the following software versions:
- Enterprise Editions 2.1.4 and 2.0.12
- Community Editions 2.1.4 and 2.0.12
- Enterprise Edition 220.127.116.11, Community Edition 18.104.22.168, and the SUPEE-9652 patch to resolve the Zend Framework 1 issue
Read through the full release notes for more information on these patches.
Ready to implement these patches? Contact our team through your support portal.