Get faster web sites

 

The WebCDN platform is designed to be as fast as possible, but in order to achieve maximum performance some adjustments could be required.
The CDN part of WebCDN can cache GET/HEAD requests when configured. This is (almost) always a good idea.

PHP / dynamic content

Is the same content viewed by many public users ?
If you use cookies, pages will not be CDN served by default (it is possible to override this). If the cookies are only needed client side, WebCDN can be configured to ignore them server side in order to use caching anyway.
You should not use cookies as a means for site configuration (language etc). Local storage is preferred if you need this. However make sure the site works even if local storage is disabled.
By default, WebCDN ignore cookies starting with underline _ for CDN cache. 
Do not use pragma/cache-control (maxage can be used for fine tuning) or expire-headers. Never use last-modified headers.
The default max age for dynamic pages are 1 hour

If you run a WooCommerce store, talk to us and we can optimize caching for it further. Many plugins behave irrational when it comes to optimisation.
If you run other types of portals with a login, make sure cookies are set after you login. 

WAF - web application firewall

When configured, WebCDN WAF will use a white list and reject all other outgoing connection attempts done by PHP code on the server and log it.
This is a very good idea when you run open source code or CMS plugins that may try to "phone home" without your knowledge. External server side connections will slow down your web site and potentially cause down time / hang which is hard to solve.


Static content

You don't need to do much in order to get an optimal configuration. Static content is pre-cached and compressed by WebCDN as default.
If you need versioning support for the same static resource, add ?<unique version id> to the URL of the content and change the ID when deploying new versions.
Folders which are not to be accessible from web should be placed outside of the web root.
For javascript files you may minify your files, but it doesn't increase performance much unless you have huge 5mbyte+ files. If you do have huge javascript files you should consider reducing the amount of javascript on your web site.
Loading excessively amount of css/js-files into the same page should be avoided.
The default max age for static content is 24 hours

Images

Icons and similar should be in SVG format. All others should be AVIF. Don't try to compress image resolution too much. Most monitors and phones today have 4-5k resolution and your web site will look bad with low resolution images when people zoom in on images.
If you have older jpg-files and the web browser support .avif, WebCDN will check if the file .jpg.avif exists and use that instead of .jpg.
You may also want to consider using <picture> with multiple image formats instead of <img>.


Multiple CDN locations

It is possible to use multiple CDN locations. We do not recommend this as it will usually slow down your web site.
We only recommend this when you have a lot of traffic (50gbit++) and the goal is to diversify the traffic routing. In that case we also recommend using active-active web site configuration instead of pure CDN.
Keep in mind that users from 5G mobile networks in roaming mode (user is abroad) will continue to have their internet gateway in their original country. Placing a CDN in the users physical country will have no effect on 5G as the user is not technically in that country.

External CDN

External CDN dramatically increases latency 10x times and should always be disabled.



CSP Content-security-policy
Some CMS plugins attempt to load resources from third party sites. This is typically unsecure, increases risk of code injection/hacking, too often violates GDPR / privacy policy and will slow down your web site.
WebCDN enforces 2 solutions to prevent malicious behaviour from such plugins

  1. WebCDN can enforce a no-third-party / content-security policy on web sites to prevent the web site from loading resources and communicating with foreign locations.
  2. WebCDN supports WAF Web Application Firewall which will also prevent script code running on the webserver from loading third party resources. The WAF operate a whitelist of hostnames.


Statistics and tracking

WebCDN support server side aggregated statistics using JStats. This database contain amount of hits/traffic over time.
There is also an analytics version which is GDPR friendly and store a detailed per-user statistics. It is server based and do not use javascript. Such statistics can be used to for example monitor what pages are running slower then they should.


Database queries

The less queries a web page does, the faster a dynamic page will load.
If you are doing many db queries to render a single page you can save significant amount of loading time if you merge as many queries as possible into a single query. You can also use union all queries. Also make sure your page is using indexed queries.

Some CMS systems are so poorly designed that you might benefit using a key/value caching database such as Redis in front of your database - in addition to CDN caching.


.htaccess

This file became obsolete in 2004. Htaccess will slow down any system because it needs to be parsed for every single request.
Web site configuration should be kept within your web site and not be injected into the web server configuration.

Fall back on 404

WebCDN and all other web server software will by default try to load the parent folder if the exact URL was not found. So a 404 on /test.php/nonexistant will load test.php as a file, and if that doesnt exist the root /index.php will be attempted.
When the root /index.php is loaded on a 404 you can use the PHP environment variable REDIRECT_STATUS to check if the user hit a 404 non-existant page. You can for example fine tune caching based on this.


Git

Don't put the .git folder inside your web root. Use a seperate folder
Some security / ISO certification companies will also complain if you have .gitignore files inside your web folder.
Never pull code from git directly to your web folder. It will randomly break your site and possible cause critical security issues during file changes because there is no global file lock.
If possible, deploy full web site packages replacing the entire web root folder. This is also easier dealing with version control and roll back.


JSON and javascript

Solutions doing page-in-page loading of data will reduce performance and give you lower SEO score. Try to render the initial web page in one go which includes all data (excluding static resources). Parts if the page can then be modified on the fly with javascript if needed. Try not to use client side javascript to generate initial HTML output.
Note that PWAs designed to run completely off-line might wrap the entire web page in javascript. This is a special case.

Compression

CDN served content are always pre-compressed unless the compression rate is too low or file too big. The content will therefore not be re-compressed per hit as long as the content is cached in CDN.
This reduces latency and saves a substantial amount of CPU on high traffic web sites.