Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Can Third-Party Scripts Take Down Your Entire Site?

5,689 views

Published on

Do you know how many third-party scripts your pages are currently running? And do you know how many of those scripts are affecting your site's performance — either by slowing down page rendering or by potentially blocking the entire page?

If you don't know the answer to these questions, you're not alone. The rampant proliferation of third-party scripts makes them difficult to manage and control. In this presentation, you'll walk through a process for testing the scripts on your pages to see which ones represent a SPOF. We'll also review an 11-step plan for bullet-proofing your site against third-party failure.

For more on web performance and application delivery, please visit: http://blog.radware.com/applicationdelivery/applicationaccelerationoptimization/

Published in: Technology, Education
  • Be the first to comment

Can Third-Party Scripts Take Down Your Entire Site?

  1. 1. Can Third-Party Scripts Take Down Your Entire Site? Tammy Everts O’Reilly Webcast – June 4, 2014
  2. 2. Conversions Ad revenue Page views Visitor data No need to re-invent the wheel Quick and easy Established Support Slide 2
  3. 3. Third-party calls can make up >50% of page requests. Slide 3 Steve Souders: http://www.fastly.com/blog/steve-souders-webperf-web-components/
  4. 4. Slide 4
  5. 5. Slide 5
  6. 6. Slide 6
  7. 7. Third-party scripts present risks to your pages and to your users: Outages Slowdowns Security (?) Slide 7
  8. 8. Slide 8
  9. 9. Slide 9
  10. 10. Increase page weight Increase number of hosts and connections Introduce additional latency Slide 10
  11. 11. Slide 11 832ms 1.788s918ms
  12. 12. Wait… what the heck is a fourth-party call? Slide 12
  13. 13. Slide 13 http://www.webperformancetoday.com/2011/07/14/fourth-party-calls-third-party-content/
  14. 14. Slide 14
  15. 15. 1. Audit your third-party scripts.
  16. 16. • Identify all third-party scripts • Know which pages they’re on • Find out what performance best practices, if any, each script uses (e.g., deferral, async loading) • Read the SLA for each provider (if they have one) Slide 16
  17. 17. Slide 17 http://www.webpagetest.org
  18. 18. Slide 18
  19. 19. http://www.webperformancetoday.com/2014/03/18/waterfalls-101-how-to-use-a-waterfall-chart-to-diagnose- performance-pains/ Slide 19
  20. 20. Slide 20
  21. 21. Slide 21
  22. 22. 2. Test for SPOFs.
  23. 23. The old, painful way: http://www.webperformancetoday.com/2011/10/13/how- vulnerable-is-your-site-to-third-party-failure/ Slide 23
  24. 24. Slide 24 The new, better way: https://chrome.google.com/webstore/search/spof-o-matic
  25. 25. Slide 25
  26. 26. Slide 26
  27. 27. Slide 27
  28. 28. Slide 28 SPOF: 22.7s Original: 3.5s
  29. 29. Slide 29
  30. 30. Slide 30
  31. 31. Slide 31
  32. 32. Slide 32
  33. 33. Slide 33 Original SPOF
  34. 34. https://www.optimizely.com/security Slide 34
  35. 35. Slide 35
  36. 36. Slide 36
  37. 37. Slide 37 Original SPOF
  38. 38. Blackhole test results fall into one of three groups: 1. SPOF page loads SLOWER than original page Fix: Deferral or async script 2. SPOF page loads FASTER than original page Fix: Talk to provider about script hosting 3. SPOF page times out. Fix: Same as #1 Slide 38
  39. 39. 3. Before you add a new script, research the provider.
  40. 40. • Response time and time to last byte • RT and TTLB from multiple locations • Average monthly downtime • Do they use a CDN? • If so, where are their caches located? Slide 40
  41. 41. 4. Read the provider’s service level agreement.
  42. 42. An ideal third-party SLA should: • Express monthly annual uptime guarantee as a percentage (ideally, as close to 100% as possible) • Explain how performance will be monitored and reported • Describe the process for reimbursing site owners (if site owners are paying for the service provided by the script) if uptime drops below the SLA guarantee Slide 42
  43. 43. 5. Perform a cost-benefit analysis.
  44. 44. Slide 44
  45. 45. Slide 45
  46. 46. 2-second slowdown = 14% conversion loss But… …if that same tool promises a 20% conversion increase, that = a net gain of 6% Slide 46
  47. 47. 6. Be ready to say no.
  48. 48. Slide 48
  49. 49. 7. Defer scripts whenever possible.
  50. 50. Slide 50
  51. 51. Pro: It’s a relatively easy fix. Con: It won’t work for all content. Slide 51
  52. 52. Slide 52
  53. 53. 8. Use asynchronous scripts.
  54. 54. Slide 54
  55. 55. Slide 55
  56. 56. Slide 56 Pro: Doesn’t block primary content. Cons: Can be tricky to program. Can mess up onLoad and make it difficult to see other problems.
  57. 57. http://www.stevesouders.com/blog/2009/04/27/loading-scripts-without-blocking/ Slide 57
  58. 58. Slide 58 http://calendar.perfplanet.com/2011/the-art-and-craft-of-the-async-snippet/
  59. 59. 9. Monitor constantly.
  60. 60. RUM/APM Tag management systems SPOF-o-matic No excuses. Slide 60
  61. 61. 10. Give feedback to providers.
  62. 62. Slide 62
  63. 63. Slide 63
  64. 64. 11. Know when to pull the plug.
  65. 65. Slide 65
  66. 66. Tammy Everts tammye@radware.com webperformancetoday.com twitter.com/tameverts Slide 66 Questions?

×