Can Third-Party Scripts Take Down Your Entire Site?
-
Upload
radware -
Category
Technology
-
view
4.200 -
download
0
Transcript of Can Third-Party Scripts Take Down Your Entire Site?
![Page 1: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/1.jpg)
Can Third-Party Scripts Take Down Your Entire Site?
Tammy Everts
O’Reilly Webcast – June 4, 2014
![Page 2: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/2.jpg)
Conversions
Ad revenue
Page views
Visitor data
No need to re-invent the wheel
Quick and easy
Established
Support
Slide 2
![Page 3: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/3.jpg)
Third-party calls can make up >50% of page requests.
Slide 3
Steve Souders: http://www.fastly.com/blog/steve-souders-webperf-web-components/
![Page 4: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/4.jpg)
Slide 4
![Page 5: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/5.jpg)
Slide 5
![Page 6: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/6.jpg)
Slide 6
![Page 7: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/7.jpg)
Third-party scripts present risks to your pages and to your users:
Outages
Slowdowns
Security (?)
Slide 7
![Page 8: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/8.jpg)
Slide 8
![Page 9: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/9.jpg)
Slide 9
![Page 10: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/10.jpg)
Increase page weight
Increase number of hosts and connections
Introduce additional latency
Slide 10
![Page 11: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/11.jpg)
Slide 11
832ms 1.788s 918ms
![Page 12: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/12.jpg)
Wait… what the heck is a fourth-party call?
Slide 12
![Page 13: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/13.jpg)
Slide 13
http://www.webperformancetoday.com/2011/07/14/fourth-party-calls-third-party-content/
![Page 14: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/14.jpg)
Slide 14
![Page 15: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/15.jpg)
1. Audit your third-party scripts.
![Page 16: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/16.jpg)
• Identify all third-party scripts
• Know which pages they’re on
• Find out what performance best practices, if any, each script uses (e.g., deferral, async loading)
• Read the SLA for each provider (if they have one)
Slide 16
![Page 17: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/17.jpg)
Slide 17
http://www.webpagetest.org
![Page 18: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/18.jpg)
Slide 18
![Page 19: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/19.jpg)
http://www.webperformancetoday.com/2014/03/18/waterfalls-101-how-to-use-a-waterfall-chart-to-diagnose-performance-pains/
Slide 19
![Page 20: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/20.jpg)
Slide 20
![Page 21: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/21.jpg)
Slide 21
![Page 22: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/22.jpg)
2. Test for SPOFs.
![Page 23: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/23.jpg)
The old, painful way:
http://www.webperformancetoday.com/2011/10/13/how-vulnerable-is-your-site-to-third-party-failure/
Slide 23
![Page 24: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/24.jpg)
Slide 24
The new, better way:
https://chrome.google.com/webstore/search/spof-o-matic
![Page 25: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/25.jpg)
Slide 25
![Page 26: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/26.jpg)
Slide 26
![Page 27: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/27.jpg)
Slide 27
![Page 28: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/28.jpg)
Slide 28
SPOF: 22.7s
Original: 3.5s
![Page 29: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/29.jpg)
Slide 29
![Page 30: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/30.jpg)
Slide 30
![Page 31: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/31.jpg)
Slide 31
![Page 32: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/32.jpg)
Slide 32
![Page 33: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/33.jpg)
Slide 33
Original
SPOF
![Page 34: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/34.jpg)
https://www.optimizely.com/security
Slide 34
![Page 35: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/35.jpg)
Slide 35
![Page 36: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/36.jpg)
Slide 36
![Page 37: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/37.jpg)
Slide 37
Original
SPOF
![Page 38: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/38.jpg)
Blackhole test results fall into one of three groups:
1. SPOF page loads SLOWER than original page Fix: Deferral or async script
2. SPOF page loads FASTER than original page Fix: Talk to provider about script hosting
3. SPOF page times out. Fix: Same as #1
Slide 38
![Page 39: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/39.jpg)
3. Before you add a new script, research the provider.
![Page 40: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/40.jpg)
• Response time and time to last byte
• RT and TTLB from multiple locations
• Average monthly downtime
• Do they use a CDN?
• If so, where are their caches located?
Slide 40
![Page 41: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/41.jpg)
4. Read the provider’s service level agreement.
![Page 42: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/42.jpg)
An ideal third-party SLA should:
• Express monthly annual uptime guarantee as a percentage (ideally, as close to 100% as possible)
• Explain how performance will be monitored and reported
• Describe the process for reimbursing site owners (if site owners are paying for the service provided by the script) if uptime drops below the SLA guarantee
Slide 42
![Page 43: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/43.jpg)
5. Perform a cost-benefit analysis.
![Page 44: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/44.jpg)
Slide 44
![Page 45: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/45.jpg)
Slide 45
![Page 46: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/46.jpg)
2-second slowdown = 14% conversion loss
But…
…if that same tool promises a 20% conversion increase, that = a net gain of 6%
Slide 46
![Page 47: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/47.jpg)
6. Be ready to say no.
![Page 48: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/48.jpg)
Slide 48
![Page 49: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/49.jpg)
7. Defer scripts whenever possible.
![Page 50: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/50.jpg)
Slide 50
![Page 51: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/51.jpg)
Pro: It’s a relatively easy fix.
Con: It won’t work for all content.
Slide 51
![Page 52: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/52.jpg)
Slide 52
![Page 53: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/53.jpg)
8. Use asynchronous scripts.
![Page 54: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/54.jpg)
Slide 54
![Page 55: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/55.jpg)
Slide 55
![Page 56: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/56.jpg)
Slide 56
Pro:
Doesn’t block primary content.
Cons:
Can be tricky to program.
Can mess up onLoad and make it difficult
to see other problems.
![Page 57: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/57.jpg)
http://www.stevesouders.com/blog/2009/04/27/loading-scripts-without-blocking/
Slide 57
![Page 58: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/58.jpg)
Slide 58
http://calendar.perfplanet.com/2011/the-art-and-craft-of-the-async-snippet/
![Page 59: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/59.jpg)
9. Monitor constantly.
![Page 60: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/60.jpg)
RUM/APM
Tag management systems
SPOF-o-matic
No excuses.
Slide 60
![Page 61: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/61.jpg)
10. Give feedback to providers.
![Page 62: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/62.jpg)
Slide 62
![Page 63: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/63.jpg)
Slide 63
![Page 64: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/64.jpg)
11. Know when to pull the plug.
![Page 65: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/65.jpg)
Slide 65
![Page 66: Can Third-Party Scripts Take Down Your Entire Site?](https://reader033.fdocuments.net/reader033/viewer/2022050714/55d536a2bb61eb7b088b460f/html5/thumbnails/66.jpg)
Tammy Everts
webperformancetoday.com
twitter.com/tameverts
Slide 66
Questions?