Website Challenges 2020: Have You Addressed Them Yet?
In our annual survey, we asked our clients what the biggest website challenges they foresaw encountering in 2020 were, wondering what we could do to help you overcome them. Now that the year is almost halfway through, it’s time to revisit what we’ve done so far to address those challenges and share some insights on how we help you tackle them, as well as tip you what to do about them on your own.
Cybersecurity is The Biggest Challenge
The majority of our respondents (54%) saw keeping their sites secure as the biggest technical challenge in 2020. And we totally agree with you! Cybersecurity is an ongoing process that should be at the top of the mind of any Internet user, professional or otherwise.
From the perspective of a web hosting company, here at SiteGround, we know that keeping our sites and users safe is a never-ending task. Hackers and all sorts of web criminals are getting smarter by the day and the constant and rapid evolution of technology leaves many doors open for software exploits. Keeping the software on our servers (like Apache, Nginx, PHP, MySQL, etc.) up to date is the first and most basic line of defense, but nearly not enough.
That is why we have a special team of security specialists whose main responsibility is to keep track of security reports and monitor for potential and unannounced yet exploits. Once they get a confirmation for a new vulnerability, they rapidly act to write custom firewall rules that patch it on day zero and protect the websites we host.
Then there’s keeping up with the latest technologies we can integrate. Take the encryption protocols that guarantee a secure connection between your browser and the server delivering the content. We make sure we always have the most recent one available for our clients to use – we were among the first to deploy HTTP/2, QUIC and HTTP/3, and more.
At the same time, one of the most frequent threats against any website are the DDOS attacks, which are getting more fierce and prolonged as server resources are getting cheaper over time. That is why our system administrators monitor our servers’ health 24/7 and take immediate actions to divert the bad traffic through software and hardware devices.
Then, there are brute-force attacks, one of the most common ways to hack a website by guessing their login details. We extend our server-level protection with an in-house AI-powered anti-bot software that monitors for malicious traffic and blocks from 500,000 to 2 million brute-force attempts per day.
All the security work we do as your host should give you peace of mind, but it would work even better if you follow a few security guidelines yourself:
- Use complex passwords and do not share them with anyone. It’s recommended to use a preferably meaningless combination of letters and numbers about 8 symbols long to make sure that guessing or brute-forcing your password is extremely hard.
- Install an SSL certificate. In case of a security breach, the encryption of the connection will keep your data safe (we offer the Let’s Encrypt certificate for free ).
- Use two-factor authentication to log into your apps and more specifically your SiteGround Client Area. This will make it quite hard for anyone to log in even if they know your username and password. Read here how you can enable the two-factor authentication
- Make sure you run on the latest stable version of PHP and WordPress or any other CMS you may be using for your site. Many clients postpone PHP updates, and even the more simple WordPress updates, out of fear that they may break their site and they will need to pay a developer to fix it. But believe us, when we say this – it’s a lot more expensive to fix a hacked website than the few broken queries potentially resulting from a version update. Additionally, we offer Managed WordPress auto-updates and a Managed PHP service, enabled by default for all new accounts, and which means that we will automatically upgrade your PHP and WordPress, so you don’t have to.
- We recommend installing a malware scanner as well, directly on your site so you can get an alert in case of a breach and act quickly. You can use a plugin, if it’s a WordPress installation, or use an external feature, like the popular anti-malware scanner we offer.
To find more on the best practices on WordPress Security, we highly recommend to check out our ebook 21 Tips to Keep Your WordPress Secure.
Improving Website Speed is The Second Biggest Challenge
Improving website speed is the second biggest challenge for webmasters, coming at 48% of all respondents mentioning it. There are a lot of things that could be done to improve website performance and just like security, it’s a never-ending task. As a website host, we’ve done a lot of things to boost the speed of websites on our servers, but we’ll focus on some of the more recent ones.
We have been working on a complete WordPress performance solution built in our SiteGround Optimizer plugin. The plugin makes a connection with the host server to allow sites to take advantage of the caching capacity and also integrates a wide array of front-end performance features, which you can read more about here.
An even bigger step for our performance-boost this year was the migration to Google Cloud infrastructure, which allows us to use their extremely fast network, high redundancy, and powerful N2 CPUs which offer nearly 40% faster performance!
Additionally, with the launch of our new Site Tools, we replaced the Static Cache with a new NGINX Direct Delivery. We no longer serve images, CSS, JS files, and other static content from the server memory, but we use NGINX for direct loading of these files from the SSD instead. This improves browser caching for your site and also makes CDN usage easier and more efficient. Most importantly, NGINX Direct Delivery allows more RAM space to be used for dynamic content caching, without compromising on static content loading speed. Read more here.
Since website speed is such a critical factor, there are some additional things you can do yourself in order to improve performance:
- Use the SiteGround Optimizer plugin and turn the dynamic caching ON. By default all our sites on all plans have the standard cache (Nginx direct delivery) turned on and it helps tremendously to the majority of the sites. But more dynamic sites also need dynamic caching and even Memcached turned on as well.
- Turn the SiteGround Optimizer front-end performance features – image compression, using WebP format and lazy loading, minifying CSS and javascript, these may have smaller impact individually, but when added up together, the effect on the page loading speed is spectacular.
- Use a CDN (Content Delivery Network). CDNs speed up sites immensely by caching up and delivering static content from the closest to the user location, saving precious fractions of time. Keep in mind that a CDN also blocks malicious traffic and even reduces SPAM, so there are other advantages in using one.
If you want to read additional tips on how to speed up your WordPress site, make sure to check the free ebook 21 Expert Tips for an Ultra-Fast WordPress Website eBook.
Comments ( 16 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Mark
I had been a big fan and really loved the Siteground support but had been struggling with sitegound performance particularly in regard to googles new speed metrics - CLP and LCP. Despite using a CDN and WP Rocket now, all mobile searches perform poorly in regard to CLP and LCP. I see from running a google search that many people who host on siteground have the same problem. Is there likely to be any fix for this soon?
Marina Yordanova Siteground Team
We have not received such reports from our clients. If you suspect any server-side issues, please reach our Support directly, so we can look into the matter. Have you considered using our SG Optimizer for optimizing your site? We have added many new features which help with optimizing Google Fonts, image loading, stop Render-Blocking JavaScripts etc. Take a look here https://www.siteground.com/blog/even-faster-wordpress-sites-with-our-sg-optimizer-plugin/
Phil Morettini
I called your support about the same issue, and the guy said it's got nothing to do with SG. He said its up to me to optimize my site. I've already optimized the heck out of it. I'll bet you've receive these reports - ignoring them is another matter.
Marina Yordanova Siteground Team
Hello, I see that you had a chat with our team but did not discuss in detail the specific issue you are experiencing. If you have used https://developers.google.com/speed/pagespeed/insights/ or a similar test tool, you have probably reviewed the improvement suggestions for your specific case, such as eliminating render-blocking resources, avoiding multiple page redirects etc. These are issues which are best addressed by a website developer. If you should encounter a specific issue and think it could be caused by the server settings, please post a ticket in the Site Slow category with details, so that our specialists could review and help further.
Fernando Saling
One of my challenges for 2020 was to find a solution to limit the space of the inodes. I achieved this and still have a better cost benefit, including performance and security.
Robert
Unfortunately in this article, there are improvements for WordPress, which is well and good, but none for Magento 2. Do you plan to do some improvements in the future?
Marina Yordanova Siteground Team
Many of the improvements are WordPress-related, but others apply for any applications hosted with us, including Magento. The migration to Google Cloud, switching to more powerful N2 CPUs, free CDN with Railgun are only few of the examples that speed up other apps as well. Specifically for Magento you could also check out these articles with optimization tips we've collected: https://www.siteground.com/kb/magento_optimization/ https://www.siteground.com/tutorials/magento/common-issues/#How_to_speed_up_Magento
Paula
and optimization improvements for prestashop where do I search?
Marina Yordanova Siteground Team
In our tutorials and knowledge base - for example, we have this tutorial with general tips, which are applicable for any application: https://www.siteground.com/tutorials/websiteperformance/general-tips/ And here are more specific tips for Prestashop - https://www.siteground.com/tutorials/prestashop/seo/
Izzy Goodman
Siteground articles mostly discuss wordpress and my site is Magento 2, which leaves me a little confused about what I can do. There are at least 2 points in my site BestInkandToner.com where the icon spins for about 8 seconds before continuing. One is after you choose an item and it takes time to bring up the image. The second is when you view the cart and the program calculates tax and shipping. I don't know why there is such a long pause and what can be done to speed it up. Thank you.
Marina Yordanova Siteground Team
We also have articles about Magento and its optimization, for example: https://www.siteground.com/kb/magento_optimization/ https://www.siteground.com/tutorials/magento/common-issues/#How_to_speed_up_Magento Be sure to check them out for ideas.
Gyamfi Bediako
Enjoyed reading this... I'm new to Siteground, and I'm enjoying working with you guys... I hope things dont change... Thanks for doing whatever your doing right...
Kenny
Thanks for this article. What i dont understand is why do i constantly get a very slow time to first byte on webpagetest? This has been happening since moving to cloud ages ago. Which is why i pay high premium (so it would be faster), its still indicating that even when you moved to cloud. i dont understand it?
Marina Yordanova Siteground Team
With the migration to Google Cloud and especially with the new Google N2 processors we usually see improvement in the performance. If you are experiencing a slow TTFB, and it hasn't improved during the months after the migration, it's best to look into the possible causes as explained here https://www.siteground.com/blog/understanding-ttfb/ Also, Google's tools such as https://developers.google.com/speed/pagespeed/insights/ will provide you with information about the possible reasons for the slowdown for your site specifically - check the Opportunities and Diagnostics sections! For example there might be unused JavaScripts or CSS to be removed from the site, or render-blocking resources to be eliminated. Still, please keep in mind that dynamic sites constantly evolve by adding new queries, new products, clients and orders, and all of that could also be slowing down a site over time.
Max Salv
Marina, you mention here that Cyber Security is indeed an important challenge, and yet we have received word from Siteground support that they will no longer take measures to ensure that your servers are PCI Compliant. What is your stance on that?
Hristo Pandjarov Siteground Team
PCI compliance is a test and certification designed for sites that handle payments directly. Since nowadays almost every website uses a payment processor it is not needed. That doesn't mean that we've lowered the level of security on our systems - quite the contrary, our security team is working hard to provide the safest possible environment for your site.
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through