Quality and Performance report

http://24biz.biz
Report generated on Sep 11, 2018 1:18:48 AM

SIMULATED VISITOR: Chrome Paris 8.0/1.5Mbps (Latency: 50 ms) Edit

Requests

33

Weight

363kB

HTML CSS Scripts Images Others
Timeline / Waterfall

First Byte

0.32sec

Start Render

0.63sec

Fully loaded

2.63sec


Browser warnings 0OK
2 Custom timings
Speed Index: 751

Technologies :

AddThis

Google Analytics

Liveinternet

Nginx

jQuery


Share this report by email

Feel free to share this report with your collaborators, by copying the URL from the address bar,
or by clicking below:

Share the report

Tips and best practices:

Things to improve

Cache policy 

0/100

11 of your requests don't define a cache policy

The Expires header is essential for an efficient caching policy. It will significantly impact on the loading time for returning visitor.

The Expires header explained

You can set an expiration date for each resource: as long as the date is not exceeded, the browser stores and uses the resource in cache.

The expiry date of resources is set using the Expires HTTP header:

Expires: Thu, 25 Dec 2014 20:00:00 GMT

You can set a far expiry date for static resources (1 year maximum), and a closer date for resources that change more frequently (at least 48 hours).

When you deploy a new version of your website, remember to rename static resources that have been modified. If you do not change their names, your users will keep resources corresponding to the old versions stored in their caches, and they may find themselves on an unstable version of your page. For example:

myresource.min.20140101.js

See the Yahoo! guidelines on this subject.

This page contains 11 resources without expiry date:


 
Read more
Security 

0/100

You should use a secure connection (HTTPS)

HTTPS guarantees the confidentiality and security of communications over the internet: data is encrypted, so protected against attacks and data corruption.

Google is multiplying its actions to push more and more websites towards HTTPS. Google first added HTTPS in its SEO criteria (see the announcement). Since then, Chrome has been evolving and now highlights the absence of a secure environment in various cases where information is collected from users. Other browsers are also following this trend.

Setting up HTTPS on a website sometimes causes some reservations (cost, impacts on performance, compatibility with technical partners…). But the market has changed in recent years and you should not worry about migrating to HTTPS. You should consider switching your site to HTTPS.

How to set up the HTTPS protocol

You have to set up a certificate you got from a reliable certification authority. Learn more by contacting your website host who can help you getting this certificate. Besides, the following page help you in your migration procedure to the HTTPS protocol.

A free certificate? Try Let's Encrypt!

Let's Encrypt is a free, automated, and open certificate authority. Many hosting providers offer to enable the generation and automatic renewal of free certificates directly from the administration interface of your domain. Contact your website host for more information.


 
Read more
Number of requests 

33/100

Save 9 requests using CSS sprites

Combining images into CSS sprites reduces the number of files the browser has to download and accelerates the loading time.

CSS sprites explained

A CSS sprite is a single file in which several smaller images are grouped and positioned one beside the other. You can display each small image in your page by applying CSS styles, and a single request is necessary to recover all the images. Use this method only for small images, such as icons, so the CSS sprite is not too heavy.

Example

Here is a CSS sprite example :

CSS sprite example

The page also applies the styles associated with the sprite:

.sprite {
background-image: url(img/sprite.png);
background-repeat: no-repeat;
display: block;
}

.sprite-browsers-firefox {
width: 31px;
height: 28px;
background-position: -74px 0;
}

Then you have just to define the right class in your HTML file, and the icon appears:

<span class="sprite sprite-browsers-firefox"></span>
How should I create CSS sprites?

Their creation can be complex, so we recommend using tools that easily generate them for you. Here are a few sprite generators:


10 can be combined in a CSS sprite. The domain name 24biz should use this technique for the following resources:


 
Read more
Security 

0/100

The Content Security Policy is missing

Protect you website from cross-site scripting (XSS) attacks by setting up a restrictive Content-Security-Policy.

XSS attacks explained

XSS attacks are a type of attack in which malicious data is maliciously added to websites. The number of vulnerabilities allowing these attacks is quite large, which is why it is as useful to prevent them as to limit their harmful effects.

You can protect your pages against these attacks and their effects by restricting execution to code portions either legitimized by the domain to which they belong or by a unique integrity token. The code that does not corresponding to this security policy will not be executed and the user will be informed.

You can learn more about XSS attacks on the Open Web Application Security Project (OWASP) Website.

Configure a "Content-Security-Policy" (CSP) HTTP header

Set up a "Content-Security-Policy" (CSP) HTTP header to prevent or limit damage caused by an XSS attack. To specify a security policy configure your server so the response of the first resource contains the "Content-Security-Policy" HTTP header.

Here's an example:

Content-Security-Policy: script-src 'self' https://apis.google.com

In this case, only scripts coming from the current host or https://apis.google.com will be executed.

Read more about the CSP HTTP header. You can also look at the CSP directives specification.

Please, be careful, if the header is misconfigured, some of your content, scripts, or styles may be blocked. That could cause unwanted side effects. Moreover, the restrictions apply to all pages of the website. We recommend you test the different pages of your website before deploying this header in your production environment.


No Content Security Policy on this page: it is more easily exposed to XSS attacks.


 
Read more
Cache policy 

47/100

Specify a 'Vary: Accept-Encoding' header

The following publicly cacheable, compressible resources should have a "Vary: Accept-Encoding" header:

Resources from "24biz"
Resources hosted by a third-party

It appears these files are hosted by a third-party, so they may not be within your control. However, you should consider any alternative to these resources to improve your page performance.

The Vary: Accept-Encoding header allows to cache two versions of the resource on proxies: one compressed, and one uncompressed. So, the clients who cannot properly decompress the files are able to access your page via a proxy, using the uncompressed version. The other users will get the compressed version.


 
Read more
Number of requests 

0/100

2 images use only one color

One request to an image composed of a unique color unnecessarily increases the data amount transmitted on the network.

It is useless to retrieve an image composed of a unique color. The CSS style sheets allow to render the same result at a lower cost.

For instance, to draw a simple circle, you can use the following code :

#myElement {
background:#ff0000;
border-radius:50%;
width:160px;
height:160px;
}

2 images of this page are composed of a unique color:


 
Read more

Did you know?

jQuery 

More informations about jQuery performance

jQuery is the most used JavaScript library. Upgrade your website performance respecting the jQuery best practices. We recommend that you learn the basics of the jQuery performance, reading the following link: http://learn.jquery.com/performance/.


 
Read more
Data amount 

3 domains send 497 bytes of cookies

HTTP cookies are used to track a user to costumize the page according to their profile. They are sent as a HTTP header from the web server to the browser. Then, each time the browser accesses to the server, it sends a request containing the cookie received at the first response. See more information.

Here, 3 domains send 497 bytes of cookies:

Domain name: addthis
  • di2: 106 bytes distributed on 2 request(s)
  • ouid: 104 bytes distributed on 2 request(s)
  • loc: 80 bytes distributed on 2 request(s)
  • bt2: 52 bytes distributed on 2 request(s)
  • uid: 32 bytes distributed on 2 request(s)
  • uvc: 18 bytes distributed on 3 request(s)
  • vc: 2 bytes distributed on 2 request(s)
Domain name: 24biz
  • _ga: 26 bytes distributed on 1 request(s)
  • _gid: 25 bytes distributed on 1 request(s)
  • __atuvs: 19 bytes distributed on 1 request(s)
  • __atuvc: 6 bytes distributed on 1 request(s)
  • b: 1 bytes distributed on 1 request(s)
  • _gat: 1 bytes distributed on 1 request(s)
  • mfesecure_visit: 1 bytes distributed on 1 request(s)
Domain name: yadro
  • FTID: 24 bytes distributed on 1 request(s)


 
Read more
Data amount 

This page does not load too much data (363kB)

A too high page weight slows down the display, especially on low speed connections. This can lead to frustration for users paying for data (see whatdoesmysitecost.com).

Evaluate the Weight of my Web Page

In February 2016, the average weight of 100 most visited websites in the world was 1,38MB.

How to reduce the weight of my page?

You can report to our "Data amount" category to discover the possible optimizations in your case. Images are often involved.
Moreover, make sure to build your web pages in order to load data that is essential to the user experience (rendering optimization of the critical path).
For other contents (social networking plugins, advertising, content at the bottom of the page ...), it is better to delay the loading (asynchronous, lazy-loading ...), so they don't override priority contents.

We strongly recommend that you define performance budgets before you carry out your web projects. These budgets can be settled through the Dareboost monitoring feature.


We have established the weight distribution of the page by resource type:

  • JavaScript : 67,89% of total weight
  • Images : 22,26% of total weight
  • Texts : 8,64% of total weight
  • CSS : 0,86% of total weight
  • Others : 0,35% of total weight

Here is the weight of the 10 heaviest resources over the network, and that are necessary to load the page:


 
Read more

This page contains 61 links

Two kind of links exist:

  • Internal links that refer to pages with the same domain name;
  • External links that point to other websites (must be relevant and point towards quality content).

If you reference many links, you can ask the SEO crawlers to consider only some of them, by adding the rel=nofollow attribute to the irrelevant ones (e.g., advertisements).

Here is the distribution of 61 links present in the page:

  • 51 internal links (83,61%)
  • 2 "follow" external links (3,28%)
  • 8 "nofollow" external links (13,11%)


 
Read more
Security 

One resource on this page is for public use

By default, the browser accepts to perform AJAX requests, or to retrieve web fonts, only on the same domain name of the page. So a font provided by toto.com can only be used by the pages of toto.com. This prevents misuse of your resources by any site.

Some resources are public, and explicitly want to be available to everyone (eg Google Fonts). In this case, the HTTP header Access-Control-Allow-Origin can be used with the value "*". You should, however, use this property if your resource has aimed to be used by the greatest number. Otherwise, we recommend that you keep the default, or set a specific domain name in the "Access-Control-Allow-Origin" HTTP header.

You should be aware of the following resource, that uses a Access-Control-Allow-Origin: * HTTP header. Make sure it is actually intended to be used by pages from all domain names:

It appears these files are hosted by a third-party, so they may not be within your control. However, you should consider any alternative to these resources to improve your page performance.


 
Read more
Quality 

1 CSS property is overridden

Generally, it is unnecessary to define 2 times the same property within the same rule: the second one overrides the first.
This may affect the readability of CSS code. Eliminate unnecessarily overridden properties also reduce the file size.

How to improve it?

Remove one occurrence of the duplicated property. For example, the following properties:

.myClass {
margin: 20px;
...
margin: 10px;
}

Should be replaced by:

.myClass {
margin: 10px;
}

The following files define the same property several times in a single rule.
Note that CSS fallbacks can justify a duplicated property.


Make sure that the following properties are duplicated on purpose:

http://24biz.biz/styles.css

  • .navigation a {width: calc(50% - 1px) !important} (line 30, col 41)


 
Read more

Well done, these best practices are respected

Browser rendering 

100/100

Your HTML response is not too heavy

Why reduce the code amount of a page?

Before a web page can be displayed, the browser must, among other things, download it, parse it and model it into a document that can be understood by the rendering engine. If the amount of code contained in the page is too large, these steps are slowed down and the rendering is delayed.

How to reduce the amount of code?

Your HTML response should contain only the information that is immediately necessary to display the visible area of the page. Move inline information to external files (JS for scripts, CSS for styles, asynchronous queries for additional content) and simplify the HTML structure of your page.


 
Read more
SEO 

100/100

Your <img> tags use an alt attribute

Moreover, the alt attribute is also an important criterion for SEO. Indeed, search engines crawlers cannot parse graphic contents. That is why they use the alternative text to return consistent results, like in Google images.

<img src="product.jpg" alt="My product description"/>

The alt attribute is used in several cases unrelated to SEO:

  • When a screen reader is in use for accessibility purposes;
  • While image is loading, particularly for slow connections;
  • When the image file is not found.

You have 8 img tags and they all have the alt attribute.

If nothing seems appropriate for describing an image, you might set an empty text. We advise you to make sure the majority of your images define a relevant text. Read the W3C recommendations here.


 
Read more
Cache policy 

100/100

You do not use too long inline scripts

Any script with a significant size should let the browser cached them in order to reduce loading time/improve performance of your returning visitor.

Inline scripts / cache policy

"inline" scripts allow to integrate easily small portions of scripts directly in the HTML code. Example:

<script type="text/javascript">
    (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']...,'/analytics.js','ga');
    ga('create', 'UA-11111111-1', 'mywebsite.com');
</script>

By doing so, you avoid making a request to the server to retrieve the resource. So inline scripts represent a performance gain if you want to integrate small scripts.

However, once a script has a fairly substantial size, we advise you to outsource it and perform a request to retrieve it. So you will benefit from the cache mechanism.

What should I do?

Outsource your scripts with more than 1500 characters in one or more separate files.


 
Read more
Accessibility 

100/100

<noscript> tag detected

This page uses noscript tag. It allows to display a message when JavaScript is disabled by the user.


 
Read less
SEO 

100/100

This page defines <h1> and <h2> tags

We recommend putting page keywords in at least the h1 and h2 tags. Search engines use the h1, h2, and h3 tags for SEO purposes.
This page contains:

  • 1 <h1> element(s)
  • 2 <h2> element(s)
  • 7 <h3> element(s)


 
Read more
Quality 

100/100

No nested tables detected

table tag should only be used to render ordered data. Handle the elements layout with CSS instructions.

You can use colspan and rowspan properties to represent complex data.

No nested table found in this page.


 
Read more