Ensure secured connections with HSTS (HTTP Strict Transport Security)

Our regular readers already know that HTTPS is now a requirement for any websites. The urge to get rid of unsecured navigation has never been stronger: each release of Google Chrome or Mozilla Firefox comes with a new warning sign for users sharing private data. Soon, all forms will be concerned.

But offering an HTTPS version of your website is not enough to automatically redirect all your HTTP traffic to this secured version. Continue reading Ensure secured connections with HSTS (HTTP Strict Transport Security)

Hiring, events and more: latest news you shouldn’t miss about Dareboost

A lot of news to announce about Dareboost! First of all, we are very glad to see our team reinforced with the arrival of our Customer Success Manager. That said, let’s have a look back to a few announcements you may have missed this summer. And then talk about some nice events Dareboost will be part of in the weeks to come.

Continue reading Hiring, events and more: latest news you shouldn’t miss about Dareboost

Website Performance Monitoring: 5 reasons why you should use synthetic monitoring

Regarding website monitoring, 2 approaches coexist – without competing: Real User Monitoring, based on real users browsing, and Synthetic Monitoring that emulates users visits. Let’s focus on the specific benefits brought by this second approach. Continue reading Website Performance Monitoring: 5 reasons why you should use synthetic monitoring

Secure your cookies to the next level with SameSite attribute

After reading our last article about how to secure your cookies, you may (should?) already be using Secure and HttpOnly flags. As a reminder, ‘Secure’ allows to prevent a cookie to be sent on a non-secure web page, whereas ‘HttpOnly’ prevents any client-side usage of a given cookie.
It is now time to take your website security to the next level with one more attribute for your cookies! Let’s talk about SameSite instruction, allowing to prevent Cross-Site Request Forgery (CSRF) attacks and Cross-Site Script Inclusion (XSSI). Continue reading Secure your cookies to the next level with SameSite attribute

Performance and security of target=_blank links with rel=noopener

About one year ago, we were announcing an update of the quality checkpoints of our website analysis service. This update was including a new best practice related to hypertext links opening in a new window or tab by using target="_blank" attribute.
Joining Google Chrome, the latest Firefox version now supports the rel="noopener" attribute, which was one of our advised solutions. The right time for us to have a look back on this recommendation we have brought not only for better security but also for web performance. Continue reading Performance and security of target=_blank links with rel=noopener

Website Speed: 49 Luxury Brands Tested in China

The Chinese web is a highly coveted market for all brands of luxury goods from around the world. But it is also a difficult sector for investments – with its limited access conditions as well as its famous Great Firewall. How do these brands manage to deal with these technical handicaps? Using its Chinese probes, Dareboost tested the web performance of 49 of these prestigious brands.  Continue reading Website Speed: 49 Luxury Brands Tested in China

Website analysis: new checkpoints on Dareboost

UPDATE: New checkpoints described in this post are now available on dareboost.com!

On February 2nd, checkpoints applied to our website quality test tool will be updated. New checkpoints, impacts on the Dareboost score… Here is a detailed review of this update to come, so that you could anticipate it and avoid any drop of your own score! Continue reading Website analysis: new checkpoints on Dareboost