5 Ways to Improve Your Website’s PageSpeed Using HTTP/2

speedup-website

HyperText Transfer Protocol version 2, or HTTP/2, is the latest standard of HTTP. The updates to the protocol will improve the speed, efficiency, and security of web traffic. However, the transition isn’t automatic. This article aims to give you some insight into what HTTP/2 means to you, and how to configure your website or server to take advantage of the new features. What HTTP/2 Means for You For regular users, the changes from HTTP/1.1 to HTTP/2 will be pretty invisible. All browsers will require a valid Transport Layer Security (TLS) certificate to serve websites over HTTP/2. So beyond faster page loading,…

Read the full article: 5 Ways to Improve Your Website’s PageSpeed Using HTTP/2

HyperText Transfer Protocol version 2, or HTTP/2, is the latest standard of HTTP. The updates to the protocol will improve the speed, efficiency, and security of web traffic. However, the transition isn’t automatic.

This article aims to give you some insight into what HTTP/2 means to you, and how to configure your website or server to take advantage of the new features.

What HTTP/2 Means for You

For regular users, the changes from HTTP/1.1 to HTTP/2 will be pretty invisible.

All browsers will require a valid Transport Layer Security (TLS) certificate to serve websites over HTTP/2. So beyond faster page loading, there will also be an increase in website security.

For web designers and owners, HTTP/2 can improve your site’s load speed across all devices.

Every modern browser already supports the new protocol standard (although these mobile browsers don’t support HTTP/2). However, in cases where the browser or server doesn’t support HTTP/2, the HTTP/1.1 standard will be used automatically.

How Will HTTP/2 Affect Website Design?

The changes introduced in HTTP/2 will affect how we optimize websites and servers for efficiency and speed.

New features introduced in HTTP/2 will allow us to disregard many of HTTP/1’s workarounds and optimization techniques. This includes no longer inlining scripts into HTML or combining files to reduce server requests. Domain sharding is also no longer useful.

In some cases, these workarounds will even negatively affect your page speed if it’s served HTTP/2.

The majority of internet traffic is mobile based, so consider mobile internet speeds and keep your media files small and optimized for these devices. You should also continue to minify your JavaScript (JS), HTML and CSS.

If you’re not sure why you should minify your files, a good start would be our article on how and why to minify your JavaScript.

HTTP Concepts You Should Know

In case you aren’t familiar with the terms referred to in this article, here’s a quick introduction

Inlining Script is to add JavaScript directly into a HTML document with the <script> tag. In HTML/1.1 this gets rid of small JavaScript files and will reduce server requests and load scripts faster.

Reducing the number of files is no longer as big of an issue for page speed in HTTP/2 thanks to Multiplexing, Stream Prioritization, and Server Push.

Multiplexing is a new feature in HTML/2 which allows for multiple Data Streams over a single Transmission Control Protocol (TCP) connection.

Data Streams is an HTML/2 term used for bi-directional streams of data. We can prioritize each stream thanks to their unique identifier, which will help us optimize data delivery.

Stream Prioritization is another new feature in HTML/2. This gives us the ability to tell a server to allocate resources and bandwidth to prioritized Data Streams. Thus ensuring optimal delivery of high priority content to clients.

Domain Sharding is the act of splitting website resources across multiple sites or domains to get around the simultaneous download limitation in HTML/1.1.

In HTML/2, Multiplexing and Server Push will do simultaneous downloads faster and more efficient than Domain Sharding. In fact, there is currently no support to use these features across multiple domains.

Server Push will allow a server to send multiple responses for a single client request. In short, the server can make assumptions as to what files a browser needs to load a page, without the browser specifically requesting them.

We’ll now focus on some of the changes website owners should make to optimize websites for HTTP/2. For a deeper insight into these concepts, read our previous article: “What Is HTTP/2 and How Does It Affect the Internet’s Future?“.

5 Website Changes to Make for HTTP/2 Optimization

The main changes you should be aware of as a website owner are related to how to deal with website resources. Specifically in regards to how your website’s server will talk to a browser, and how the files are delivered.

Below are the most common changes you should look into to optimize your website of HTTP/2.

1. Don’t Combine Your CSS or JavaScript

You should no longer concatenate, or combine your website resources. In HTTP/1.1, this will reduce the number of HTTP requests, and files needed to be downloaded to display your website.

Each HTTP request will add latency, so in HTTP/1.1 downloading a single file is often more efficient than downloading multiple files. Fewer files also help get around the limit to simultaneous downloads in HTTP/1.1.

As HTTP/2 allows for multiple downloads without multiple server requests, the number of files is less important when optimizing for speed. Combined with caching, specific files are better in HTTP/2.

In effect, more specific files allow you to serve most of your website from your Content Delivery Network (CDN) and the user’s browser cache. It also means the browser won’t have to download and parse a single large file from your server when you make minor tweaks to your website.

2. Don’t Inline Scripts in HTML

Embedding CSS and JS files in your HTML document will improve your page loading speed in HTTP/1.1. As with combining files, it will reduce file numbers and server requests.

Inlining scripts in HTML when using HTTP/2 will reduce your page speed optimization from caching, by removing a browser’s ability to cache assets individually.

It will also break any improvement from Stream Prioritization, as all embedded script and content will get the same priority level as your HTML content.

Instead of inlining assets to reduce HTTP requests, take advantage of multiplexing and server push. This will allow browsers to download more resources with fewer request, and improve your page’s load speed.

In short, keep your resources separate and small when possible.

3. Stop Using CSS Image Sprites

Example of image sprites using chess pieces
Image Credit: jurgenwesterhof/Wikimedia

Image Sprites are images made up of many smaller images (like the one above). CSS then specifies which sections of the image to display.

As with most HTTP/1.1 workarounds, we use image sprites partly to reduce server requests. In HTTP/2, you can safely use separate images without negatively affect your page’s load speed.

Smaller files will download faster and more efficiently thanks to multiplexing and server push.

4. Do Not Use Domain Sharding

Domain sharding is used to circumvent the simultaneous download limitations in HTTP/1. This limitation is usually between four and eight per domain and is set by browsers partly to reduce DDOS attacks.

Sharding your website across four domains, for example, can theoretically serve resources in a quarter of the time in HTTP/1.1.

Domain sharding is no longer necessary thanks to HTTP/2’s multiplexing.

Note that browsers cannot take advantage of multiplexing and parallel downloads across multiple domains in HTTP/2. Sharding will also break HTTP/2’s stream prioritization, further reducing the benefits of using HTTP/2.

5. Take Advantage of Server Push

http1 vs http2 with server push

Possibly the most significant improvement of HTTP/2 is server push.

In HTTP/1.1, when you request to view a page, the server will send the HTML document first. Your browser will then start parsing this, and separately request CSS, JS, and media files referred to in the document.

In HTTP/2, server push enables a server to push required resources to a browser without a separate request for them. This includes CSS and JavaScript files, as well as media, and will reduce HTTP requests and speed up page loading.

Smashing Magazine has a great comprehensive guide on HTTP/2’s server push with insight into how it works and how to enable it.

How to Configure Your Server for HTTP/2

HTTP/2 test tool

Most server implementations already support HTTP/2. However, if you are using a shared host you’ll need to check with your server admin if they have activated HTTP/2. If you are curious, GitHub has a list of server implementations that support HTTP/2.

Nginx servers have native support for HTTP/2, whereas you might need to configure Apache servers to enable HTTP/2 support.

If your website is HTTPS enabled, (a HTTP/2 requirement) you can check if your website is delivered with HTTP/2 at http2.pro. That said, if you use Cloudflare as your CDN, any content from their servers be served over HTTP/2 without you having to make any changes.

WordPress specific hosts will sometimes limit the configuration changes you can make, especially in their lower tier services. That said, we recommend Bluehost for your WordPress sites. Bluehost offer free SSL and CDN, and will serve your websites over HTTP/2.

HTTP/2 Is Just the First Step

HTTP/2 is a huge improvement on the previous standard, and you should now have some insight into the benefits you can get from implementing it.

Enabled websites will load faster and be more secure, which will also boost your search rankings. HTTP/3 is already on the way, and configuring your website for HTTP/2 will make your eventual jump to HTTP/3 much smoother.

Beyond setting up your website for HTTP/2, you should also use consider these ways to make your website load faster.

Read the full article: 5 Ways to Improve Your Website’s PageSpeed Using HTTP/2

The 5 Best Feature Phones You Can Buy Today

feature-phone

Feature phones, commonly known as bar phones, flip phones, or dumb phones, are traditionally mobile phones with few features beyond calling and texting. Thanks to updates in operating systems, and expiring technology patents, modern feature phones have many smartphone-like features, in a durable handset with a much longer battery life. Considering a feature phone? Here’s why you should, along with five of the best options you can buy. Why You Need a Modern Feature Phone Whether you’re looking to save some money, to reduce your screen time, or to curb your phone addiction, feature phones are here for you. Modern…

Read the full article: The 5 Best Feature Phones You Can Buy Today

feature-phone

Feature phones, commonly known as bar phones, flip phones, or dumb phones, are traditionally mobile phones with few features beyond calling and texting.

Thanks to updates in operating systems, and expiring technology patents, modern feature phones have many smartphone-like features, in a durable handset with a much longer battery life.

Considering a feature phone? Here’s why you should, along with five of the best options you can buy.

Why You Need a Modern Feature Phone

Nokia feature phones

Whether you’re looking to save some money, to reduce your screen time, or to curb your phone addiction, feature phones are here for you.

Modern feature phones can be found with support for 4G, two SIM cards, a media player, SD Card slot, and audio jacks. The newer models also support Voice over LTE (VoLTE) and Voice over Wi-Fi (VoWiFi) calling. The former (VoLTE) is becoming more important as 2G and 3G are phased out.

Thanks to operating systems like KaiOS, many feature phones also support Google Maps, WhatsApp, Email, and even Google Assistant.

The popularity of feature phones is steadily increasing in most markets. Other than a desire to cut down on social media use, lower cost and a desire to end support for planned obsolescence are among the top reasons to get a feature phone.

These phones are great alternatives for children and those who might be less tech-literate. They are also great to use when outdoors or traveling where the chance of loss and damage is higher.

It’s worth mentioning that the lack of specific apps for travel options could be a hindrance to some. A consolation here is that you can also book Uber on the web.

If you are interested in trying out a feature phone, here are some recommendations (in no particular order) for 4G LTE enabled feature phones.

1. Nokia 8110 4G

Nokia 8110 4G Banana Phone

Nokia 8110 4G (TA-1067) 512MB/4GB 2.45-inches Factory Unlocked - International Stock No Warranty (Yellow) Nokia 8110 4G (TA-1067) 512MB/4GB 2.45-inches Factory Unlocked - International Stock No Warranty (Yellow) Buy Now At Amazon $83.99

This revival of the original Nokia 8110 runs on KaiOS, and follows the successful relaunch of the Nokia 3310. This is one of the most well known mobile phones from the mid-90s, used by Neo in the Matrix. Nokia’s yellow colored release pays homage to the phone’s nickname, the “Banana Phone”.

The Nokia 8110 4G is a big improvement on the latest 3310 release, but the software on this phone can still be a little sluggish. The price of this phone is also a little higher than it should be, as it mostly caters to the retro-head crowd.

OS: KaiOS

Released: February 2018

Features:

  • 2.4″ TFT display
  • Support for Google Maps, Google Assistant, and WhatsApp.
  • Anti-theft remote lock and erase feature
  • Removable battery
  • Web browser
  • Media player
  • Battery life: two weeks standby (48 hour music play or 11 hour talk time)
  • Dual SIM
  • MicroSD (up to 32GB)
  • Micro USB for charging
  • 4G, GPS, Wi-Fi, Bluetooth 4.1, FM Radio

2. Reliance JioPhone 2

Reliance Jio Phone 2

An update to the JioPhone, this phone is very popular in the Indian market. It has a full qwerty keyboard and supports LTE (4G), VoLTE, and as with all KaiOS phones, it has support for many apps and web-based tools.

OS: KaiOS

Released: July 2018

Features:

  • 2.4″ TFT display
  • Full Qwerty Keyboard
  • Removable battery
  • Support for Google Maps, Google Assistant, and WhatsApp.
  • Anti-theft remote lock and erase feature
  • Web browser
  • Media Player
  • Battery life: two weeks standby
  • Dual SIM (nano)
  • MicroSD (up to 128GB)
  • Micro USB for charging
  • 4G, Bluetooth 4.1, FM Radio

3. Xiaomi QIN 1S

Xiaomi QIN 1s

The QIN 1s has a smaller battery than most of the phones in this list, but it will still get about two weeks of standby, or seven hours of talk time on a full charge.

This particular phone has the addition of some interesting AI software. One of the features of the AI is a real-time voice translation between Chinese and up to 17 other languages. This feature is currently only available from the Chinese language, but it’ll be interesting to see where it goes in the future.

The QIN 1s is the only phone on this list that also comes with infrared, which is great for TVs, aircon, and many other appliances—especially if you spend a lot of time in hotel rooms.

OS: Mocor 5 (Android OS)

Released: September 2018

Features:

  • 2.8″ display
  • Support for Google Maps, Google Assistant, and WhatsApp.
  • Web browser
  • Media player
  • Battery life: one week standby
  • Dual SIM (nano)
  • MicroSD (up to 32GB)
  • USB-C for charging
  • 4G, Wi-Fi, Bluetooth 4.2, FM Radio
  • Wi-Fi Hotspot, GPS
  • Infrared

4. CAT B35

CAT B53

You may know CAT more for their diggers and work boots, but together with Bullitt Group, they also make mobile phones. The B35, launched in October 2018, is super rugged, waterproof, drop proof, and 4G capable.

For people who spend a lot of time outdoors or in heavier industries where drops are likely to happen, the rugged CAT B35 would be the best choice.

OS: KaiOS

Released: October 2018

Features:

  • 2.4″ TFT display
  • Support for Google Maps, Google Assistant, Email, and WhatsApp.
  • Anti-theft remote lock and erase feature
  • Web browser
  • Media player
  • Battery life: 30 days standby (12 hours talk time)
  • Dual SIM (nano)
  • MicroSD (up to 32GB)
  • Micro USB for charging
  • 4G, Wi-Fi, Bluetooth 4.1, FM Radio, GPS
  • Hotspot capability
  • Waterproof (IP68)
  • Super durable and drop proof

5. DORO 7060

Doro 7060 product photo

Another KaiOS phone, the Doro 7060 is an alternative to the Alcatel Go Flip, but a better phone in our opinion.

Doro is a company that designs for the 65+ age group, and this phone is their most recent clamshell addition to this market. The phone has a programmable emergency button on the back, which you can set up to call a specific number if you press it three times.

If you’re interested in this phone, be aware that there is a Doro 7050 version without support for Wi-Fi or web browsing. The Doro 7060 is a great gift for senior family members.

OS: KaiOS

Released: May 2018

Features:

  • 1.44″ external display, 2.8″ internal display
  • Support for Google Maps, Google Assistant, Email, and WhatsApp.
  • Anti-theft remote lock and erase feature
  • Emergency call button
  • Removable battery
  • Web browser
  • Media player
  • Battery life: two weeks standby (eight hours talk time)
  • Dual SIM (nano)
  • MicroSD (up to 128GB)
  • Micro USB for charging
  • 4G, Wi-Fi, Bluetooth 4.1, FM Radio, GPS
  • Wi-Fi Hotspot

If you want some dumb phone options, we’ve previously found the best dumb phones currently on the market.

The Trade-Offs of a Feature Phone

A good camera is for many the most important feature of their smartphone, and with any feature phone this will be a tradeoff you will have to make. If you can live without that (since you won’t have Instagram anyway), you should definitely try one.

Even if you just use these phones part-time, in social situations, for example, you may notice that you’ll eventually stop reaching for your phone to look up facts and that your short-term memory may even improve!

In short, if you’re looking for a solid phone to use for normal use, when traveling, or if you’re an older user, check out one of these:

  1. Nokia 8110 4G
  2. Reliance JioPhone 2
  3. Xiaomi QIN 1s
  4. CAT B35
  5. DORO 7060

Finally, if you are struggling to claim your life back from the addiction of your smartphone, or technology in general, a dumb phone may be the right option for you.

Read the full article: The 5 Best Feature Phones You Can Buy Today

What Is HTTP/2 and How Does It Affect the Internet’s Future?

what-http2

You may not have heard of HTTP/2 yet, but it’s the most recent update to HTTP. The new protocol standard introduces some new concepts and makes communication between servers and applications faster and more efficient. What Is HTTP/2? HyperText Transfer Protocol Version 2, or HTTP/2, is the first major update to HTTP in 15 years. The previous protocol standard, HTTP/1.1, has been in use since 1997 and uses a mix of clunky workarounds to improve on the limitations of HTTP. It is based on SPDY (“speedy”), an open-source experiment started by Google to address some of the issues and limitations…

Read the full article: What Is HTTP/2 and How Does It Affect the Internet’s Future?

what-http2

You may not have heard of HTTP/2 yet, but it’s the most recent update to HTTP. The new protocol standard introduces some new concepts and makes communication between servers and applications faster and more efficient.

What Is HTTP/2?

HyperText Transfer Protocol Version 2, or HTTP/2, is the first major update to HTTP in 15 years.

The previous protocol standard, HTTP/1.1, has been in use since 1997 and uses a mix of clunky workarounds to improve on the limitations of HTTP.

It is based on SPDY (“speedy”), an open-source experiment started by Google to address some of the issues and limitations of HTTP/1.1

The Internet Engineering Task Force (IETF) specifies the changes like this in Hypertext Transfer Protocol version 2, Draft 17:

“HTTP/2 enables a more efficient use of network resources and a reduced perception of latency by introducing header field compression and allowing multiple concurrent exchanges on the same connection […]

“It also allows prioritization of requests, letting more important requests complete more quickly, further improving performance.”

“HTTP/2 also enables more efficient processing of messages through use of binary message framing.”

“This specification is an alternative to, but does not obsolete, the HTTP/1.1 message syntax. HTTP’s existing semantics remain unchanged.”

HTTP/2 Is Based on SPDY

HTTP/2 is based on SPDY

By 2012, most modern browsers and many popular sites (Google, Twitter, Facebook etc.) already supported SPDY. As the popularity of SPDY was increasing, the HTTP Working Group (HTTP-WG) started working on updating the HTTP standard.

From this point onward, SPDY became the foundation and experimental branch for new features in HTTP/2. At the time, we examined how SPDY can improve browsing. Since then, the version 2 standard was drafted, approved and published.

Many of the features from SPDY were incorporated into of HTTP/2, and Google eventually stopped supporting this protocol in early 2016.

Most browsers eventually stopped supporting SPDY, and as there are no alternatives, HTTP/2 is becoming the de facto standard.

While the HTTP/2 protocol standard is not strictly backward compatible with HTTP/1, compatibility can be achieved via translation. An HTTP/1.1 only client won’t understand an HTTP/2 only server and vice versa, which is why the new protocol version is HTTP/2 and not HTTP/1.2.

That said, an important part of the work provided by HTTP-WG, is to make sure HTTP/1 and HTTP/2 can be translated back and forth without any loss of information.

Any new mechanisms or features introduced will also be version-independent, and backward-compatible with the existing web.

HTTP/2 isn’t really something a user can implement, but there are things we can do to affect our browsing speed. Do you believe any of these common myths to speed up your internet speed?

The Benefits and Features of HTTP/2

HTTP/2 comes with some great updates to the HTTP standard. Some of the more important ones are binary framing, multiplexing, stream prioritization, flow control, and server push.

Binary Framing

HTTP message in HTTP/2 binary framing streams
HTTP Messages by mfuji09 is licensed under CC-BY-SA 2.5.

Following the update to HTTP2/, the HTTP protocol communication is split up into an exchange of binary-encoded frames. These frames are mapped to messages that belong to a particular stream. The streams are then multiplexed (woven together in a sense) in a single TCP connection.

The new binary framing layer introduces some new terminology; Streams, Messages, and Frames.

  • Streams are bidirectional flows of bytes that carry one or more messages.
  • Each of these streams has a unique identifier and can carry bidirectional messages using optional priority information.
  • Frames are the smallest unit of communication in HTTP/2 that contain specific sets of data (HTTP headers, message payloads etc.). The header will at minimum identify the stream that the frame belongs to.
  • Messages are a complete set of frames that map to a logical request or response message.
  • Each message is a logical HTTP message, like a request or responses, made up of one or more frames.

This allows us to use a single TCP connection, for what in the past required multiple.

Multiplexing

Multiplexing example

HTTP/1.1 ensures that only one response can be delivered at a time per connection. And the browser will open additional TCP connections if the client wants to make multiple parallel requests.

HTTP/2 removes this limitation of HTTP/1.1 and enables full requests and response multiplexing. This means that the client and server can break down an HTTP message into independent frames, which are then interleaved, and reassembled at the other end.

Overall, this is the most important enhancement of HTTP/2, as it will in part eliminate the need for multiple connections. This will in turn introduce numerous performance benefits across all web technologies.

The reduced number of connections means fewer Transport Layer Security (TLS) handshakes, better session reuse, and an overall reduction in client and server resource requirements. This makes applications faster, simpler and cheaper to deploy.

Websites with many external assets (images or scripts) will see the largest performance gains from HTTP/2 multiplexing.

Stream Prioritization and Dependency

Further improvements of the multiplexed streams are made with weight and stream dependencies. HTTP/2 allows us to give each stream a weight (a value between 1 and 256), and make it explicitly dependent on another stream.

This dependency and weight combination leads to the creation of a prioritization tree, which tells the server how the client would prefer to receive responses.

The server will use the information in the prioritization tree to control the allocation of CPU, memory, and other resources, as well as the allocation of bandwidth to ensure the client receives the optimal delivery of high-priority responses.

Flow Control

Issues with flow control in HTTP/2 are similar to HTTP/1.1. However, since HTTP/2 streams are multiplexed within a single TCP connection, the way flow control in HTTP/1.1 works is no longer efficient.

In short, flow control is needed to stop streams interfering with each other to cause a blockage. This makes multiplexing possible. HTTP/2 allows for a variety of flow-control algorithms to be used, without requiring protocol changes.

No algorithm for flow control is specified in HTTP/2. Instead, a set of building blocks has been provided to aid clients and servers to apply their own flow control.

You can find the specifics of these building blocks in the “Flow Control” section of the HTTP/2 internet-draft.

Server Push

Your browser will normally request and receive an HTML document from a server when first visiting a page. The server then needs to wait for the browser to parse the HTML document and send a request for the embedded assets (CSS, JavaScript, images, etc.).

In HTTP/1.1, the server cannot send these assets until the browser requests them, and each asset requires a separate request (i.e multiple handshakes and connections).

Server push will reduce latency by allowing the server to send these resources without prompt, as it already knows that the client will require them. So in the example above, the server will push CSS, JavaScript (a common scripting language in web pages), and images to the browser to display the page quicker.

Basically, server push allows a server to send multiple responses for a single client request.

Albeit manually, this is the effect we currently get by inlining CSS or JS into our HTML documents—we are pushing the inlined resource to the client without waiting for the client to request it.

This is a big step away from the current HTTP standard of strict one-to-one request-response workflow.

The Limitations of HTTP/2

Image of browsers that support HTTP/2

SPDY had a slightly stricter policy on security and required SSL encryption for all connections. HTTPS/2 does not require encryption but many services will not serve HTTP/2 without SSL.

All major browsers support HTTP/2, but none of them will support it without encryption. The CanIUs website has a great table overview over the current browser support for HTTP/2, as seen above.

The backward compatibility and translations between HTTP/1.1 and HTTP/2 will slow down page load speed.

There is no real reason why encryption shouldn’t be a default or mandatory setup by now. If you already have an SSL certificate on your site, you can improve the security of your HTTPS website by enabling HSTS.

Is HTTP/2 the Next Big Thing?

Comparison of HTTP/1.1 and HTTP/2 loading time

HTTP/2 was proposed as a standard in mid-2015, and most browsers added support for it by the end of that year. HTTP/2 already affects the way that the internet works and how applications and servers talk together.

There are no requirements to force the use of HTTP/2, but so far it only serves benefits and no drawbacks. It’s also a fairly minor change from a user perspective, one that people won’t really notice.

According to W3Tech, 31.7% of the top 10 million websites currently support HTTP/2. The quickest way for most of you to enable HTTP/2 on your website is to use Cloudflare’s CDN.

The next proposed standard (HTTP/3) is already in the works and is based on QUIC, another experimental project by Google. In October of this year, IETF’S HTTP-WG and the QUIC Working Group officially requested QUIC to become the new worldwide standard and to rename it HTTP/3.

If you are curious, Akamai.com has a quick tool to check if your browser supports HTTP/2. If it doesn’t, perhaps consider switching your browser.

Read the full article: What Is HTTP/2 and How Does It Affect the Internet’s Future?

What Is Google AMP? How It Works and Why It’s Useful for Mobile Sites

google-amp

AMP, or Accelerated Mobile Pages, is an open-source project created by Google with the aim of facilitating a smoother browsing experience for mobile devices. The project promises higher performance, increased engagement, and less data usage that benefits both users and publishers. How Does AMP Work? Page Speed became a ranking factor for mobile pages in July of this year (2018), and AMP is here to satisfy your website’s need for speed. In fact, AMP promises to make mobile browsing up to 85% faster. Through a combination of optimizations and restrictions for HTML, JavaScript, and CSS; AMP pages load almost instantly….

Read the full article: What Is Google AMP? How It Works and Why It’s Useful for Mobile Sites

google-amp

AMP, or Accelerated Mobile Pages, is an open-source project created by Google with the aim of facilitating a smoother browsing experience for mobile devices.

The project promises higher performance, increased engagement, and less data usage that benefits both users and publishers.

How Does AMP Work?

Page Speed became a ranking factor for mobile pages in July of this year (2018), and AMP is here to satisfy your website’s need for speed. In fact, AMP promises to make mobile browsing up to 85% faster.

Through a combination of optimizations and restrictions for HTML, JavaScript, and CSS; AMP pages load almost instantly. In place of author-written JavaScript, AMP-specific elements ensure speed and compatibility.

Page speed also improves with above-the-fold prioritization, specific AMP caches, and prerendering. Additionally, the use of small files and media, and few resource requests from the server adds further speed improvements.

The optimizations in AMP will also make sure the layout of your pages always load correctly, even before images and iframes (for adverts) are loaded.

This is done by specifying the size of images and iframes in the HTML document (called “static layouting”). And basically stops content moving around to fit the resources as they load.

What Is AMP Caching?

If you publish a valid AMP site, your pages are automatically cached as part of the AMP ecosystem. The cache will store your AMP documents, fonts, and images.

There are two AMP caches in use today, Google’s AMP Cache and Cloudflare’s AMP Cache. Cloudflare’s servers alone cover 102 locations in 50 different countries.

The cache is updated each time someone accesses content, and the updated content is served to the next user automatically. This ensures the latest version is served quickly to as many people as possible.

In addition to caching the content, the cache server will also provide some optimizations and modifications such as:

  • Validating the AMP format.
  • Limiting image dimensions to prevent browser memory issues and poor responsiveness.
  • Removal of image data that is invisible or difficult to see, such as certain metadata.
  • Converting images to smaller and more mobile-friendly image formats, such as converting GIF, PNG, and JPEG format images to WebP (what is WebP?) in browsers that support WebP.
  • Transforming images to lower quality if the request includes the Save-Data header.
  • Adds support for responsively sized images.
  • Serves over a secure channel (HTTPS) and uses the latest web protocols (SPDY, HTTP/2).
  • Sanitizes AMP documents to prevent XSS attacks based on incorrectly closed HTML tags, comments, and more.

In addition to these optimizations, the cache will also complete many HTML sanitization processes to normalize parsing.

A full list of AMP cache optimizations is available on the Google Developers pages.

What Are the Actual Benefits of AMP?

Speed is the main attraction of AMP. And it’s why many publishers like Google, Facebook, Baidu, Pinterest, and Twitter have already adopted the technology. The improved speed adds engagement and lowers bounce rates almost across the board.

AMP is especially useful in areas of low mobile internet coverage, or on congested and slow public networks like airports and coffee shops. And it’s why content loads in their apps so fast when regular browsing is slow.

Research done in a Forrester Consulting Total Economic Impact study (commissioned by Google) last year, found that:

“AMP leads to a 10% increase in website traffic with a 2x increase in time spent on page. For e-commerce websites using AMP, the study also found a 20% increase in sales conversions compared to non-AMP pages.”

Google’s Top Stories Carousel on mobile will only use Google’s AMP Cache to display articles, so for many publishers, using AMP should be an automatic choice.

New York Times, eBay, and AliExpress are good examples to check out that have taken advantage of AMP. If you click content from these sites (marked with an amp icon) in Google search on your mobile, you will load the AMP version of their pages.

AMP Stories

An addition to the AMP ecosystem earlier this year was the AMP Story. Similar to Snapchat stories, these are already in use by many publishers. Good examples include CNN’s story about missions still exploring our Solar System, and Mashable’s essential guide to Black Panther.

AMP Story Ads, an addition to the stories feature, was recently made available to all websites that use Google Ad Manager. These are fullscreen ads that appear in AMP stories, and are one of the many improvements that have made AMP much more useful than even a year ago.

What Are the Downsides to AMP?

Google mobile search
Image Credit: DepositPhotos

If you use Google, Twitter, Pinterest, Messenger, etc., you will notice that external links will open within the domain itself, instead of the domain it’s linked to.

Although the AMP viewer improves the browsing experience for users, it can be a negative for website owners. It takes away from your power to control visitor’s navigation through your site.

This can rob your site of page-views and could disturb your ad revenue. There are even some analytics and tracking issues that can be difficult to solve unless you use Google Analytics for AMP.

That said, some readers may prefer the tracking difficulties. If so here’s what you can do to find out who is tracking you online.

Google’s Top Stories Carousel on mobile devices will only feature AMP ready content. This is an important fact since the majority of traffic to all AMP content comes from people searching on Google.com.

This AMP favoritism doesn’t just stop at the news carousel. Google will also feature AMP enabled websites higher than any other links, including standard mobile-friendly sites. All that said, AMP itself is not technically a Page Rank factor (yet), but the speed improvements are.

Cloudflare can improve your Accelerated Mobile Pages

Even if you make your AMP pages available, they won’t always be used depending on the OS, apps, or device used. If you use Cloudflare, you can enable Accelerated Mobile Links to identify and display AMP content from your site on mobile, no matter the source.

Cloudflare can also help you improve your privacy and performance when using your mobile.

Visualization and Design in AMP

We love ourselves some fancy looking websites. However, limitations of AMP can make you lose some of your sites visual appeal that you can otherwise retain using Responsive websites and Mobile design.

Plugins in WordPress, for example, will serve AMP by offering a simplified version of your website. These WordPress to AMP converters offer very little visual appeal and are one of the main reasons why many AMP sites look similar.

If you design your AMP pages by hand, rather than using converters, you can get a design that is similar to traditional mobile design, and more visually appealing.

AMP still has a way to go, and many developers are strongly against its use as it’s forcing them to enter the Google ecosystem even further. This is causing many to search for Google alternatives.

Should You Create AMP Pages?

AMP brings a lot of benefits for website owners, especially if you serve high volumes of content daily. However, you can solve many of the issues that slow down a website like excessive use of JavaScript, slow server response, and large file sizes without implementing AMP.

Being smart with your mobile design can serve your website fast. Jenny Gove at Google has written a great article on What Makes a Good Mobile Site, which is worth a read.

There are WordPress AMP plugins and Drupal AMP plugins that can assist you in generating AMP content. Otherwise, the AmpProject quickstart documents are a valuable resource to use to hand code your AMP pages.

The entire AMPProject website is actually created and rendered in AMP, so it’s is a good example of how these pages can look in all resolutions, not just on mobile.

Although people have a strong dislike of AMP for many different reasons, Stonetemple.com has looked at 10 case studies to see the difference in user engagement and conversion. They conclude that as long as the AMP implementation is done completely, most websites, regardless of their niche, will see benefits.

The bottom line is that you should consider whether your customers will get any benefits from AMP. Depending on the services you offer and the content you serve, it may not add improvements over mobile pages. With proper optimization, mobile pages can load pretty fast too!

How to Disable AMP

Caching is a core part of the AMP ecosystem, and publishing a valid AMP document automatically opts it into cache delivery. If you want to remove your pages, Google has written a guide on how to remove AMP Content from Google Search.

If you want to stop loading AMP pages as a user, you can  disable AMP Links and load the original pages instead on your mobile.

Read the full article: What Is Google AMP? How It Works and Why It’s Useful for Mobile Sites

7 Ways to Make Your Website or Blog Load Faster for Visitors

website-load-fast

Slow page loading speed is one of the main reasons why your website is not getting the hits it deserves. As audience attention is at an all-time low, here are some top tips to speed up your site to make sure your visitors stick around. 1. Decrease the Actual Size of Your Website If your website loads slower than three seconds, people are likely to abandon it even before the homepage loads. Using the wrong format for your images can easily bloat your website, and ruin an otherwise great browsing experience. Over 70% of mobile web pages are over 1MB,…

Read the full article: 7 Ways to Make Your Website or Blog Load Faster for Visitors

website-load-fast

Slow page loading speed is one of the main reasons why your website is not getting the hits it deserves.

As audience attention is at an all-time low, here are some top tips to speed up your site to make sure your visitors stick around.

1. Decrease the Actual Size of Your Website

If your website loads slower than three seconds, people are likely to abandon it even before the homepage loads. Using the wrong format for your images can easily bloat your website, and ruin an otherwise great browsing experience.

Over 70% of mobile web pages are over 1MB, and 12% are over 4MB! Keep in mind that it takes seven seconds to download 1.5MB on a good 3G connection. The best practice is to keep each page under 0.5MB.

Learn the difference between JPG, PNG, and GIF, and make sure you’re using the resolution that you need.

According to GlobalStats, these are the most used screen resolutions for 2018:

  • 22.55% use a resolution of 360 x 640 (mobile)
  • 11.73% use a resolution of 1366 x 768
  • 8.26% use a resolution of 1920 x 1080
  • 4.91% use a resolution of 375 x 667 (mobile)
  • 2.94% use a resolution of 1440 x 900

This is over 50% of all users, so consider this when you add photos to your website.

2. Design Your Website for Mobile

According to research done by Google last year on mobile page speed:

The average time it takes to fully load a mobile landing page is 22 seconds, according to a new analysis. Yet 53% of mobile site visitors leave a page that takes longer than three seconds to load. That’s a big problem.

Over 75% of mobile sites take 10 seconds or more to load over 3G. Well over half of all traffic is via mobile devices, and this is not likely to go down. So keep a small website footprint to make mobile internet users happy, and make sure they stick around!

If you use a CMS like WordPress, Joomla, or Drupal, there are plugins to help make your website more mobile-friendly.

Alternatively, you can use tools like bMobilized or Duda Mobile to convert your desktop website to mobile. That said, it’s often best to design a separate website to ensure the best experience for your mobile users.

You should also consider offering a simplified version of your website using the Accelerated Mobile Pages (AMP) project. Using AMP pages will improve the page loading speed on mobile. There are strict guidelines for JavaScript and CSS, but the benefits are measurable.

Whichever route you decide to go down, make sure your mobile website is a lightweight option.And try to keep under the 0.5MB recommendation per page.

3. Make Sure Your Website Is Minified

If you’re writing your own website from scratch, edit it regularly. As your project develops, you’re likely learning more efficient ways of doing things, so make sure you go back through your code as you improve.

Minify and combine your CSS, HTML, and JavaScript. If you use a CDN like Cloudflare for example, there is a specific tab for speed improvements, where the first option is Auto Minify. If you use a website builder (like Squarespace or Weebly) this is likely done for you by default.

Cloudflare Auto Minify options

Make sure you test your website after enabling anything that combines or minifies your website’s resources. Experiment with the different options to see what’s best for your website, as some features can break with Minify enabled.

4. Avoid Loading Scripts When Not Needed

Having to load several JavaScript files before they are needed will slow down the speed of the entire page unnecessarily. Avoid loading scripts from third-party servers if you can.

Requesting these will slow down your loading speed, further and can potentially pose a security risk. Keep them on your website’s server when possible.

You can use defer or async to delay the loading of specific JavaScript files to reduce the strain on visitor’s devices and improve the load speed of your pages. Alternatively, for small scripts, you can inline the JavaScript directly into the HTML document.

Async will tell the browser to continue parsing the HTML at the same time as the JavaScript files are being downloaded. The pause will then happen after the file is fully downloaded.

Meanwhile, defer will tell the browser to execute JavaScript files after the browser has finished parsing the entire HTML document.

A browser will by default pause parsing HTML files while any JavaScript files are fetched and executed.

Inlining JavaScript in the HTML document will help by reducing the number of files a browser has to download before displaying a page. You can inline JavaScript by adding the content of any external JavaScript file between script tags.

You can safely use defer and async on Google Analytics, Facebook Pixel, and other analytics and error reporting tools without affecting the functionality of the page.

Lastly, consider whether the tracking codes, analytics, extra features, and ads you have running on your website are necessary. Use more lightweight options when possible, and scrap them if they don’t add anything of value to you or your visitors.

5. Use Caching and a CDN

A Content Delivery Network (CDN) will copy your site onto servers worldwide and reduce the data’s travel time by connecting visitors to a server geographically closer to them. Static content will also be cached and delivered by the CDN’s servers.

Cloudflare is likely the CDN you know best, but Akamai and Amazon CloudFront are well-established alternatives.

Make sure you also leverage browser caching to improve the loading speed of your website for repeat visitors. Browser caching works by downloading these files from the server onto the user’s device.

On further page views or visits, these files will load locally from the user’s device instead of requesting them from the external server (depending on the expiry date of the files).

6. Get Rid of Non-Essential Plugins

Plugins should only be used when necessary. This is true whether you use Wix, Weebly, WordPress, or Squarespace or anything else. Any features you can do by adding simple CSS rather than a plugin, you should. Use Code Injection on Squarespace, use the CSS Customizer in WordPress , and Custom CSS on Wix.

Plugins can cause a high CPU or memory strain on your server, and this can slow down or even stop your website from loading.

If you use WordPress, it’s likely that you’re not using all of its built-in features. Disable these with a plugin like Clearfy.

Always consider the plugins you are using. If you’re using few features in plugins like JetPack, consider removing them altogether, and replace them with more lightweight plugins that do the same job.

7. Server Settings to Speed Up Your Website

Server delay will have a big negative impact on your page load speed and your PageRank.

Google recommends that the Time to First Byte (TTFB) is 1.3 seconds or less. This is the longest delay before a device starts downloading a page after initially contacting the server. That said, the average page has a TTFB of over 2 seconds, well above their recommendation.

Shared hosts are usually the reason for this, but there are some settings you can configure to improve your server response time.

  • Use the latest version of PHP that your website is compatible with. The latest version (PHP 7.2)  has massive speed improvements.
  • Switch on “Keep-Alive”
  • Enable HTTP/2
  • Take advantage of HTTP Strict Transport Security (HSTS)
  • Set your backups to complete at night

If your website is made in WordPress, make sure you use a host that specializes in WordPress hosting, like Bluehost. This will make sure that the server settings are configured specifically for WordPress performance.

Finished Tweaking? Now Test Your Site

ThinkWithGoogle mobile test results

Now that you know the ideal page load time, size, and Time to First Byte (TTFB) that you should be aiming for, how do you know what yours is?

Here are some of our favorite online tools to test your site:

  • varvy.com: these tools will test your desktop and mobile page speed and performance, and give you valuable guides on how to improve your website
  • Google PageSpeed Insight: recently updated, the Google PageSpeed tool will test your speed and give you improvement suggestions
  • GTmetrix: a great tool with actionable advice
  • WebPageTest: test your website on different devices, operating systems, and locations
  • Pingdom: a very popular tool, similar to WebPageTest with a nicer interface

You can test your mobile site with the links above, and also the ThinkWithGoogle Mobile Test (powered by WebPageTest). The results will give you specific tips on what you can improve, with an estimated loading time reduction if you follow the tips.

The recommended best practices are constantly changing, so keep checking your page speed regularly as you make improvements.

For even more valuable insight into how your website is performing, remember to verify your domain on Google and Bing.

Read the full article: 7 Ways to Make Your Website or Blog Load Faster for Visitors

What Is HSTS and How Does It Protect HTTPS From Hackers?

protect-https

You may have made sure that your websites have SSL enabled, and the pretty security padlock in your browser is green. However, you may have forgotten about HTTP’s little security man, HTTP Strict Transport Security (HSTS). What is HSTS, and how can it help keep your site secure? What Is HTTPS? Hyper Text Transfer Protocol Secure (HTTPS) is a secured version of a website (HTTP). The encryption is enabled using the Secure Sockets Layer (SSL) protocol and is validated with an SSL certificate. When you connect to an HTTPS website, the information transferred between the website and the user is encrypted….

Read the full article: What Is HSTS and How Does It Protect HTTPS From Hackers?

protect-https

You may have made sure that your websites have SSL enabled, and the pretty security padlock in your browser is green. However, you may have forgotten about HTTP’s little security man, HTTP Strict Transport Security (HSTS).

What is HSTS, and how can it help keep your site secure?

What Is HTTPS?

HTTPS relies on HSTS

Hyper Text Transfer Protocol Secure (HTTPS) is a secured version of a website (HTTP). The encryption is enabled using the Secure Sockets Layer (SSL) protocol and is validated with an SSL certificate. When you connect to an HTTPS website, the information transferred between the website and the user is encrypted.

This encryption helps protect you against data theft through Man-in-the-Middle-Attacks (MITM). The added layer of security also slightly helps improve the reputation of your website. In fact, adding an SSL certificate is so easy, that many web hosts will add it to your site by default, for free! That said, HTTPS still has some flaws that HSTS can help fix.

What Is HSTS?

HSTS is a response header that informs a browser that enabled websites can only be accessed via HTTPS. This forces your browser to only being able to access the HTTPS version of the website and any resources on it.

You may not be aware that even though you have set up your SSL certificate correctly and enabled HTTPS for your website, that the HTTP version is still available. This is true even if you have set up forwarding using 301 Permanent Redirection.

Although the HSTS policy has been around for a little while, it was only formally rolled out by Google in July 2016. Which may be why you haven’t heard of it much yet.

Enabling HSTS will stop SSL protocol attacks and cookie hijacking, two additional vulnerabilities in SSL-enabled websites. And in addition to making a website more secure, HSTS will make sites load quicker by removing a step in the loading procedure.

What Is SSL Stripping?

Although HTTPS is a huge improvement from HTTP, it’s not invulnerable to being hacked. SSL stripping is a very common MITM hack for websites that uses redirection to send users from an HTTP to the HTTPS version of their website.

301 (permanent) and 302 (temporary) redirect basically works like this:

  1. A user types google.com in their browser’s address bar.
  2. The browser initially tries to load http://google.com as the default.
  3. “Google.com” is set up with a 301 permanent redirect to https://google.com.
  4. The browser sees the redirect and loads https://google.com instead.

With SSL stripping, the hacker can use the time between step 3 and step 4 to block the redirect request and stop the browser from loading the secure (HTTPS) version of the website. As you are then accessing an unencrypted version of the website, any data you enter can be stolen.

The hacker can also redirect you to a copy of the website you are trying to access, and capture all of your data as you enter it, even if it looks secure.

Google has implemented steps in Chrome to stop some types of redirection. However, enabling HSTS should be something you do by default for all of your websites from now on.

How Does Enabling HSTS Stop SSL Stripping?

Enabling HSTS forces the browser to load the secure version of a website, and ignores any redirect and any other call to open an HTTP connection. This closes the redirection vulnerability that exists with a 301 and 302 redirect.

There is a negative side even to HSTS, and that is that a user’s browser has to see the HSTS header at least once before it can take advantage of it for future visits. This means that they will have to go through the HTTP > HTTPS process at least once, leaving them vulnerable the first time they visit an HSTS-enabled website.

To combat this, Chrome preloads a list of websites that have HSTS enabled. Users can submit HSTS-enabled websites to the preload list themselves if they fit the required (simple) criteria.

HSTS preload check

Websites added to this list will be hardcoded into future versions of Chrome updates. It makes sure that everyone who visits your HSTS enabled websites in updated versions of Chrome will stay secure.

Firefox, Opera, Safari and Internet Explorer have their own HSTS preload list, but they are based on the Chrome list on hstspreload.org.

How to Enable HSTS on Your Website

To enable HSTS on your website you first need to have a valid SSL certificate. If you enable HSTS without one, your site will be unavailable to any visitor, so make sure your website and any subdomains are working over HTTPS before continuing.

Enabling HSTS is pretty easy. You simply need to add a header to the .htaccess file on your site. The header you need to add is:

Strict-Transport-Security: max-age=31536000; includeSubDomains

This adds a one year max age access cookie (what is a cookie?), which includes your website, and any subdomains. Once a browser has accessed the website, it’ll be unable to access the unsecured HTTP version of the website for a year. Make sure that all of the subdomains on this domain are included in the SSL certificate, and have HTTPS enabled. If you forget this, the subdomains won’t be accessible after you save the .htaccess file.

Websites that are missing the includeSubDomains option can expose visitors to privacy leaks by allowing subdomains to manipulate cookies. With includeSubDomains enabled, these cookie-related attacks won’t be possible.

Note: Before adding the one-year max-age, test your entire website with five-minute max-age first using: max-age=300;

Google even recommends that you test your website and its performance (traffic) with a one week, and one month value as well before implementing a two-year max-age.

Five minutes: Strict-Transport-Security: max-age=300; includeSubDomains
One week: Strict-Transport-Security: max-age=604800; includeSubDomains
One month: Strict-Transport-Security: max-age=2592000; includeSubDomains

Making the HSTS Preload List

By now you should be familiar with HSTS and why it is important for your site to use it. Keeping your website visitors safe online should be a key element of your site plan.

To be eligible for the HSTS preload list that Chrome and other browsers use, your website has to meet the following requirements:

  1. Serve a valid SSL certificate.
  2. Redirect from HTTP to HTTPS on the same host, if you are listening on port 80.
  3. Serve all subdomains over HTTPS. In particular, you must support HTTPS for the www.subdomain if a DNS record for that subdomain exists.
  4. Serve an HSTS header on the base domain for HTTPS requests:
    • The max-age must be at least 31536000 seconds (1 year).
    • The includeSubDomains directive must be specified.
    • The preload directive must be specified.
    • If you are serving an additional redirect from your HTTPS site, that redirect must still have the HSTS header (rather than the page it redirects to).

If you want to add your website to the HSTS preload list, make sure you add the required preload tag. The “preload” option signifies that you want your website to be added to Chrome’s HSTS preload list. The response header in .htaccess should then look like this:

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

We recommend that you add your website to the hstspreload.org. The requirements are pretty easy to meet, and it’ll help protect your website’s visitors, and potentially improve your website’s search engine ranking.

Read the full article: What Is HSTS and How Does It Protect HTTPS From Hackers?

Why You Shouldn’t Leave Your Phone Plugged in Overnight

charge-overnight

There are many myths on how to treat your smartphone, tablet, or laptop for battery longevity. The most common ones are to regularly drain your phone to 0%, and to always charge it to 100%. You might also have heard that your battery has a memory, and that you should never partially charge the cell. This is all completely wrong, based on older battery technology which is no longer found in most smart devices. Here’s the truth about maintaining smartphone batteries. Charge Cycles Determine Battery Life Expectancy You want your tech to be usable for as long as possible; warranties…

Read the full article: Why You Shouldn’t Leave Your Phone Plugged in Overnight

charge-overnight

There are many myths on how to treat your smartphone, tablet, or laptop for battery longevity. The most common ones are to regularly drain your phone to 0%, and to always charge it to 100%. You might also have heard that your battery has a memory, and that you should never partially charge the cell.

This is all completely wrong, based on older battery technology which is no longer found in most smart devices. Here’s the truth about maintaining smartphone batteries.

Charge Cycles Determine Battery Life Expectancy

Should you keep a low battery fully charged

You want your tech to be usable for as long as possible; warranties are invalid if you fiddle with your device. Getting the most out of your battery is increasingly important as most people are uncomfortable with changing the default battery.

Rechargeable batteries will slowly lose some capacity over time, even if you don’t use them. Through regular use of your device, you will usually notice this capacity drop after the first year. While for most of us, getting through a single day on a single charge is impossible before the two-year mark.

“Battery charge cycles” is how manufacturers specify the life expectancy of a battery. A charge cycle is defined as the battery being charged from 0% to 100% and then discharged back down to 0%. The number of expected charge cycles will tell you how many full cycles the battery can handle before it noticeably starts to lose capacity.

Lithium-Ion (Li-Ion) batteries are used in the majority of today’s rechargeable tech. You can find some form of Lithium-Ion batteries in mobile phones, vaporizers, laptops, Teslas, and even chainsaws. The most popular Li-Ion battery is the 18650. This battery can take between 300 and 500 full charge cycles before being reduced to roughly 75-80% capacity, when major flaws start developing.

The King of Rechargeable Batteries: Lithium-Ion

Smartphones and tablets use a variation of the Li-Ion battery, Lithium-Ion Polymer (Li-Poly). This version of Lithium-Ion batteries is safer, smaller, and charges faster. Otherwise, the same lifespan rules apply to Li-Poly as with any Li-Ion battery.

One of the factors that increase the speed of Li-Ion battery degradation the most is charging it past 80% and letting it drop below 20%. The closer to 100% you go, the faster the chemical reaction that can create flaws will happen. If you have a Tesla, they curb the charging by default, don’t worry!

As the 300-500 number of charge cycles is based on cycles, and your battery degrades fastest below 20% and above 80%, you can extend its lifespan by avoiding extremes. Partial charges and discharges that combine to 100% are counted as a single full cycle. So if you instead partially charge and discharge your phone between 20% and 80%, research says you could get 1,000 full cycles (almost 3 years of daily charges) or more before hitting a noticeable drop in capacity.

Don’t Play Games While Your Phone Is Charging

Temperatures below 32 Fahrenheit (0 Celsius) and above 158 Fahrenheit (70 Celsius) will degrade your Li-Ion battery faster. Don’t leave your device in your car on a hot day and don’t put it in your freezer (or in the snow).

Leaving your smartphone plugged in while using it for anything intensive, like watching YouTube, or playing a game is a big no-no. This high-voltage and high-temperature state is the worst situation for your battery to be in.

Besides this, mini-charge-cycles can affect your battery negatively. Some parts of the battery will go through more charge cycles than others, which will age the battery. This could lead to battery cell damage, which can cause your phone to die even if your battery displays as charged.

Similarly, try to avoid the use of fast-charging technologies overnight, as this can induce a similar high-temperature situation. Fast-charging technology is not intended to be used to charge your phone from empty to full, but rather for short 20-30 minute charge periods. Li-Ion batteries will also degrade faster at 100%, so the less time your battery is fully charged, the better.

Samsung seems to be alone in that they have added a simple way to disable fast cable charging in the Samsung battery settings. This is available for both tablets and phones, so to get the longest lifespan out of your battery, you should disable this.

Use Software to Control Your Charging Habits

One way to take advantage of partial charges would be to stay close to your phone when it’s charging. However, alarms can be considered more efficient.

For Android, Accubattery displays tips to improve your battery’s health and allows you to set battery percentage alarms. Options to set up alarms for iOS seems to be lacking, but for 10$, FruitJuice has a lot of features to help extend your battery life on macOS.

Some laptops will have BIOS settings available where you can configure the maximum battery charge percentage. Lenovo has made this easier for Windows with their Lenovo Energy Management software. By installing this and selecting Optimize for Battery Lifespan, your laptop battery will stop charging at 80%.

Don’t Charge Your Phone Overnight

In general, you should try to avoid charging your phone overnight, and instead unplug your phone when you go to bed, and charge it after you wake up. During the time it takes you to shower and eat breakfast you should reach a comfortable charge percentage.

Definitely also avoid leaving your phone under your pillow while charging it. Besides the real risk of a fire, the lack of airflow can cause a high-temperature state, which will increase the battery degradation.

We’re not saying to only charge your phone in the morning. Realistically with partial charges, you will also charge it during work or in the evening. However, as much as you can, avoid going over 80%.

Although Li-Ion batteries don’t have a charge capacity memory, there is some research that says that you should fully discharge your battery at least once every 30 cycles. Your hardware can form a digital memory which will make the charge gauge inaccurate if the battery is never fully discharged. For most people this will happen naturally at least a few times a month, so we don’t recommend going out of your way to fully discharge your battery.

That said, if your phone dies randomly even though the battery gauge says you have charge left, it could be caused by miscalibration (or a faulty battery). If calibrating your battery (here’s how to do that on a MacBook) doesn’t fix the issue, then faulty batteries should be a valid claim if your battery is still under warranty.

Reduce the Battery Drain on Your Device

Samsung power saving mode

Beyond watching the temperature and charge percentage of your device, you can further extend the battery life by reducing how often you need to charge it. Fewer charges mean fewer cycles, which means a longer life for your battery and your device.

Reducing the screen timeout duration and turning down the brightness settings will have the biggest impact. There is a reason why tests use Screen-on-Time (SoT) when testing for battery life on smartphones. Apple has introduced some useful   features that use SoT to help curb your phone addiction in iOS 12.

In addition, most smartphones and some laptop operating systems will have a form of battery saver option. Turn this on when possible. There are simple steps to configure your Windows 10 device to optimize your battery life without extra software.

Battery saver will rarely affect your experience of the device negatively, especially when you are not actively using the device.

Disabling signals like Bluetooth, GPS, Wi-Fi, and mobile internet are common tips to save battery life. These days Bluetooth and Wi-Fi signals are pretty battery efficient. Disabling GPS and the mobile internet signal can reduce the battery drain noticeably on most devices.

Tips for Extending the Lifespan of Your Battery

In the short to medium term, you may not notice much difference. However, you’ll be happy when your phone still survives a day on a single charge after a year. Following these tips, your battery should not hit 80% charge capacity until after 2+ years of use.

  1. Use partial charges to keep your battery between 20% and 80%. You can use software to notify you when your battery reaches 80% so you can unplug it.
  2. Reduce the amount of time your battery is kept at 100% charge by not charging your phone at night. This is when the battery will degrade the fastest.
  3. Avoid using fast-charge for longer periods.
  4. Keep your device at room temperature, and avoid extreme temperatures.
  5. Where possible, set the maximum charge of your battery to 80%.
  6. Reduce the battery drain of your device by turning off unnecessary services. Use battery saver to get even longer use from every charge.
  7. If you are storing batteries unused for longer periods, discharge them to 70% and store them somewhere cool. Storing batteries at full charge will cause them to deteriorate faster.

If all that isn’t enough, the pressure to keep upgrading our devices has a real impact on the environment. In fact, as of 2016, we only recycle about 12.5% of our annual electronic waste. By getting longer use from your tech, you can pat yourself on the back for helping save the planet.

Read the full article: Why You Shouldn’t Leave Your Phone Plugged in Overnight

How to Spot Fake “Evil Twin” Public Wi-Fi Networks Run by Hackers

wifi-evil-twins

Whether you’re in an airport, in a coffee shop, or a library, free Wi-Fi is available almost everywhere these days. Unfortunately, not all free Wi-Fi networks are vigilantly protected when it comes to their IT security. That Wi-Fi network you’re using could be open to security threats by hackers and cybercriminals, putting your personal information at risk. Here’s what you need to know about fake Wi-Fi networks. Why Do Hackers Use Fake Wi-Fi Networks? Public Wi-Fi is often a target for Man in the Middle (MITM) attacks. According to SaferVPN, up to 25 percent of all public hotspots are used by hackers…

Read the full article: How to Spot Fake “Evil Twin” Public Wi-Fi Networks Run by Hackers

wifi-evil-twins

Whether you’re in an airport, in a coffee shop, or a library, free Wi-Fi is available almost everywhere these days. Unfortunately, not all free Wi-Fi networks are vigilantly protected when it comes to their IT security.

That Wi-Fi network you’re using could be open to security threats by hackers and cybercriminals, putting your personal information at risk. Here’s what you need to know about fake Wi-Fi networks.

Why Do Hackers Use Fake Wi-Fi Networks?

Starbucks Wi-Fi login page

Public Wi-Fi is often a target for Man in the Middle (MITM) attacks. According to SaferVPN, up to 25 percent of all public hotspots are used by hackers to access your personal information.

Besides taking advantage of any insecure Wi-Fi networks to steal your identity, two additional Wi-Fi vulnerabilities that hackers can use are Rogue Access Points (AP) and Evil Twins. These are seemingly genuine wireless networks created to trick potential victims into giving away their personal information.

They can look and act as what you would expect from a real network. This includes using the same or similar name (think Starbucks Wi-fi versus Starbucks Free Wi-Fi), and the same login screen.

While connected to an insecure and unencrypted network, you are at minimum giving the hacker free access to anything you do while online. This includes grabbing any usernames, passwords and other personal information that you enter.

At most you’ll download a virus or malware and give them full access to your device even after you disconnect from the insecure “network”.

If you connect to a network where a credit card is required for access, like a hotel, or an airplane “pay per hour” network, the hacker will have copied your credit card info even before you start browsing. In short, any data you upload or download while on the hacker’s Wi-Fi is visible to them.

While there are other ways hackers can use public Wi-Fi to steal your identity, we’re going to focus on what Evil Twins and Rogue Access Points are, what to look for, and what you should do if you connect to one.

What Is a Rogue Access Point (AP)?

hilton wifi login screen

A Rogue AP, sometimes used interchangeably with Evil Twin, is an insecure device connected to a network unbeknownst to the owner. This device will broadcast its own Wi-Fi that will connect you to the genuine network created by the business.

It will seem like connecting to the Wi-Fi as normal, but your connection will go via the hacker’s access point instead of the intended secure device.

A hacker will usually combine this with a Denial of Service attack on the original access point to disable it, making theirs the only available signal.

Rogue Access Points are a massive security issue that threaten the security of all the connected users. Any network security features and firewalls that may be enabled on the network will not affect a Rogue APs access to your transmitted data.

A Rogue AP is difficult to spot as a user. However, if you’re worried that you might have any extra devices on your network, here’s how to find a rogue device on your network.

What Is an Evil Twin Wi-Fi Network?

An Evil Twin is technically a type of Rogue Access Point that can be set up with any phone or laptop with wireless capabilities. It differs in that it’s not strictly connected to the business’ Wi-Fi unknowingly. The hacker will set up a duplicate wireless network that also looks and acts the same way as the original network, down to using the same name and seemingly the same security features.

The signal of this Wi-Fi will usually overpower that of the real network, simply by being physically closer to the user. Again, a Denial of Service attack to knock out the original access point is not uncommon in this scenario.

Either way, this means that potential victims will connect to the hacker’s signal rather than the genuine network.

How to Spot an Evil Twin Wi-Fi Network

Unfortunately, in real life, evil twins don’t wear goatees to make them easy to identify. Don’t assume that because the name of the Wi-Fi is “Starbucks Free Wi-fi”, that it is secure, or even that it belongs to Starbucks.

Oddly enough, the easiest Evil Twins to spot can be those that are password protected. If you purposely enter the wrong password and you don’t get an error message, the access point is likely fake. An Evil Twins will commonly let anyone access it regardless of the password you enter.

Look out for very slow network connections. This could be a sign that the hacker is using mobile internet to connect you to the web.

Also, pay attention to the address bar of the websites you visit. If your banking website shows an unencrypted HTTP version instead of HTTPS, your connection is definitely unsafe. This is called SSL Stripping, and a hacker can get your passwords or banking details as you enter them.

It’s easy for a hacker to redirect you to a fake version of any website if you connect through their device, and this way, they can get your login details as soon as you enter them. Using a VPN will not protect you in these cases, as you are entering your information into the hacker’s own website.

However, make sure that the URL is correct, and look out for grammatical errors or language that you would not expect from the website.

Fake domains (often using misnamed addresses) are something you should watch out for when browsing in any situation, as they are one of many common social engineering threats you can face online.

How to Avoid Being a Victim of Public Wi-Fi Hacks

Always use a VPN, like our #1 ranked service ExpressVPN, on your tablet, phone, or laptop. There are VPN solutions for pretty much all devices, including your smartphones, tablets, laptops, desktops, and routers.

When accessing a public Wi-Fi, especially if you don’t have a VPN installed, keep to regular browsing. Avoid accessing any websites where you will input sensitive data, like Amazon or your online banking.

Look out for SSL certificate errors. Many browsers will let you know if you are accessing an insecure and unencrypted page. Make sure that you access encrypted versions of any website. Always check if the “Secure” notice in your address bar is green. In addition to a VPN, you should consider security extensions like HTTPS Everywhere.

If you do see a security certificate error, don’t ignore it. Instead, close the website, and look for other hints that you are on a suspicious network.

It might also be worth disabling your device’s “auto-connect to Wi-Fi” feature to prevent accidentally connecting to an illegitimate network.

Take care and follow these seven secure strategies to use public Wi-Fi safely on your phone.

What to Do If You Connect to an Evil Twin or Rogue AP

Even if you are vigilant, your phone might automatically connect you to an insecure network without you realizing. If you suspect that you have connected to a compromised network, follow these steps to reduce the potential consequences.

  • Disconnect as quickly as possible.
  • Clear your list of saved Wi-Fi connections, to avoid connecting to the same one in the future.
  • Clear your browser cache
  • Run antivirus and malware checks.
  • Change the password to any site you logged in to, and any other websites that use the same login information.
  • Call your bank and cancel any bank cards you used.

Any unencrypted network and public Wi-Fi can be targets for a MITM attack. In fact, the network doesn’t even need to belong to a hacker with criminal intent—any network set up without security in mind is vulnerable. So be careful out there, and always use a VPN  when you’re online!

Read the full article: How to Spot Fake “Evil Twin” Public Wi-Fi Networks Run by Hackers

Why You Should Buy Your Tech From China (And How to Do It Safely)

Most of the brand-name tech we buy today has inflated prices to cover advertisement cost, store rentals, staff etc. The Chinese market is different, and many manufacturers don’t market their products in the same traditional ways. The tech you buy is also most likely already made in China, so buying your new laptop with a more direct line from the manufacturer will not only save you money, but will hopefully help force the Big Names™ to re-examine their price points to bring affordable tech to everyone. What Tech Can You Buy From China? Cheaper production costs, little to no advertisement expense,…

Read the full article: Why You Should Buy Your Tech From China (And How to Do It Safely)

Most of the brand-name tech we buy today has inflated prices to cover advertisement cost, store rentals, staff etc. The Chinese market is different, and many manufacturers don’t market their products in the same traditional ways.

The tech you buy is also most likely already made in China, so buying your new laptop with a more direct line from the manufacturer will not only save you money, but will hopefully help force the Big Names™ to re-examine their price points to bring affordable tech to everyone.

What Tech Can You Buy From China?

Cheaper production costs, little to no advertisement expense, and a lax grasp on copyright law means that if you have some patience for delivery times, you can grab a bargain on anything from fitness trackers and other wearables, to laptops, mobile phones and even DIY go-carts.

The tech is equivalent in quality and specs to brand names you know, and other than slow delivery time and potentially poor customer service, there aren’t many good reasons not to get on the Chinese market bandwagon.

An increasingly recommended product line to look out for is Xiaomi. As a brand, they are quickly gaining ground on many staples like Samsung, Asus, and Apple. You may have already heard about the Xiaomi mi band fitness tracker or their popular redmi mobile smartphones, one of the top cheap Android phones.

Why Is It Cheaper to Buy Tech From China?

Want to try some new technology before breaking open your savings for high-end products? By buying from China, you can get your smart bulbs, drones, cameras, laptops, or robotic vacuum cleaners, test them, and either use them until you replace them, or give them away and buy a higher-end product when you’re ready.

You’re not paying for staff, customer service, fast delivery times, easy returns, or extended warranties (a warranty that few of us ever use). What you do pay for, is the same quality of product with a different brand name and logo.

Just get the product that you need and forgo the rest of the first world customer service expectations you may have. You can always get your own gadget insurance to cover your shiny device afterward.

Where to Buy Chinese Tech

Right now, two of the better and more popular sites are AliExpress and Banggood. Other popular websites include:

Be wary that the quality of service might be sketchy with some of these sites, but doing a quick Google search will usually let you know if the site is still good.

AliExpress online marketplace

Your miles may vary with GearBest, Lightake, and Geekbuying, whose delivery and customer service is reportedly going downhill. Gearbest especially has had a big fall from grace this year, but remains popular.

TomTop and Tradingshenzen are both popular, and might be a better option than the other three these days.

Our recommendation would be to hit AliExpress first and then check out the other sites for potential deals.

Some recommended stores on AliExpress include HK Goldway, Mi Store, Mi Global Store, Fantacy, Eternal Team, and Xiaomi MC Store.

More often than not, products will be delivered as advertised, and if they aren’t, the sellers are happy to re-deliver or to offer refunds for broken items or non-deliveries. Negative ratings will often kill a seller on AliExpress, so they will do a lot to avoid it.

How to Shop Safely From China

Many of the websites offering Chinese brands will do crazy deals regularly to get new customers signed up, so look for those and make your savings even higher. There is usually at least one coupon code you can use.

Most Chinese product resellers have a similar policy to AliExpress. Our article on whether AliExpress is safe or legit will answer many of your questions about what you can expect to experience when using these sites.

If you’re buying from AliExpress or other sites where there are multiple sellers, try to avoid sellers with few reviews. If prices are much cheaper than any equivalent products, keep in mind that it may be a scam or fake products, and look for something that seems closer to the average price point.

All that said, you will need to do your due diligence, and look for reviews of the product and the seller that you are buying from. Doing this will help ensure that you’re not being scammed, or receiving a dodgy product. The time spent doing this will definitely be worth it.

Mobile carrier frequency bands

If you are buying a mobile phone, make sure that the wireless carrier bands are available in your area and with your carrier. Our look at GSM, CDMA, and mobile frequency bands will help. You can find specifics about what frequencies your carrier uses on Frequencycheck.com.

Shipping and Delivery Times From China

When buying products from China, shipping could take up to 6 weeks depending on their warehouse locations. In busy periods, your order could take a week to start shipping. If patience is not a virtue you hold, Amazon might be a better option.

Do not order from any of these sites if you need to get the items by a specific date. If you do, make sure you order at least two months ahead of any birthday or anniversary to stay on the safe side and avoid disappointment.

If you are buying a more expensive product, we recommend getting the shipping insurance offered on check-out. It usually won’t add a lot to your overall cost, but if something does get lost the seller is much more likely to offer you a quick refund. Gearbest, for example, will only refund half of what you paid if you don’t have the insurance.

Customs and Import Duties

Most products you order from these websites will be marked as “gift” to avoid extra custom or import charges. There is still a chance that your package will get stopped in customs, especially if you chose one of the faster delivery options like DHL.

More often than not you will avoid this cost, but to avoid any nasty surprises, here is a US customs calculator you can use to see how much it could potentially be. In the US, the import duty is determined by the type of item you buy, and its price.

Returning Items to China

Returning orders can cause more headaches than what they are worth, so don’t order something that you would expect to return if it isn’t suitable for what you want. For cheaper items especially, your return shipping costs may be more expensive than the item itself.

Security Concerns When Buying Tech From China

In a world where we share (willingly or not) more and more information about ourselves and our lives, privacy, and device security are both becoming increasingly important to all of us.

We have previously written about the potential security holes in some mobile devices from Huawei and ZTE. While it’s hard to keep up with the products and manufacturers to watch out for, it’s likely they have similar privacy policies—some are just more obvious in their data mining than others.

It probably goes without saying though: don’t use these phones for government or security cleared business. See our guide to privacy on Huawei phones for more.

Read the full article: Why You Should Buy Your Tech From China (And How to Do It Safely)