Standby for HTTP/2 – A faster, more secure internet!

A faster internet with HTTP/2

Image source: www.trainersonsite.com

The internet is going to get faster. Yowzah!  It’s a tad techy, but trust me this is a BIG DEAL. The connection between your browser and internet stuff will be able to run faster and more securely using the all new and improved HTTP/2. Its good news for all internet users.

When we be going faster ?

When both your browser and the web server/resource you’re connected to both have HTTP/2 support.

Browsers are ready. Maybe.

Chrome 40 (already released) includes HTTP/2 support
Firefox 35 already supports HTTP/2
Internet Explorer (You want performance and you use IE. Really??!)

Web Servers are ready. Maybe.
IIS released in Windows 10
Apache requires mod_spdy to be deployed
* see Industry Comments below
Litespeed can support HTTP/2

The HTTP/2 low down

* Warning there’s some techy stuff here!*
HTTP/2 is nearly here. About time! The HTTP/2 standard which has been under development since 2012 is nearly ready to be released into the wild. HTTP/2 offers a number of ‘modernised approaches’ to shifting data across the wire that are quite normal now in other communications mediums so its good to see the internet finally catching up.

Binary transfers

HTTP 1.1 currently only allows text transfers over the wire. HTTP/2 will inherently improve online transfer speed and security by providing for binary data transfer.

Multiplexing

HTTP/2 allows for multiple bidirectional streams, multiplexed over a single TCP connection, and multiple HTTP/2 TCP streams can be used (up to 100, all independently) as well. Wow!

More compression coming to an internet near you soon

Standby for the HPACK http header compression standard to be published soon

Industry Comments

Andrew White, Technical Support Manager at Micron21

At this stage we have no plans to implement HTTP/2.0 (or HTTP/2 as it’s also called) due to software incompatibilities. Currently cPanel provides very limited unofficial support for mod_spdy (the origin of HTTP/2.0) due to incompatibilities with the latest Apache version and dependencies on a flawed version of OpenSSL.

This standard has only been approved by the IESG for 7 days now – the technology would definitely be classed as bleeding edge software. The environment we provide is an enterprise production based one, so we will likely not run this on any of our servers at any time soon.

A point of interest is that Litespeed (the primary HTTPD we use on our shared hosting, we ditched Apache a few years ago) has put in preliminary support for HTTP/2.0 on their open/development application OpenLitespeed, so we’ll likely have provisional support in Litespeed within the next month or two.

Kind Regards,

 Andrew White
Technical Support Manager
www.micron21.com

 

 

Read more:

Is your Business or Phone at risk from the Heartbleed Bug?

Heartbleed logoRecently my wife announced that the  ‘internet had been hacked’.  She had been watching the TV News which featured a story about the ‘HeartBleed’ bug and in true popular media style,  the story was blown out of proportion… Or was it?

What is the Heartbleed Bug?

Its technical so hold onto your hat and I’ll do my best to de-geek it. Heartbleed relates to Open SSL (Secure Socket Layer protocol)  SSL is used for internet connections that need to be secure; say between your PC and your online banking service, or providing credit card details when shopping online. SSL encrypts and so protects the information you pass back and forth ‘on the wire’ from unscrupulous eyes. Open SSL is an Open Source implementation of SSL.

The Open SSL Heartbeat Extension maintains encrypted connections with a communication ‘heartbeat’ . The Heartbleed bug stems from a software glitch in the Heartbeat Extension that unfortunately exposes some memory on each ‘heartbeat’ – hence the name ‘heartbleed’.  That piece of memory could be examined for unencrypted information like userids, passwords etc, and then more memory for each subsequent heartbeat.

How does that impact your website?

If your site uses SSL (e.g. for ecommerce etc) via Open SSL you may be exposing your clients to the risk of having their userids, passwords and other secure information they’ve entered stolen.

Your Android phone/tablet might be at risk too

It is possible for a malicious server to use a “reverse Heartbleed” attach to gain access to the client memory (ie for usernames and passwords. Notably Google has confirmed that Android version 4.1.1 (Jelly Bean) has the Heartbleed bug – this affects approximately 50 million Android devices. 

This YouTube video shows how Heartbleed can be used to silently hack into your Facebook and other online services on your Android:

How is Heartbleed fixed ?

There is a web server patch available, but even I’ve discovered several commercial web hosting servers that are still not updated. Jelly Bean Android’s are still exposed at this stage…

Takeaways:

 References:

Is your Website ready for the new Australian Privacy Principals ?

From March 12 2104 the Australian Privacy Principles (APPs) will replace the previous legislated privacy requirements, and we encourage you to review the changes that may affect your website. According to Legal123 the new Australian Privacy Principals are becoming stronger with more restrictions and prescriptions for business.

Be aware this is not the usual yadda yadda with no consequences, as Legal 123 warns, …the Australian regulators have commenced reviewing websites and have been issuing penalties for non-compliant websites. Read more.

Changes include:

  • Your Privacy Policy must include your contact details, so customers/visitors can contact you to find out more and/or complain
  • You must notify customers/visitors whether you disclose personal information to overseas organisations
  • If you collect “sensitive” personal information you must get active agreement from the customer
  • If you collect information that is not directly related to your business you must notify the customer/visitor and obtain their permission
  • If you use customer information to direct market you must notify the customer and allow them to ‘opt out’ easily
  • You must ensure personal information you have is accurate and up-to-date and protected from mis-use or accidental disclosure, and
  • If asked, you must give customers/visitors access to their information within a reasonable period of time.

Read more here about APP at the Office of Australian Information Commissioner

European Privacy Requirements
Does your website’s target market include 
European countries (including the UK) ?
If so, you should take steps to ensure your website is compliant with the tougher European privacy requirements
Your site is required to provide ‘active’ 
notification to visitors if it is using cookies.

Succinct Ideas can source and install an Online Business Package that contains website documents:

  • Privacy Policy
  • Website Disclaimer
  • Terms and Conditions

The package also includes a complimentary disclaimer for you to use with your emails.

Read more or contact us to discuss your requirements.

So Duplicated Content isn’t a Rank Penalty anymore… Or is it?

In this new video Matt Cutts redefines the impact of duplicate content on a site’s SEO performance. For years the SEO community has been heeding guidelines, hints and more from Google that duplicate content will damage your site’s SEO. In what appears to be a complete turn-around, Matt now tells us that duplicate content wont damage your’s site ranking, but it will find the “best” result from the “cluster” of duplicated pages…

So did the SEO ‘community’ over-speculate on the duplicated content penalty or did Google decide to change their mind about this… All we need to do now is second-guess what Google means by “best result”; well only until they change their mind again…

How will Google Hummingbird impact your site’s SEO?

Google has just released a major algorithm update codenamed Hummingbird

The SEO community is typically awash in speculation on if and how this newest change will impact website ranking.
SearchLand have released this overview of Hummingbird’s potential impact

It seems to me that there will be little rank impact from this release, and that one of the outcomes was Google being smarter about processing enquiries with this recent conversational search example giving some insight

Mobile searches will be more accurately reported in iOS7

If you are interested in what people searched before they arrived at your website then it has been a frustrating time recently:

Google Analytics has been masking search terms for ‘privacy reasons’ and calling the result ‘not provided’ for some time now. This results in around 30% of organic search terms hidden in Analytics – here’s a current example:

Google Analytics 'not provided' search terms - over 30% of searches

Google Analytics ‘not provided’ search terms – Typically around 30% of searches

Safari on iOS6 on your iPhone & iPad had also been masking search ‘refer’ info since Sept 2012 too. Searches from these popular mobile devices has been mis-reported in your web stats systems since then but Search Engine Land reporter Barry Swartz has been testing iOS 7 and notes that “…When iOS 7 is released to the masses, expect major shifts in your analytics to account for the proper reporting of Google search traffic from iOS devices.

Yah! At least we’ll be able to analyse critical mobile web traffic a bit more accurately… at least for a while…

 

Goodbye Google Keyword Tool

Sadly Google has decommissioned our old friend the Keyword Tool and replaced it with the more AdWords focused Keyword Planner.
– after all Google wants you to use the data for your AdWords campaigns !

After a quick look around the Keyword Planner offers much the same info, although it does use exact form keywords rather than the vastly inaccurate broad form and the searches over time charts look nice. There’s more details about the differences between the two here

The Keyword Tool has been around for years: I even dipped into the murky depths of old The Internet Marketer posts to try and find out when I started using it -about 2007 I think.

Before Google introduced the Keyword Tool ( in the SEO equivalent of the Jurassic Period) it cost serious money to get quality keyword data.  Back then WordStream (now with a fabulous Adwords tuning system) were the goto people for keyword research data, but unfortunately Australian-only data wasn’t available.

Time marches on and things change, but I shed a sentimental tear for the passing of the Keyword Tool.

Bing is Siri’s search engine in iPhone IOS 7

Wow this is the most interesting bit of news I’ve heard in a while…

In the new  IOS 7 update for Apple iPhone/iPad Siri uses Bing as it’s search engine.
This is a mighty slap in the face for Google, a major coup for Bing and may signal the start of a new era…

Lets put this into context:

– Currently Google ‘owns’ internet search
– Apple ‘owns’ the mobile computing space (albeit tenuously with Android devices snapping at its heels)
– Mobile internet usage has exploded (so ‘owning’ mobile search is critical for Google ongoing domination)
– Apple has chosen to align with Microsoft’s Bing for its mobile searches (from Siri)

QED: Reduced exposure in mobile = weakened domination of internet search for Google

I cant imagine Google is going to relinquish its strangle-hold on search so easily so standby for the fireworks…

The side story is that astute clients are already expressing interest in their site’s Bing ranking.

 

 

Batten down the hatches. Here comes Penguin 2.0

As outlined by Matt Cutts below, Google’s new Penguin release is about to gobble up any ‘spammy’ websites

The SEO industry is madly chattering about the impact because Matt is suggesting it will hit some sites hard.
It will be interesting to see what the impact is on Aussie websites…

SoapBox Moment:
While Google’s ongoing battle to remove of  ‘unworthy’ websites continues, I’m increasingly concerned that while this might be seen as an altruistic move by Google to purify the internet, in my experience their actions are driving more businesses to invest heavily in paid search as it is increasingly their only assured method of gaining online exposure. Note that paid search is Google’s primary income channel. Even if there is a connection here, however tenuous, who could stop Google from doing this… ?

As an aside, I wonder if Penguin 2.0 will now detect negative criticisms of Google here, and then promptly banish this website to obscurity ?