I've taken a step back from implementing new features. Mostly because sales agents and customer service reps take forever to get back to me. I can't blame them, I expect a lot from partners. It's hard having standards when you're still starting out and can't afford to be picky.
With that in mind, today I decided to tackle optimizations and refinements in the areas of performance (speed) and security. Because of course, privacy means nothing without security. And we're all about privacy around here. So I plugged a few security holes that would have otherwise allowed people to steal your session cookies and impersonate you. That's no longer possible. Well, it's more difficult at least. Unfortunately I can't plug it completely without locking iOS users out of the website, because Safari doesn't support these new security measures. Fix your shit, Apple!
As for speed, the most obvious choice is a CDN. For those who don't know, that means using someone with tons of servers like Google or Cloudflare to Speedy Gonzales my website across the fiber optic wires and serving it to you using their server that is closest to you, to make it load extremely fast. They accomplish this by keeping copies of my website on all of their servers. In addition to the speed boost, you also get some security benefits. Protection from DDoS and some other attacks. Which is great, except for the fact where I have to trust this company to keep my website on all these different servers. And while I definitely appreciate what Cloudflare does in terms of speed and DNS resolution, they do share user data with advertisers. Which means I can't work with them. Sucks, because they offer a free tier of their CDN service. And when you're a startup nonprofit, you drool at the sound of anything being free.
Anyway, I sort of went off on a tangent there. No, we won't as of yet start using Bunny CDN, but we will, as soon as it becomes financially viable. Yes, it's on THAT list.
A CDN isn't the only way to improve loading speed though. Thanks to some fantastic tools like Google's PageSpeed Insights or GT Metrix, you can get a pretty thorough breakdown of what parts of your website are taking how long to load, with warnings and even scoring based on how many "best practices" you have implemented, that they of course proceed to explain and give you some insight on how to fix.
As a result, I'm proud to announce that both the main site as well as the Blog are now more than 3x faster. In fact, the Blog is getting a 100% score on PageSpeed Insights, which is fucking insane. That's probably because the blog is based on an open-source platform designed to facilitate creation, so it gives me full control. As opposed to the main site which is a LOT more complex and difficult to make changes to. Nevertheless, I managed to bring up the main site's score from 15% to 68%, which isn't really impressive at all until you realize how bad it was before.
Honestly though, screw PageSpeed Insight. For me, real world loading times have improved significantly. It used to take 7-8 seconds for the website to START loading, and it didn't fully load until 15-20 seconds. Now, it's all done in 7 seconds. And mind you I'm currently physically far from the server, so those who are in North America should get even better speeds. My site monitor now reports that it takes half a second to load the Blog and 1.5 seconds to load the main page. Now I can't personally vouch for these claims, but the blog does fully load for me in under 2 seconds, which is still stupid fast. I hit refresh and it never even loads. It blinks.
Hopefully I can bring the same kind of speed to the main website, WITHOUT selling my soul or your data to Cloudfare or any other big tech companies.