The second instalment of our ‘how-to’ series deals with the different types of testing we perform here at Just After Midnight, to ensure our clients’ sites are ready for anything.
We often hear of websites crashing or becoming extremely slow as thousands of people try to access them at the same time. A good recent example of this was when thousands of people tried to access the UK parliament website to sign the petition to remain in the EU.
Even though some circumstances can’t be predicted, it is essential to form a basic understanding of what your website and application are likely to expect in terms of traffic, what spikes it is likely to reach and make sure you are as prepared as possible for every scenario.
With the aim of helping you through what can be a minefield of testing options, we’ve created the essential guide to testing for performance. How will your site hold up? Time to find out.
Load testing
The best place to start is with a load test. Load testing is used to determine a site’s performance under normal traffic expectations based on previous analytics.
The first step to load testing is to identify one or two key user journeys; for example, if your website’s core objective is to generate leads you may test the journey that takes the users from the homepage to the services page, to the contact us page. Following that you will need to use your analytics data, to estimate a realistic number of concurrent users (the number of simultaneous users making a request on your website). For a true representative test, you will also need to ensure that you are testing to a complex enough scenario that stretches the website/application and environment to a realistic level of complexity and capability.
The journey and number of concurrent users are essential for load testing and we use this to measure how effectively the journeys are running for the users. The load test can simulate multiple users accessing the website concurrently, based on the numbers identified. The tool JAM uses to conduct load tests can also select where the traffic comes from. So if your business is likely to get traffic from both the EU and the US, we are able to replicate that to ensure the testing results are reflective of reality.
When the load test is complete, you should expect a report to be created that details the results of each journey, including how long pages took to load, and any errors that occurred in the process. At JAM we work with our clients to analyse the metrics, go through the report in detail, and discuss our recommended actions for optimisation.
Errors can be caused by multiple reasons, but if your report shows significant errors we are likely to recommend improving your server set-up:
- If your website struggled to cope during periods of peak traffic, you may need to add extra servers. Alternatively, you could increase the size of the server/s.
- High CPU suggests that the server couldn’t cope with the traffic. A load balancer can be introduced to control traffic flow to sites, taking pressure off of the servers.
- If altering the servers is not an option, you could ‘tweak’ the overall system by adding a CDN (content delivery network).
Stress testing
If you think your site is likely to experience regular traffic spikes, you will want to carry out a stress test. Stress testing is similar to load testing, but instead, this focuses on measuring how the site will handle peak traffic conditions. You will need to estimate the highest number of concurrent users that could visit the site at one time, to see how the site will cope with the increased amounts of traffic.
It is inevitable that the site will only be able to cope with a certain number of users – if you continue to increase the number of users it will eventually be brought down. Stress testing should ensure that the site can cope even with the maximum amount of visitors you expect to have on the site at one time.
You might find that scaling is the best option for optimising your site if you experience significant peaks of traffic at certain times. Scaling means changing the properties of your servers so that they can cope with a growing amount of work, usually by adding resources.
There are a few different options for scaling:
- Vertical scaling is adding more resources to the same server
- Horizontal scaling is adding more servers to separate the load
- Scaling can be done manually by a member of your technical team, agreed at a certain time
- Scaling can also be automated so that you don’t need a physical team member to carry it out at certain times
Talking to an expert at JAM will help you map out a scaling strategy and support plan for your platform.
Penetration testing
If security vulnerabilities are a concern (which they are for almost everyone), penetration testing can be done to test whether the site is open to potential attacks. During a penetration test the website is tested for the most common vulnerabilities such as issues in code, hardware or software problems and any system or configuration weaknesses.
Once any weaknesses have been identified, extra security precautions can be added. You may need to update your SSL certificate, as an old or weak one will be a serious threat to the health of your site. You might alternatively find that patching is required to ensure no vulnerabilities are exposed. Whatever it is, we will be able to advise you on how best to implement these necessary security fixes.
Optimisation
Once all the optimisation recommendations are implemented we recommend repeating the tests to ensure the results improve and continue refining till you find that sweet spot that works for your needs.
If you are looking for some help with your testing strategy and implementation speak to us and we can help ensure that your set-up can deal with traffic as efficiently as possible. Here at JAM we’ve helped many of our clients, including Volvo and Abbott with testing, ensuring their websites are equipped to handle peak traffic.