I'm getting a lot of 'F' scores now that Webpagetest.org has updated. Is important or not?
 by Kristi Hagen

I'm getting a lot of 'F' scores on Webpagetest.org, important or not?

  • I've noticed that Webpagetest.org is now measuring security score and using it as one of its metrics. And I'm noticing that the test result always seems to be bright RED.

    To make sure, I checked several websites, including yours, and the result is consistently a large F in red. The problem is, it doesn't look nice to my customers, especially when all the other results appear in green.

    So, I'm wondering, is it really important to solve the JavaScript Libraries with vulnerabilities "problem" or is this something I just have to learn to live with?

Answer:

We share your frustration about that test being added to a speed measurement tool. And we've been down a similar path on a couple sites where we "fixed" the security issues, which then broke the site's eCommerce systems.

Our advice is to take your time. Tell your clients 'you're working on that but you have to be careful with making changes because the changes might break something else on the site.'

For example, take WordPress. Best we can tell, it's using version 1.12.4 of jquery, which will score an F on this test, and the latest version of jquery is 3.4.0.

This is one of the files distributed with WordPress. That means that if you manually update the file to improve your score, the next WordPress update will wipe out the file and revert it back to whatever version WordPress is using.

However, you can do some things, like enable HSTS – the control panel on your host may give you that option. Or you could manually add it using htaccess if you're on Apache.

In our case, fixing Content Security Policy (CSP) consistently broke the sites we are working with. So, if you're going to work on fixing that then address just one issue at a time and then fully test to make sure you haven't broken anything.

In regard to the WordPress default libraries such as jquery, we're hoping they'll soon start using a newer version and solve the problem. Until that happens, we don't have any good solutions. S...

Already a member? Sign in here

Read the rest of this article,
and get all this for only $1.

  • The Search Engine Strategies Updates for November 2020
  • SEN's Monthly Marketing Podcast for Strategies on the Go
  • Ultimate Guide to Avoiding Google Penalties
  • The Complete Site Audit Checklist
  • The Definitive Local Search Audit Checklist
  • 100's of Strategic SEO Articles and Q&As
  • The Internet Marketing Glossary
  • The Pro SEO's Local Search Directory List
  • 2019 Unfair Advantage SEO Beginner's Book
  • Pro's Ultimate WordPress Plugin Guide
  • The Vault: SEN's Internet Marketing Research Libraries
  • PLUS, as a Full SEN Basic Member, you'll be eligible for hundreds of dollars of discounts on SEO courses ranging from beginner to master on a variety of topics including organic search, local search, and social networking.

  • Your $1 Trial is good for 7 days at which time your card will be charged $29/mo unless you cancel before December 4th, 2020

 This form is encrypted for your security