The 2016 election season is in full swing, and there are four main candidates for the office of the President of the United States. Hillary Clinton, Donald Trump, Gary Johnson and Jill Stein are all vying to become the CEO of our country. Of course, each of these candidates has a website, one of the primary communications vehicles for their campaigns. Like any business, these candidates use these websites to market a product (in this case, themselves) and generate revenue (in this case, donations).
How are these websites performing, and is there anything businesses can learn from them for their own websites? As the founder of a website analysis agency, I thought it would be interesting to perform an objective analysis of each campaign website to highlight some problems we frequently see in business websites. Here are the results…
Standard for Page Speed
Hillaryclinton.com met our standard for page speed, but it could have performed better. The website doesn’t use caching and some expire headers are set to 5 minutes which can cause unnecessary requests to the website. Browser caching and expire headers are used to reduce the number of HTTP requests to the main servers, which improves the performance for returning visitors. From a user experience perspective, the landing page has a popover that requires user interaction before the main page can be accessed. The primary job of any website it to disseminate information. You shouldn’t make visitors wait needlessly or jump through hoops to get what they want. If you optimize the user experience, your website will deliver optimal results. Also, we couldn’t find a sitemap file which provides search engines with the structure and importance of your website.
Spanish Language Translation
DonaldJTrump.com and JohnsonWeld.com do not appear to have a Spanish language translation. According to a recent Pew Research Center report, there are more than 27 million eligible Spanish-speaking voters in the U.S. Every campaign and every business should cast a wide net, and their websites should be designed to reach the largest audience possible. Identifying different ethnic groups that can buy your product, and providing the appropriate language support for these groups is a relatively easy with the right content management system in place.
Both DonaldJTrump.com and JohnsonWeld.com did not meet our standard for page speed. There are contributing factors on DonaldJTrump.com such as the number of requests on the home page (which were measured at 140). That is over twice the next lowest score in our tests. His site also has 38 DNS lookups, which speaks to the complexity of his setup. Pre-loading these DNS lookups or reducing the number of lookups could help.
JohnsonWeld.com’s popularity is up 700,000% in the last 3 months. In spite of their top marks in search engine optimization – which should do a good job getting people to their site – their website performed poorly from a page speed perspective. Page speed can be dramatically affected by spikes in traffic. Maybe the team did not anticipate the increased interest? Marketing and IT departments need to work closely together to anticipate and manage spikes in web traffic so that the marketing dollars to generate traffic are not wasted by poor on-site experiences. This issue is not confined to small and midsized organizations either. We have heard of many instances of Super Bowl ads causing website slowdowns and crashes for companies that didn’t accurately anticipate the sudden rush of visitors. With proper preparation and architecture, this can be easily avoided.
Jill2016.com introduces some security concerns. For example, it does not use SSL on the main site. SSL is a standard technology for sending data on the Internet in a secure fashion. So, when supporters enter their information, their data isn’t being protected during transit. You have to protect your visitors. If they give you information in good faith, you must provide the proper protections along the way. The implementation of a third party solution for capturing leads also caused her site to report as unsafe due to phishing on some of our tools. Phishing is a common way for malicious sites to steal your personal information. Some users may receive this warning when visiting her site, even though it is a false positive from our perspective.
Jill2016.com also performed the worst in our Page Speed tests. This appears mostly due to her campaign’s use of large images on the home page. Using unnecessarily large images or even background videos on their home pages is a very common mistake with website developers. According to Akamai, the average website has 60 images and 63% of the page weight comes from these images. Jill Stein’s website is below average in this regard as 76% reduction could be attained on the home page by optimizing 5 images. Sometimes developers create these pages in fast local environments, but they are eventually viewed on desktop or mobile devices over networks, often with poor connections. It is important to provide visitors with a dynamic, image rich experience, but this needs to be done in a responsible manner. Be sure to optimize image size and resolution to deliver the highest quality image at the smallest file size for best performance.
These examples illustrate the importance of website analysis. With the proper tools and expertise, these campaigns can identify and address all of these performance, security and marketing concerns, and provide their supporters with a safe, secure and efficient website experience.
Note: This analysis was performed during mid-September 2016 for a subset of pages on each candidate’s web site. No destructive testing occurred.
We’ve heard a lot about digital transformation. While that term is thrown around a lot, there are a few focused perspectives I like to consider when addressing a topic as broad and diverse as digital transformation.
The target release date for WordPress 4.7 is December 6, 2016. If upgrades are being put into place as they should, the platform will no longer handle image ALT attribute values the same way. As you probably know, even though it is a best practice, websites may not...
Saying that you think about web application security is not the same as actually doing web application security. Application security is tough and will likely continue to be until we have artificial intelligence guarding us (unless another, better AI is attacking?). For now, we need to think about security frameworks and execute against those frameworks to minimize the area available to attackers.