With Black Friday, Cyber Monday (BFCM) and the Christmas season fast approaching, it’s important to make sure your website is ready.
How can you ensure your website is set up to cope with increasing levels of traffic so you can make the most out of the festive period?
Performance & scalability
You need to ensure that your website is actually capable of handling the traffic you’re anticipating. The last thing you need is downtime at the busiest time of the year.
But you only have a few weeks until the busy season, so rather than suggesting re-platforming to something more scalable, I’ll focus on the quick wins for your existing site.
First things first, stress test your current systems. Know where the breaking points and bottlenecks are.
There are lots of tools out there to do this, so make sure whichever tool you use mimics browser usage, and doesn’t just send empty HTTP requests to your server. You’ll likely uncover various choking points, and your dev team might be able to optimise a few queries to help improve that ceiling.
Make sure you don’t just stress test the home page either. Take your most popular categories and products, along with the cart and checkout.
Cache what you can
Queries to your database or third-party APIs are almost always the bottleneck, so cache everything you can. If you’re able to cache data either on the filesystem or in a key-value store like Redis, then do so.
Careful of third-party scripts
Your server infrastructure being able to respond to requests in a timely manner is one thing. But if the response results in a slow user experience because of lots of loading third party scripts, then you’re probably going to lose out on a lot of potential revenue.
Whenever we build a website for a client we make sure it scores exceptionally well in Lighthouse. But the reality of it is that any e-commerce site needs third party scripts in place for tracking analytics, ad spend and conversions at a very minimum. These third parties massively (negatively) impact your end user’s experience by slowing things down.
There are solutions, some of which are fairly straightforward to implement. We’re a big fan of Cloudflare, which is a proxy that sits between your website and the internet. It does a bunch of things related to security and speed, and it’s usually one of the first things we recommend clients implement if they don’t have it already in place (it’s also free, which is a bonus).
Cloudflare has a product called Zaraz (which has a free tier, but does attract a small cost as you scale). It’s a lot like Google Tag Manager (GTM), except rather than running your third party scripts in the browser like normal, it instead offloads them to its ‘edge network’. It basically takes all your third-party scripts and loads them somewhere else, speeding everything up.
Zaraz can be straightforward to implement, but only if you are using scripts from its supported library, or if you have a straightforward setup. There’s quite a lot to Zaraz beyond script loading, so check out this comparison between Zaraz and GTM for more information.
User experience and conversion rate optimisation
With a big increase in traffic looming, even the smallest of positive changes can have a potentially large impact on the bottom line. The three areas most likely to have an impact are…
Especially around product categorisation and filtering. Intuitive filtering and categories for finding products is difficult to get right, and there’s no one-size-fits-all solution. Anything you can do to make the list a little easier will make finding products easier, and result in extra sales.
It’s not just from a technical point-of-view that you should consider mobile before larger screen resolutions. You also need to consider it when you’re building out pages on your site in your e-commerce platform or CMS. People digest content in a certain way, and anything you can do to make the layouts of your pages more comfortable on a mobile is likely to lead to an uplift in conversions.
Now is the time to review your checkout and see if there are any minor adjustments you can make. Anything from reordering shipping options and extra help text on certain fields improves your checkout experience.
Security and trustworthiness
You should have proper data security and protection in place. If you don’t, then this should be priority one.
It’s also important to ensure your level of Payment Card Industry Data Security Standard (PCI DSS) compliance is valid and in line with the amount you’re expected to transact. Those levels are:
• Level 1: Merchants that process over 6 million card transactions annually.
• Level 2: Merchants that process 1 to 6 million transactions annually.
• Level 3: Merchants that process 20,000 to 1 million transactions annually.
• Level 4: Merchants that process fewer than 20,000 transactions annually.
Different levels have different requirements in order to pass, with some levels requiring network scans to be carried out and even audits by accredited third-parties. It’s important to ensure you’re covered, and if your number of transactions is going to exceed the next level then you should be prepared.
Practice good infosec
Much of PCI DSS compliance revolves around good information security. There are some basic things you can do in the run up to the busy period to keep everything running smoothly, such as:
• Remove any admin users from your e-commerce store that no longer require access.
• Change your admin’s passwords to something challenging.
• Implement policies around frequent password rotations with staff, and ensure they can’t use easy-to-guess passwords.
• Ensure all API keys and integrations are up to date.
• Cycle API keys in your app (generate a new one and re-add it).
• Ensure your store’s apps, plugins and software are all up to date.
• Give staff a brief refresher on social engineering techniques that can be used for attackers to get access to accounts (for example, someone calling customer services and pretending to be someone they aren’t, in the hopes you’ll give them a new password over the phone).
Show off your credentials
Trust signals are a great way to instil confidence into your visitors. If you’re PCI DSS compliant, show off the badge. If you’re using certain payment gateways that are known and trusted, then let your customers know.
Doing so should be a quick job, and if you’re a brand that a customer has never ordered from, it could make the difference between a sale and a bounce.
Collect what you can
You’re about to get a lot of visitors to your store. Some will be return customers, some brand new customers, some from channels you may have never even seen before.
It’s important you have the tools in place to understand this data. Come January, you may want to know certain pieces of information, but if you don’t have the tools in place to collect it now then it will be lost forever.
How you do this really depends on what your setup is currently. It may be as simple as adding some additional events into Google Analytics 4 (GA4), or even adding a “How did you hear about us?” question to the checkout for new customers. The important thing is that you’re thinking about it now.
We often go through an auditing process with clients to ensure we’re collecting what we need in order to report on what’s important (it’s worth noting that we also do the opposite and remove certain events from being tracked, as it’s important to only track what you need). These audits result in a spreadsheet of events that need to be recorded, and may require input from a dev team to implement in some circumstances, so it’s important to get moving on it now.
The festive period is just around the corner, so now really is the time to make sure your online store is prepared for demand. The above steps are all relatively quick wins that could help your brand thrive over the coming months and beyond, so harness them now to stay ahead of the game.
Mike Griffiths is MD of Reckless