Category Archives: Web Design Miami

Websites (Like Ours) Leveraging Cloudflare CDN Just Got A Boost From HTTP/2!

HTTP/2 Cloudflare SPDY

After more than 15 years, the Hypertext Transfer Protocol (HTTP) has received a long-overdue upgrade. In February 2015, the IETF HTTP Working Group approved HTTP/2 and its associated HPACK specifications. HTTP/2 is based on the SPDY protocol, which was first announced in November 2009 as an internal Góógle project to increase the speed of the web. And while still supporting SPDY, on 3 December 2015 Cloudflare introduced HTTP/2 support for all customers using SSL/TLS connections.

The main focus of both SPDY and HTTP/2 is performance, especially reducing latency as perceived by the end-user while using a browser, with a secondary focus on network and server resource usage. One major benefit of HTTP/2 is its ability to multiplex a single TCP connection from a browser to a website, or in the case of CloudFlare, a reverse proxy

HTTP/2 vs HTTP 1.1

Although HTTP/2 is based on SPDY, it has evolved and incorporated several improvements in the process. Nevertheless, it maintains many SPDY benefits:

  • Multiplexing and concurrency: Several requests can be sent over the same TCP connection, and responses can be received out of order, eliminating the need for multiple connections between the client and the server and reducing head-of-line blocking.
  • Stream dependencies: The client can indicate to the server which resources are more important than others.
  • Header compression: HTTP header size is reduced.
  • Server push: The server can send resources the client has not yet requested.

While the HTTP/2 specification does not require TLS, all major browser vendors have indicated that they will only support HTTP/2 over a TLS (“https://”) connection. And when HTTP/2 is active, you will see a blue lightning bolt icon near the right end of the web page address bar in Firefox or Chrome browsers.

So far, worldwide less than 3% of all website have been upgraded for HTTP/2. But that percentage is increasing daily. You can follow the development and rollout of HTTP/2 at the IETF HTTP Working Group HTTP/2 website or on Twitter @HTTP_2.

P.S. As a nose-thumb to the NSA, HTTP/2 opens every new connection it makes with the word “PRISM“.

Verizon PermaCookies Cannot Penetrate ssRwd™ HSTS Security

Verizon PermaCookies Cannot Penetrate ssRwd™ HSTS Security

Some say the deadly Ebola virus is unstoppable and the privacy-killing UID your ISP may be injecting into your web traffic is unblockable but a Miami web development firm just verified its antidote for one of them.

South Florida-based HTML5/CSS3 mobile web app, secure eCommerce/WordPress website design and jQuery/PHP web development firm WebFL.US recently validated and today announced that business website owners interested in protecting their site visitors from privacy invasion and their customer information exchanges and transactions from unauthorized snooping, personal/financial information collection and smartphone/online activity tracking can rely on their trademarked speedy secure responsive web design methodology ssRwd™ to permanently prevent the permacookies and undo the unoptoutability of the unique identifiers that might be injected into their HTTP headers by Verizon, ATT/AT&T and other Internet service providers large and small.

Earlier this week Wired.com disclosed that “Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.” Soon after Forbes.com revealed that ATT/AT&T and other ISPs are engaging in similar activities, quoting security consultant Kenn White as saying: “In AT&T’s case, the code has four parts; only one part changes… It’s like if you were identified by a birth month, a birth year, a birth day, and a zip code, and they remove one of those things… You’d still be able to reasonably track that person with the other three.”

Using those Unique Identifier Headers (UIDHs), ISPs are able to track and collect detailed information on the mobile, tablet, notebook and desktop online activities of their customers which they can sell to advertisers – or possibly serve up without warrant to government agencies. And with these UIDH “permacookies” Verizon, ATT/AT&T and others can accomplish that even if their Internet access subscribers set their web browsers to block all cookies, even if they opt for private browser sessions, even if they opt-in for “Do Not Track”, and even after they log into their accounts and opt-out of all so-called “relevant advertising” programs. To find out if your ISP is using universal identifiers (UIDs) to track you right now, for example, you can click or tap here:

Is your ISP tracking you?

Like most web pages – and websites pasted into native app wrappers so they can be called “mobile apps” – this test page is being served up unencrypted using standard Hypertext Transfer Protocol (HTTP|RFC 2616). And because the transmission is unencrypted, it is vulnerable to ISP UID(H) injections – as well as a host of other potential privacy invasions, malware insertions and hacker attacks. If instead it had been encrypted and transmitted via Hypertext Transfer Protocol Secure (HTTPS|RFC 2818), the ISP header injection scheme would be defeated because UID permacookies cannot pass through the HTTPS transport layer security envelope.

The ssRwd speedy secure responsive web design and web development methodology offered by WebFL.US delivers transfer protocol security in its most impregnable form which is HTTPS Strict Transport Security or HSTS. HSTS not only shields website visitors and mobile app users from unwanted ISP injections, unappreciated malware insertions, unwarranted government surveillance and unrelenting hacker attacks but also enables SPDY, an open network protocol built on HTTPS which can significantly speed up page content delivery and thereby measurably reduce session as well as shopping cart abandonment. Along with speed and security, ssRwd serves up web pages in a fluid, flexible, mobile-friendly responsive web design format that assures proper presentation and optimal user experience cross-browser and multi-platform from the smallest smartphone screen to the largest desktop monitor.

Every visitor to a website designed and developed with ssRwd by WebFL.US is vaccinated against UID permacookie injections for the length of their session. That’s because on delivery every web page on a WebFL.US ssRwd website passes 15 objective tests of speedy secure responsive web design. How does your website measure up? To find out, you can click or tap here:

Do you have a speedy secure responsive web design?

Secure Web Design Miami: DrBesen.com Taps ssRwd to Explain Weight Loss

Web Design Miami: DrBesen.com Taps ssRwd to Show Genetics Key to Weight Loss

South Florida weight loss physician Robert Besen MD knows ssRwd™ is the place to be. His new website leverages speedy secure responsive web design to explain why genes may be the reason your jeans are getting too tight.

According to the Centers for Disease Control and Prevention (CDC) almost 70% of American adults are either overweight or obese as are 1 in 5 American children. The who’s-to-blame train makes stops all along the food production and consumption lines, but according to his recently-launched website DrBesen.com Miami’s weight loss doctor Robert Besen (aka “Dr. B”) thinks the real culprit is our chromosomes.

“It’s not your fault you’ve gained weight,” Dr. B advises. “The genetics that control our metabolism and eating habits we inherit from the days when Primitive Man spent most of his waking hours either hunting for something to eat or avoiding being eaten. Our modern lifestyle is much more stable and sedentary, but ancient survival urges still drive us to seek and store life-preserving calories in the form of body fat. To control your weight you must control those urges, and at the Dr. B Clinic in Aventura we provide our South Florida patients with the tools and treatment regimen to do that – to lose weight and keep the weight off.”

That physician-supervised medical weight loss program begins with a free initial consultation that can be scheduled by phone or using the Appointment Request form found on every web page of DrBesen.com. Like every other aspect of Dr. B’s new website, this form is mobile-friendly, fast-loading and fully-secure. That’s because every page on this site passes the 15 tests of World Wide Web Consortium (W3C) industry standards compliance, page speed optimization, encryption security validation and quality assurance verification required to be designated as “ssRwd“.

The acronym ssRwd is short for “speedy secure responsive web design“. It is a trademarked web design and development technology of Miami web designer WebFL.US that can be followed on Twitter via the #ssRwd hashtag. It melds mobile-friendly responsive web design with HTTPS Strict Transport Security (HSTS encryption) and the SPDY (pronounced SPEED-e) open network transport protocol to provide residents of the South Florida counties of Broward and Miami-Dade with fast, flexible and secure access to the valuable information about weight loss, hunger suppression and appetite control Dr. Besen (pronounced BESS-en) offers at DrBesen.com.

“I consider ssRwd from WebFL.US to be as uniquely potent as our medical weight loss solutions,” Dr. Besen attested. “Patients appreciate the encryption security that protects their information from prying eyes; search engines appreciate that our pages are both semantically- and speed-optimized; and I appreciate that we don’t have to maintain a website plus an iPhone app plus an Android app plus a Windows phone app etc. No matter what devices my patients use to surf the Web, our pages will flex to their format, our forms will be functional and our content fully accessible.”