Jupiter is a University of Alberta Libraries-based initiative to create a sustainable and extensible digital asset management system. This is phase 2 (Digitization).
We are not setting Cache-Control HTTP header on static assets, something like:
cache-control: public, s-maxage=31536000, maxage=31536000 etc
A long cache lifetime can speed up repeat visits to your page!
We should be serving with compression (gzip/deflate/etc) to reduce network bytes
(this can be done via rails using config.middleware.insert_after ActionDispatch::Static, Rack::Deflater but this should be done in apache etc, as rails doesn't server our static assets)
We give away to much information regarding our server, should reduce the amount of information we reveal here as this makes it significantly harder to identify underyling frameworks and what versions things are running on. Currently in ERA you see things like this:
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.2.3
or
X-Powered-By: Phusion Passenger 5.2.3
We are not setting Cache-Control HTTP header on static assets, something like:
cache-control: public, s-maxage=31536000, maxage=31536000
etc A long cache lifetime can speed up repeat visits to your page!More info here: https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/http-caching#cache-control
We should be serving with compression (gzip/deflate/etc) to reduce network bytes (this can be done via rails using
config.middleware.insert_after ActionDispatch::Static, Rack::Deflater
but this should be done in apache etc, as rails doesn't server our static assets)More info here: https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/optimize-encoding-and-transfer
We give away to much information regarding our server, should reduce the amount of information we reveal here as this makes it significantly harder to identify underyling frameworks and what versions things are running on. Currently in ERA you see things like this:
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.2.3
orX-Powered-By: Phusion Passenger 5.2.3