Resources and Further Reading

There is already a huge community of people on the internet dedicated to making the web better. The below are just some of the resources I think are helpful and will supplement the information on this site and provider further reading, or perhaps another point of view on the subject.

If you are the owner of any of these resources and would prefer them not to be listed then here, then please contact us to have this removed. Also contact us if you have any other resources you think are really useful and should be listed here.

Performance Resources

Websites

• WebPagetest.org - measure your website and see waterfall diagrams to identify bottlenecks on your website.
• SpeedCurve.com - regularly measure your website using WebPagetest-like tools (requires subscription but with 30 day demo).
• Pingdom Website Speed Test - measure your website and see performance improvement suggestions.
• Google PageSpeed Insights - measure your website and see performance improvement suggestions.
• GTmetrix - measure your website and suggest performance improvements using Google PageSpeed Insights and Yslow.
• DareBoost - measure your website and see performance improvement suggestions as well as other improvements.
• stevesouders.com - Steve Sounders is the original performance guru and creator of Yslow, HTTP Archive, and co-creator of SpeedCurve.com.
• calendar.perfplanet.com - a tip per day published each December.
• Ilya Grigorik's Blog - where Ilya blogs on performance issues.

Books

• Designing for Performance by Lara Callender Hogan.Lots of hints and tips on how to create performance websites. Best part is that it's now available online for free!
• Lean Websites by Barbara Bermes. Gives optimisation techniques for writing performant websites
• Web Performance Daybook Volume 2 edited by Stoyan Stefanov. A great collection of blog posts on various performance items
• High Performance Browser Networking by Ilya Grigorik.

Security Resources

Websites

• SSL Labs - the definitive site to test your SSL/TLS configuration.
• Ivan Ristić's blog - where Ivan (of SSL Labs) blogs on TLS issues.
• Scott Helme's Blog - where Scott blogs on security matters and has a number of helpful pages on setting up security matters on your website.
• SecurityHeaders- A tool created by Scott Helme to review and recommend HTTP security headers.
• Report URI - A tool created by Scott Helme to receive CSP and HPKP reports.
• Adam Langley's blog - Google's Adam Langley blogs in depth on security.
• Troy Hunt's blog - where Troy blogs on interesting security issues.
• OWASP - the Open Web Application Security Project which gives information on securing web software.

Books

• Bulletproof SSL and TLS by Ivan Ristić. Everything you ever wanted to know about SSL and TLS from one of the experts in the field.
• Apache Security by Ivan Ristić. - an old book on hardening Apache but still worth a read and can't argue with the price (it's free!).
• ModSecurity Handbook by Ivan Ristić. If you use ModSecurity WAF, then you need to read this book. Simple as that.
• Web application Defender's Cookbook: Battling Hackers and Protecting Users by Ryan C. Barnett, Jeremiah Grossman. In depth look at ModSecurity rules - many of which form the OWASP Core Rule Set.

Usability Resources

Websites

• Google Search Console - renamed from Google Webmaster Tools, this site allows you to track and tune how Google sees your website.
• Google Webmaster Central Blog - the official blog on google crawling and indexing. Lots of tips and announcements for webmasters.
• Bing webmaster tools - this site allows you to track and tune how Microsoft Bing sees your website.
• Google Analytics - an analytics tool to track how your website is used.
• Google's Mobile-Friendly Test - test whether google think's your website is mobile friendly.
• W3C HTML Validator - test the HTML on your website, as bad HTML can lead to inconsistent sites on different browsers.
• W3C CSS Validator - test the CSS on your website, as bad CSS can lead to inconsistent sites on different browsers.
• BrowserStack - your website on a range of different browsers (requires subscription but with free demo).
• WebAIM - test the accessibility of your website.
• Nibbler - test a number of aspects of your website including accessibility, SEO, social media and technology.
• A List Apart - lots of articles from lost of writers on web design and development.

Books

• Don't Make Me Think: A Common Sense Approach to Web Useability by Steve Krug. One of the definitive UX books.
• The Inmates Are Running the Asylum: Why high-tech products drive us crazy by Alan Cooper. A view on why UX is too important to delegate to Software Developers to do in their spare time.

This page was originally created on 03-Aug-2015 and last edited on 28-Jun-2022.