Jamstack White Paper cover

Jamstack for Web Projects

Faster, More Secure and Easier to Administer

In the early 2000s, web servers were developed and optimized in leaps and bounds to deliver HTML pages. These days, this has become a part of the problem. Server-based web technologies are no longer sufficiently performant, they are too complex, too expensive, too high-maintenance and too insecure. Over the past number of years a new, serverless technological approach has become established: Jamstack. This whitepaper explains why we can expect a lot more from this technology.

15 to 20 years ago, it made sense to locate as much work as possible on the webserver. User terminals were inefficient and at best suitable for displaying static HTML webpages. The server technology was mainly composed of Linux, Apache, MySQL, and PHP (LAMP stack). Not much has changed. When a user calls up a web page today, the file is processed and displayed in the browser after interaction between the database, the backend code, the server, the browser, and the cache. The server is doing all the work and the user has to wait for the server to finish. There may also be a load balancer involved, which redirects the page requests to one of several web servers.

LAMP architecture

An idea from the 90’s: when a user requests a web page, the file is processed after interaction between the database, back-end code and server and then made available in the browser. However, the structure which was initially very simple has now become very complex due to many new website requirements

The New Challenge for Websites

The static HTML pages of the early years have now become dynamic web applications. Instead of simple server infrastructure, a complex network of databases, business services, video and image services, and caching procedures is needed. The more complex this network of procedures is, the more cumbersome the performance becomes. It also means that the maintenance and security effort increases as the areas of interference and those open to attack expand.

Complex Business Requirements

E-commerce functionalities, mobile applications, product selection configurators, appointment coordination functions, language assistant integration and complete online contracting are all typical requirements today. For this, a large number of different content pools, product information, CRM and ERP systems must be integrated with ever-larger volumes of information. The application logic is integrated into the website and connected to processes in the back office. Subsequent processing steps need to be automated even further.

Performance Problems

The performance of the website is critical to the success of the content provided. According to a Google analysis1, 53% of visitors will leave a mobile website if it has not loaded after three seconds. However, 70% of the mobile landing pages analyzed took more than five seconds to display the visual content of the visible part of the webpage. Increasingly complex web applications, however, mean the loading time slows down ever further. While servers in the past only had to generate simple static HTML pages, database queries and various other interfaces are now required and HTML must be created on the fly for each visit. This is a much slower, more complex process than providing static content.

Extensive Server Infrastructure

As a new page view must be generated and displayed for each new visitor to a page, efficient infrastructure is needed. It must also be powerful enough to perform well even during peak traffic. To ensure web availability, additional redundant servers, databases, and environments for development, testing, and production, etc. are required. This is relatively expensive as it was typically planned well in advance for an estimated peak usage. Additionally, all this equipment must also be administered and maintained.

Vulnerable Applications

Traditional web applications are complex and vulnerable as they consist of many server components. Plug-ins from third parties are particularly vulnerable. They are directly connected to the core framework and can thus endanger the entire website. According to a study by WP WhiteSecurity2, over 70% of all WordPress installations on the internet are vulnerable. Frequent security patches (542 patches for WordPress alone in 2018)3 require a considerable administrative effort. Maintenance costs are among the main cost drivers of traditional content management systems.

"Jamstack for Web Projects" - White Paper

The Jamstack approach has several key advantages over the traditional server infrastructure. It enables higher performance, improves security, lowers costs, scales more easily, and delivers a better user experience.