Log UI Errors
JavaScript allows exceptions to be caught and it's feasible to send them to an error logging service via ajax requests. Otherwise it's difficult to intercept UI errors on web environments.
Interchangeable data layer
The data layer should be detachable and exchangeable with another data layer which conforms contracts.
Automate deployment process
Deployment process should be automated and project files for production environment should be generated by a deployment server and be deployed automatically without human touch.
A version control system keeps the history of all the code changes and prevents losing written codes. Also it allows working collaboratively. GitHub is the most popular VCS providers, a free alternative is BitBucket. Microsoft has Team Foundation with extra features for collaboration.
Content Delivery Networks speed up serving your site by serving static files like images, js and css files over the nearest location to the visitor. They also reduce bandwidth costs. CloudFlare is a good example for a CDN.
Minimize all js and css files
Javascript and css files should be both minimized with a compressor like YUI compressor and gzipped when being served. Putting javascript at the end of pages is also good.
Log slow loading pages
A web application should serve super-fast. A system to analyze slow pages is mandatory to identify slow pages. Pages that work fast enough may take long time to get loaded for specific users according to the data.
Isolate critical information in the DB
Database user should be restricted to access critical information, like retrieving user passwords even if they are hashed, or retrieving all of the user email addresses. Stored Procedures or Views should be used for validation purposes and for customized data.
Protect from Remote Code Execution
Remote Code execution allows attackers to execute code when the application relies on weak code inclusions.
Flood and spam protection
Flood and spam are possible even from authenticated users. Always track the last X operations of users with their times to prevent making too many requests.
Hash passwords with unique salts
All user passwords should be hashed with a salt and salts should be unique for each user. People tend to use same passwords in different services and it's application's responsibility to protect users' passwords.
Save every data you can
Every data, every request and event should be saved in a Big Data storage. Those data will become valuable in the future and data mining techniques will reveal useful reports
Observe users to find out intentions
Finding the reasons of why users use or not use your application is important to plan ahead.
Allows users to get flexible analysis reports
Data analysis is very critical in these times. Analysis reports reveals where and how should the business must be headed. A good web application does not just assist the users, but also generates reports according to user's desire.
Distribute requests and go for 100% uptime
Instead of getting connections directly to application servers, try to add a reverse proxy to forward requests internally. This allows operational servers to continue serving while some of the servers are down.
Backup data automatically
The data should be backed up automatically, every day at least and furthermore backups should reside on distinct stores then application servers, even in distinct data centers to prevent any catastrophic failure.
Minimize page changes
Page changes are slow compared to ajax requests and also causes users to get lost across pages. Single Page Apps (like Gmail) have high usability experience, but development is more difficult and bugs may easily occur. If there are enough resources (i.e. manpower) then go for a single page app, otherwise use ajax abundantly.
Turn off verbose errors in production
Verbose error pages output any information related to the error, which every developer needs. In the production environment that should be turned off while the application is still able to continue logging the problems.
Simplistic user interfaces
The age of "learning how to use programs" is over and the applications should be easy enough to be used until the user gets familiar with it. Advanced operations may be revealed after user gets familiar. Complex interfaces scare off the users.
Global search system
The tendency to search has been increased over the years. Google search, Facebook search, Twitter search... all major giants have one global search system which can be filtered after search results are served. Let your users have the same functionality that they used to.
Referral system
Referring is one of the oldest and most effective conversion techniques to obtain new users. A successful referral system awards the referrer and also attracts new users with offers.
Support system
Users will have problems always, any application needs a support system. Lack of a support system will scare off users. Some external support solutions: ZenDesk, Desk, Freshdesk, Zoho Support, etc...
Notifications and scheduled emailing
Converting users back to the application is very important. It's not likely that the users will remember the application frequently and come back. A scheduled emailing combined with notification system keeps users converted. Don't forget to allow users to manage email notification preferences, otherwise it's spam.
Research users' desire to use your product
No software product starts off by knowing where they will land. Analysis reports always guide the developers and managers along the way. Always try to understand the desire of your customers by analyzing which parts of the application users use commonly.
Follow your competitors
No product is original 100%. One company develops, the other improves, first one improves again; this is the circle of development in every industry. Every product has competitors.

Video Courses

I, Ata Sasmaz publish free online advanced-level software engineering videos on Devsity. You might be interest, just FYI.

Ata Sasmaz

Web Application Architect

Contact me for consultation.

Please share!

Share by Email