JAMstack for Web Projects

Faster, More Secure and Easier to Administer

In the early 2000s, webservers were developed and optimized in leaps and bounds to deliver HTML pages. These days, this has become a part of the problem. Server-based web technologies are no longer sufficiently performant, they are too complex, too expensive, too high-maintenance and too insecure. Over the past number of years a new, serverless technological approach has become established: JAMstack. This white paper explains why we can expect a lot more from this technology.

15 to 20 years ago, it made sense to locate as much work as possible on the webserver. User terminals were inefficient and at best suitable for displaying static HTML webpages. The server technology was mainly composed of Linux, Apache, MySQL, and PHP (LAMP stack). Not much has changed. When a user calls up a webpage today, the file is processed and displayed in the browser after interaction between the database, the backend code, the server, the browser, and the cache. The server is doing all the work and the user has to wait for the server to finish. There may also be a load balancer involved, which redirects the page requests to one of several webservers.

LAMP technology diagram

An idea from the 90’s: when a user requests a webpage, the file is processed after interaction between the database, back-end code and server and then made available in the browser. However, the structure which was initially very simple has now become very complex due to many new website requirements.

The new challenge for websites

The static HTML pages of the early years have now become dynamic web applications. Instead of simple server infrastructure, a complex network of databases, business services, video and image services, and caching procedures is needed. The more complex this network of procedures is, the more cumbersome the performance becomes. It also means that the maintenance and security effort increases as the areas of interference and those open to attack expand.

Complex business requirements

E-commerce functionalities, mobile applications, product selection configurators, appointment coordination functions, language assistant integration and complete online contracting are all typical requirements today. For this, a large number of different content pools, product information, CRM and ERP systems must be integrated with ever-larger volumes of information. The application logic is integrated into the website and connected to processes in the back office. Subsequent processing steps need to be automated even further.

Performance problems

The performance of the website is critical to the success of the content provided. According to a Google analysis1, 53% of visitors will leave a mobile website if it has not loaded after three seconds. However, 70% of the mobile landing pages analyzed took more than five seconds to display the visual content of the visible part of the webpage. Increasingly complex web applications, however, mean the loading time slows down ever further. While servers in the past only had to generate simple static HTML pages, database queries and various other interfaces are now required and HTML must be created on the fly for each visit. This is a much slower, more complex process than providing static content.

Extensive server infrastructure

As a new page view must be generated and displayed for each new visitor to a page, efficient infrastructure is needed. It must also be powerful enough to perform well even during peak traffic. To ensure web availability, additional redundant servers, databases, and environments for development, testing, and production, etc. are required. This is relatively expensive as it was typically planned well in advance for an estimated peak usage. Additionally, all this equipment must also be administered and maintained.

Vulnerable applications

Traditional web applications are complex and vulnerable as they consist of many server components. Plug-ins from third parties are particularly vulnerable. They are directly connected to the core framework and can thus endanger the entire website. According to a study by WP WhiteSecurity2, over 70% of all WordPress installations on the internet are vulnerable. Frequent security patches (542 patches for WordPress alone in 2018)3 require a considerable administrative effort. Maintenance costs are among the main cost drivers of traditional content management systems.

JAMstack for Web Projects

The JAMstack approach has several key advantages over the traditional server infrastructure. It enables higher performance, improves security, lowers costs, scales more easily, and delivers a better user experience. Download our free white paper to find out more about the revolutionary architecture and learn how Scrivito is using it to make our customers' web projects successful.

Register to download the white paper

required field

Nadav Avital, Imperva, Blog, “The State of Web Application Vulnerabilities in 2018”, January 2019

More great blog posts from Michał Kunysz

  • Diagram showing native CMS cloud solutions like Scrivito have already integrated the CDN

    Particular Challenges for the JAMstack Approach

    The transition from the server-oriented LAMP stack approach to the new JAMstack approach has proven to be a practicable concept. In recent years, a large number of JAMstack web projects have been implemented. The concept applies to smaller websites as well as complex web applications with...

  • Classic, legacy and modern web architecture

    JAMstack Is the New Development Architecture

    The server-based architecture has become too complex

    As websites and web applications get bigger, include more functionality, and become more dynamic, server-based architecture is increasing in complexity. Additionally, security, data and performance requirements lead to further pieces in the architecture puzzle as well as increased maintenance...

  • Modern JAMstack web application architecture vs traditional web architecture

    Zero Hacks

    Win the Update Race Against the Hackers

    As seen in many reports, vulnerabilities in web-based CMS systems are a constant factor. Common CMS security issues are derived from running default installations which are not security-hardened, not regularly updated (often hard to do, given the 542 security exploits WordPress suffered from in...

  • List of seful, customizable widgets Scrivito offers out-of-the-box

    10k+ Audited Frameworks

    Low Code: Avoiding to Reinvent the Wheel

    Security is a challenge Many CMSs, mainly open source, offer hundreds of plug-ins to enhance the functionality of the websites and the CMS. Some are useful, many are not. A certain degree of redundancy exists. They are often created by the community or anonymous third- party companies, which...

  • pyramid hierarchy

    < 10 Min. of Training

    Only by Providing Users with a Great Way to Utilize the CMS, Projects Will Succeed

    User experience is key to success The usability of many traditional CMSs is poor. Some systems are even inoperable from the user's point of view. This starts a downward spiral: the more difficult the use of the CMS, the less it is used - quickly leading to outdated content on the websites....

  • 99.95 % + Uptime

    No Breaks in Content Delivery.

    Non-stop availability Running a traditional content management system comes with system administration jobs that might affect the availability of service: installing CMS patches and avoiding breaking plug-in dependencies while doing so, updating staging and production systems, CMS and...

  • 100 % Cloud

    Only the True Cloud Offers Real Benefits

    Full-stack, cloud-native architecture Current CMS set-ups require a lot of IT infrastructure. In addition to the CMS and the operating system itself, databases, servers, load balancers, monitoring/backup systems, and search engines are needed. The production environment includes development and...

  • CMS-Projekte erfolgreich aufsetzen

    Status Quo - The Role of the CMS is Changing 

    Limitations of current CMS systems The web has constantly changed and improved since Sir Tim Berners-Lee invented it in 1989. Unfortunately, the technology behind it has not. Web pages still load too slowly, responsiveness sometimes is just a promise, and weak security remains an ongoing issue....

  • JAMstack, full of jam

    Everyone’s Talking About JAMstack, But What Does it Mean?

    You’ve probably heard a lot about JAMstack recently as it is one of web development’s great buzzwords in 2019. And you maybe don’t know that our enterprise CMS Scrivito is based on this architecture. So what exactly is JAMstack? According to jamstack.org JAMstack is “a modern web development...