How to analyze website security and performance issues

How to analyze website security and performance issues

Last updated: November 2, 2017 

From the team that brought the world Microsoft Edge comes a new open-source linting and scanning tool. The free tool, called Sonar, helps web developers identify and analyze website security and performance issues. In doing so, developers are better able to write the best code possible and work toward ridding the web of bad practices. The linting tool is available as an online service and as a command line tool. The online service is in preview so it may yield intermittent issues and unexpected results.

In June 2017, the JS Foundation announced they received Sonar as a donation from Microsoft. Microsoft donated Sonar to the JS Foundation because “a tool meant to serve the entire web should be built in an openly governed and neutral home,” according to the announcement. Sonar is now ready for use. The online scanner uses a pre-determined set of rules, but a future rendition will allow users to select the rules they want.

Analyze your website now

To get started with Sonar, input the URL of the website you want to analyze. Click the Run Scan button to begin the scanning process.

analyze website security and performance issues

As the analysis begins, Sonar provides a convenient permalink that makes sharing the results easy. The tool also displays a status (Analyzing, Finished), a timer, and the total number of warnings and errors located by the scan.

analyze website security and performance issues

Sonar scans a website using five rule categories: Accessibility, Interoperability, Performance, Progressive Web Apps (PWA) and Security. The tool displays the accumulated number of errors and warnings for each rule if any.



analyze website security and performance issues

Once Sonar finishes its website analysis, details display for each error and warning. Click the Open Details button to expand and review the details of what specifically produced the warning. Also provided is a Sonar Documentation button that links to information explaining the importance of the warning, and what triggered it.

analyze website security and performance issues

Sonar’s online service is deployed on top of Azure. It can scan any publicly accessible website. According to Antón Molleda, a Microsoft Edge Senior Program Manager, Sonar as it stands today is only the beginning. A plug-in for Visual Studio Code, configuration options for the online service, and new rules for a variety of areas are all coming to a future Sonar version.

Thank you for visiting Tech Help Knowledgebase to learn how to analyze website security and performance issues.