Deployment - Data Security, Performance and Vulnerabilities
  • 20 Dec 2023
  • 1 Minute To Read
  • Dark
  • PDF

Deployment - Data Security, Performance and Vulnerabilities

  • Dark
  • PDF

Article summary

The Whatfix solution is developed using globally accepted security measures.

Whatfix Data Security

Whatfix does a routine security review and testing as an inherent part of our software development to ensure that there are no vulnerabilities in the application.

Whatfix maintains the following data security measures for its users:

  • Whatfix export version is placed as part of your web servers. It can attain the same level of security requirements as your other in-house products.
  • The Whatfix JavaScript only makes GET requests (read-only requests) to your web servers. No external calls are made to any outside servers.

Whatfix JavaScript Architecture

After unzipping the compressed export file (.zip), your product team needs to integrate a single line Whatfix JavaScript from the extracted package into your application. Whatfix follows all the regular best practices for ensuring JavaScript security.

The design of Whatfix JavaScript ensures that:

  • Only GET requests (read-only requests) are made to your servers from Whatfix’s JavaScript
  • No calls are made from Whatfix’s JavaScript to any server except your server
  • No third-party libraries are used or required to run Whatfix on your application
  • No need to have any specific libraries or software on your server. The unzipped file can be placed on any web server software
  • Seamless operations with your CDN

Whatfix Security and Deployment Architecture

Vulnerability Scans and Penetration Test

Whatfix performs regular security assessments, penetration tests, and vulnerability scans along with multiple rounds of reviews. These tests ensure that nothing gets overlooked and human mistakes are rectified on time.


In case of a failover, you can serve Whatfix JavaScript from multiple servers and use CDN for distributing the content.


Whatfix has a negligible impact on the performance of your application because of the following:

  • The Whatfix JavaScript execution during page load takes approximately 400 milliseconds.
  • The Whatfix JavaScript file gets cached on the browser side and ensures that the script is downloaded only once for the user (first-time access).
  • The Whatfix JavaScript file size is only 700KB (compressed). The browser caches this file and ensures that the user downloads it only once (first access).

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.