News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Site slowdown since SSL - But only on certain browsers?

Started by MangosMadMax, October 24, 2013, 12:52:54 PM

Previous topic - Next topic

MangosMadMax

Forum: https://community.getmangos.co.uk

Since making the site SSL only there now seems to be a 4 seconds delay in page generation, I was hoping someone might know why?

This is strange since it does not affect the google chrome browser, so using that browser the forum loads within: Page created in 0.043 seconds with 17 queries.


In my .htaccess I have the following to ensure SSL, but I don't see how this would cause a 4 second delay?

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Regards,
MadMax

Cisco Certified Desktop Support & Network Engineer

Cyberhost

Have you installed any mods? If you have please say how manu mods do you have.

kat

Opera: Page loads in four seconds.

Pale Moon: Page loads in five seconds.

Waterfox: Page load in five seconds.

K-Meleon: Page loads in four seconds.

IE: Who cares? ;)

Drunken Clam

Chrome (31.0.1650.34 beta-m) - Page loads in 4.093 seconds with 18 queries.

Arantor

Perhaps it would have been better if I'd simply never bothered. Y'all clearly would be less unhappy that way.

MrPhil

I don't know if it will explain the full delay, but remember with SSL there are extra encryption and decryption steps at each end of each transmission from and to the server -- and there may be quite a few separate transmissions per page.

Are you going to be keeping this forum open to the public? If so, what exactly is the point of SSL? Is it to prevent a "man in the middle" from intercepting and modifying the data stream? Is WoW that cutthroat that it's come to this?

Arantor

It's not just about preventing MITM attacks.

It's the fact that, otherwise, your details are sent unencrypted through many networks. Networks you don't control. Networks that could very easily tap your details because they're unencrypted. Especially wifi networks - it certainly isn't unheard of for people to sit in cafes where there's wifi and steal login details. It's largely what prompted Facebook to go HTTPS by default because of this happening.

Now, SMF itself does actually do things to help on that score; unlike other forum systems, your password is not sent in plaintext, even in non SSL connections - where possible it is sent hashed (with session id for salting)

I'd argue all sites should go SSL if possible but there are matters that make that difficult especially for forums.
Perhaps it would have been better if I'd simply never bothered. Y'all clearly would be less unhappy that way.

MangosMadMax

Quote from: Arantor on October 24, 2013, 05:13:07 PM
Are hostname lookups enabled?

Just disabled them, Seems to of had no affect on the page loading times.

I've also noticed that pages load normally when logged in?!
Regards,
MadMax

Cisco Certified Desktop Support & Network Engineer

MangosMadMax

Regards,
MadMax

Cisco Certified Desktop Support & Network Engineer

MrPhil

Please do not bump in less than 24 hours. It's rude.

Advertisement: