New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Http to https redirection s hurting website speed
medhahosting
Member
in Help
I use a VPS with cpanel and its hurting the web site speed due to http to https redirection.How to fix this any ideas will be greatly appreciated.
Comments
Remove the redirect or upgrade resources.
Its already 8 GB with 4 CPU for a single wordpress site having less than 100 visitors per day
You need to use http/2 or spdy but I believe http/2 will be the standard. I do not know how to do that in Cpanel as Eva has it installed in centmin mod and it is super quick. God bless you!
The redirection is only one part of overall page load speed. The key to speed up HTTPS requests overall page load speed is use HTTP/2 based HTTPS but cpanel/WHM out of box can't do that it uses non-HTTP/2 HTTPS so slower as cpanel's Apache HTTPS uses CentOS native OpenSSL 1.0.1e crypto library without ALPN protocol support which is a requirement of HTTP/2 based HTTPS.
Only newer versions of OpenSSL 1.0.2+ and LibreSSL, and BoringSSL crypto libraries have ALPN support and CentOS OS doesn't have them natively.
So your choices for HTTP/2 HTTPS on cpanel is
Custom compile Apache against statically compiled OpenSSL 1.0.2+ branch - this is what I do for Centmin Mod LEMP's Nginx 1.11 branch it supports static compiles against OpenSSL 1.0.2+, OpenSSL 1.1.0+, LibreSSL 2.4/2.5 and later BoringSSL
Switch to using LiteSpeed Enterprise web server with cpanel plugin as it bundles their own OpenSSL 1.0.2+ to support HTTP/2 HTTPS
Use Nginx reverse proxy cpanel plugin and hope they compile against static OpenSSL 1.0.2+ build or support such so you can utilise HTTP/2 HTTPS.
Wait until at least CentOS 7.4 which is reportedly looking at offering OpenSSL 1.0.2+ or backporting ALPN protocol support https://bugzilla.redhat.com/show_bug.cgi?id=1276310
So Redhat 7.4 and CentOS 7.4 may have OpenSSL 1.0.2 rebased and OpenSSL 1.1.0 via SCL repo project.
That's insane. You could at least setup Nginx as a proxy for the static things and (optionally) run the dynamic content through fcgi, but it's not going to help much if the issue actually is with the encryption libraries, themselves.
There is some overhead of HTTPS and HTTP to HTTPS redirection regardless just the benefits from HTTP/2 HTTPS will make overall page load speeds faster even with the overhead compared to non-HTTP/2 HTTPS.
Also follow cpanel feature requests for HTTP/2 support for Apache at
Ask your providers support.
How come would you need so much ressources for a wordpress site with almost no traffic?
Anyway are you sure the performance impact is due to https? How is the load on your server? How do you manage your redirection? httaccess?
Possibly you still have all resources pointing to the http version, which gets redirected to the https version on load...
Can you paste your redirect config? If it's just single site with low visitor eating that much resource there is must be something wrong
post your htop results... what is your load average?
check your MailQ... if something malicious is compromising your cpu cycles
Move it to shared hosting.
Seriously - 4 cores for a web site with 4 visitors an hour?
@raindog308
Pretty exactly what I tought, too. I happen to run a wp site for a friend with thousands of unique visitors per day on similar hardware with a load of around 0.15 - 0.25.
But then, he seems to have everything set up through some panel ...
This could be fixed by running this plugin which dynamically changes all requests to https. [https://wordpress.org/plugins/really-simple-ssl/]
If you've fixed your links to all point to HTTPS and are still seeing problems, check your entropy levels.
cat /proc/sys/kernel/random/entropy_avail
It should be over 400, preferably in the thousands. Have a look at haveged if it's low.
Use vestacp. been using them for about 6 months on a $5 droplet @ DO and works fine. All traffic going to HTTPS.
you can try pagerule if you are using cloudflare. https://support.cloudflare.com/hc/en-us/articles/200170536-How-do-I-redirect-all-visitors-to-HTTPS-SSL-