Http to https redirection s hurting website speed

medhahosting

I use a VPS with cpanel and its hurting the web site speed due to http to https redirection.How to fix this any ideas will be greatly appreciated.

WSS

Remove the redirect or upgrade resources.

medhahosting

Its already 8 GB with 4 CPU for a single wordpress site having less than 100 visitors per day

ljseals

You need to use http/2 or spdy but I believe http/2 will be the standard. I do not know how to do that in Cpanel as Eva has it installed in centmin mod and it is super quick. God bless you!

eva2000

The redirection is only one part of overall page load speed. The key to speed up HTTPS requests overall page load speed is use HTTP/2 based HTTPS but cpanel/WHM out of box can't do that it uses non-HTTP/2 HTTPS so slower as cpanel's Apache HTTPS uses CentOS native OpenSSL 1.0.1e crypto library without ALPN protocol support which is a requirement of HTTP/2 based HTTPS.

Only newer versions of OpenSSL 1.0.2+ and LibreSSL, and BoringSSL crypto libraries have ALPN support and CentOS OS doesn't have them natively.

So your choices for HTTP/2 HTTPS on cpanel is

1. Custom compile Apache against statically compiled OpenSSL 1.0.2+ branch - this is what I do for Centmin Mod LEMP's Nginx 1.11 branch it supports static compiles against OpenSSL 1.0.2+, OpenSSL 1.1.0+, LibreSSL 2.4/2.5 and later BoringSSL

2. Switch to using LiteSpeed Enterprise web server with cpanel plugin as it bundles their own OpenSSL 1.0.2+ to support HTTP/2 HTTPS

3. Use Nginx reverse proxy cpanel plugin and hope they compile against static OpenSSL 1.0.2+ build or support such so you can utilise HTTP/2 HTTPS.

4. Wait until at least CentOS 7.4 which is reportedly looking at offering OpenSSL 1.0.2+ or backporting ALPN protocol support https://bugzilla.redhat.com/show_bug.cgi?id=1276310

The 1.0.2 is API/ABI compatible with 1.0.1 and we are working on rebasing the RHEL openssl package to this branch. We are not working on including 1.1 into base RHEL because it would not be usable by the base RHEL applications and utilities. That's what I wanted to say. I do not see any trolling here.

If there will be 1.1 in SCL is a different question and I'd just suggest reporting such request via regular Red Hat support channels https://www.redhat.com/support and not via bugzilla as it is not a support tool/channel.

So Redhat 7.4 and CentOS 7.4 may have OpenSSL 1.0.2 rebased and OpenSSL 1.1.0 via SCL repo project.

WSS

That's insane. You could at least setup Nginx as a proxy for the static things and (optionally) run the dynamic content through fcgi, but it's not going to help much if the issue actually is with the encryption libraries, themselves.

eva2000

There is some overhead of HTTPS and HTTP to HTTPS redirection regardless just the benefits from HTTP/2 HTTPS will make overall page load speeds faster even with the overhead compared to non-HTTP/2 HTTPS.

• https://http2.github.io/faq/
• https://blog.chromium.org/2015/02/hello-http2-goodbye-spdy.html
• http://moz.com/blog/http2-a-fast-secure-bedrock-for-the-future-of-seo
• https://blog.httpwatch.com/2015/01/16/a-simple-performance-comparison-of-https-spdy-and-http2/

eva2000

Also follow cpanel feature requests for HTTP/2 support for Apache at

• https://features.cpanel.net/topic/htt2-support
• https://features.cpanel.net/topic/mod_h2-apache-http2-support

bsdguy

Ask your providers support.

datanoise

medhahosting said: 8 GB with 4 CPU for a single wordpress site having less than 100 visitors per day

How come would you need so much ressources for a wordpress site with almost no traffic?

Anyway are you sure the performance impact is due to https? How is the load on your server? How do you manage your redirection? httaccess?

teamacc

Possibly you still have all resources pointing to the http version, which gets redirected to the https version on load...

robohost

Can you paste your redirect config? If it's just single site with low visitor eating that much resource there is must be something wrong

mehargags

post your htop results... what is your load average?
check your MailQ... if something malicious is compromising your cpu cycles

raindog308

@medhahosting said:
Its already 8 GB with 4 CPU for a single wordpress site having less than 100 visitors per day

Move it to shared hosting.

Seriously - 4 cores for a web site with 4 visitors an hour?

bsdguy

@raindog308

Pretty exactly what I tought, too. I happen to run a wp site for a friend with thousands of unique visitors per day on similar hardware with a load of around 0.15 - 0.25.

But then, he seems to have everything set up through some panel ...

abytecurious

teamacc said: Possibly you still have all resources pointing to the http version, which gets redirected to the https version on load...

This could be fixed by running this plugin which dynamically changes all requests to https. [https://wordpress.org/plugins/really-simple-ssl/]

jackb

If you've fixed your links to all point to HTTPS and are still seeing problems, check your entropy levels.

cat /proc/sys/kernel/random/entropy_avail

It should be over 400, preferably in the thousands. Have a look at haveged if it's low.

sanvit

Use vestacp. been using them for about 6 months on a $5 droplet @ DO and works fine. All traffic going to HTTPS.

saf31

you can try pagerule if you are using cloudflare. https://support.cloudflare.com/hc/en-us/articles/200170536-How-do-I-redirect-all-visitors-to-HTTPS-SSL-