By rb
As the title says, I recently added ssl to my website and have noticed a massive slow down in response time. I used to average about 250-400ms response time, now it is about 1000ms. Most of this is due to the ssl handshake and an unknown amount of waiting period.
The website in question is asianessentials.co.uk.
I am currently on the $5 package from digital ocean, does this problem require a hardware upgrade to rectify? Or is it something I can fix from my configuration?
Any help would be much appreciated.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
You are fine with the package but if you get more traffic in your website definitely you will need a bigger DO package. Here the website loads in a second, try clearing your browser history, cache etc.
Hi Marinos, <br> <br>I am actually benchmarking using pingdom’s tools. They ping my server every minute, so my average values are over a few days and there is definitely an increase in time. <br> <br>Do you have any tips for how I could reduce the response time without going for a bigger DO package?
Give something like this a try (customizing to suit your setup) <br> <br>server { <br> listen 80; <br> listen 443 ssl spdy; <br> server_name example.com; <br> root /path/to/files; <br> index index.html index.htm index.php; <br> <br> location / { <br> try_files $uri $uri/ /index.php?$args; <br> expires max; <br> } <br> <br> if ($https != “on”) { <br> return 301 https://$host$uri; <br> } <br> <br> ssl on; <br> spdy_headers_comp 9; <br> ssl_stapling on; <br> resolver 8.8.8.8 <br> 8.8.4.4 valid=3600s; <br> resolver_timeout 4s; <br> ssl_stapling_verify on; <br> ssl_session_timeout 5m; <br> ssl_prefer_server_ciphers on; <br> ssl_session_cache shared:SSL:60m; <br> ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; <br> add_header Strict-Transport-Security “max-age=31536000”; <br> ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA; <br> <br> ssl_certificate /path/to/certificate.crt; <br> ssl_trusted_certificate /path/to/ca.crt; <br> ssl_certificate_key /path/to/key.key; <br>}
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.