Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions

Reply
 
Thread Tools Display Modes
  #11  
Old 01-23-2015, 12:20 AM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

HTTPS requires an initial “handshake” to create a connection between the browser and the server, and this handshake can be be very slow.

The problem

It takes at least four TCP roundtrips just to open a single SSL connection between the client and the server — and this doesn’t happen until after the initial TCP connection has been set up. The amount of data transferred as part of the handshake isn’t huge (under 5 kB typically), but for very small requests this can be quite a bit of overhead.
Important to know: The SSL handshake is actually even more process intensive than the actual data encryption that happens over the connection after the handshake is successfully complete.
How to know if this problem affects you

No one can give you a meaningful answer to this question without some information about the nature of your web site, hardware, software, and network configuration.
There are a couple of ways to look into this problem for your own site:
1. Profile the performance of your web server. There are several tools out there (such as JMeter and Visual Studio) to compare the performance of an HTTP vs HTTPS server.
2. Run WebPagetests of key secure pages on your site. Look at the purple bars on the waterfall chart that indicate SSL negotiation. You don’t want to see:
  • too many purple bars
  • long purple bars
  • purple bars associated with non-essential page resources
Reply With Quote
  #12  
Old 01-23-2015, 12:19 PM
LostInCyberLand LostInCyberLand is offline
 
Join Date: Nov 2014
Posts: 41
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thankyou for the information. I will keep it in mind, but have decided for now not to go with SSL and keep my site as simple as possible until I get more confident with it.
Reply With Quote
Благодарность от:
ozzy47
  #13  
Old 01-23-2015, 11:25 PM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yeah you can always switch to it easily if need be.
Reply With Quote
  #14  
Old 01-27-2015, 08:55 PM
thetechgenius's Avatar
thetechgenius thetechgenius is offline
 
Join Date: Jun 2014
Posts: 258
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I have been running SSL on my entire forum since I first setup my forum. I have it enabled throughout the entire forum, not just on the Login Page. I haven't had any problems at all, and my forum still loads very very fast. Actually, I tested my site on a few speed test sites, and it says my site is about faster then 75%+ of all sites tested. And my site is heavily customized with a bunch of custom addons made by me, and a lot of custom CSS/HTML.

HTTPS doesn't really make your site slower, as long as your server network has a decent speed, you should be fine. My server runs on a Fiber Network with its own dedicated IP, 90Mbps Upload and 90Mbps Download.

If you can afford it, SSL/HTTPS is the way to go. It tells your users that you care about their security and privacy, and it also makes your forum look more legit and professional. (Even though you really don't need SSL on a forum. But its never a bad idea to run SSL)
Reply With Quote
  #15  
Old 01-27-2015, 10:17 PM
pityocamptes's Avatar
pityocamptes pityocamptes is offline
 
Join Date: Apr 2010
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

On a side thought anyone find a work around for rss feed coming in to a https site? I get the icon showing dual security on content. Thanks.
Reply With Quote
  #16  
Old 01-31-2015, 03:12 PM
thetechgenius's Avatar
thetechgenius thetechgenius is offline
 
Join Date: Jun 2014
Posts: 258
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by pityocamptes View Post
On a side thought anyone find a work around for rss feed coming in to a https site? I get the icon showing dual security on content. Thanks.
I'm not exactly sure what you mean, but when your site is running SSL/HTTPS, you should be using HTTPS URL's. If content is being served over HTTP on a HTTPS site, you and your users will get a Mixed Content Warning. That is why I always change urls to javascript library's to https, and if the url to the javascript library does not have HTTPS enabled, I download the JS File and store it locally on my server so I can serve it over HTTPS. If I cannot actually download it, I view the JS Code in my browser, copy and paste the code in Notepad++ and then store it locally on my server.

I'm not sure if URLs posted by members affect the Mixed Content Warning or not, but I have a custom Anonym URL Redirect Addon that I created. My addon redirects all URL's that is not on the Whitelist, and redirects the user to the URL anonymously. I have it setup on one of my other Top Level Domains, I made the domain just for my addon. The URL shows up like this in posts - https://ttechg.link/?http://example.com

You can see the URL is not HTTP, but it redirects to the HTTP url, that way users will not get the Mixed Content Warning.

If you want to use my custom addon on your forum, let me know. I did release it on vB.org, but I haven't released the updated version yet. Its because from developing the addon, I have the files scattered around my server. I have to get all of the files together, and clean it up a bit before I release it. But if you need it now, I can get the files together and send you a copy. And I can walk you through the setup process. You can either install it on your forum domain and have it in its own directory, or you can install it on its own domain like how I have it.

My Forum - https://thetechgenius.net
My URL Anonym Redirect Addon - https://ttechg.link
Reply With Quote
  #17  
Old 02-01-2015, 12:53 PM
AndrewSimm AndrewSimm is offline
 
Join Date: Sep 2006
Location: Atlanta, GA
Posts: 222
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why would posting a link cause mixed content warnings? If it isn't producing an image or script then it should be fine.

Also look into SPDY if your running SSL as it makes your site faster and that is what sizes such as google use.

The only thing I had to do was create a small image proxy to keep images from producing mixed content messages.

https://www.canesinsight.com
Reply With Quote
  #18  
Old 02-03-2015, 01:52 AM
pityocamptes's Avatar
pityocamptes pityocamptes is offline
 
Join Date: Apr 2010
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm pulling RSS feed in from feedburner which apparently is not capable of https....

--------------- Added [DATE]1422936046[/DATE] at [TIME]1422936046[/TIME] ---------------

Here is all the http links in the page source that I would like to move to https:

http://data-vocabulary.org/Breadcrumb
http://www.w3.org/1999/xhtml
http://www.facebook.com/2008/fbml
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
http://feeds.feedburner.com/reuters/ytaq?format=sigpro

Plus a few links at the bottom for the mods that are regular http...

Any advice? Thanks.

--------------- Added [DATE]1422936219[/DATE] at [TIME]1422936219[/TIME] ---------------

Quote:
Originally Posted by AndrewSimm View Post
Why would posting a link cause mixed content warnings? If it isn't producing an image or script then it should be fine.

Also look into SPDY if your running SSL as it makes your site faster and that is what sizes such as google use.

The only thing I had to do was create a small image proxy to keep images from producing mixed content messages.

https://www.canesinsight.com
Is SPDY something your host offers or something else? Thanks.
Reply With Quote
  #19  
Old 02-03-2015, 09:46 PM
AndrewSimm AndrewSimm is offline
 
Join Date: Sep 2006
Location: Atlanta, GA
Posts: 222
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by pityocamptes View Post
I'm pulling RSS feed in from feedburner which apparently is not capable of https....

--------------- Added [DATE]1422936046[/DATE] at [TIME]1422936046[/TIME] ---------------

Here is all the http links in the page source that I would like to move to https:

http://data-vocabulary.org/Breadcrumb
http://www.w3.org/1999/xhtml
http://www.facebook.com/2008/fbml
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
http://feeds.feedburner.com/reuters/ytaq?format=sigpro

Plus a few links at the bottom for the mods that are regular http...

Any advice? Thanks.

--------------- Added [DATE]1422936219[/DATE] at [TIME]1422936219[/TIME] ---------------



Is SPDY something your host offers or something else? Thanks.
Are you sure feedburner is capable of https? The below link comes up fine. Your server would need to be configured to run SPDY for it to work.

https://feeds.feedburner.com/reuters/ytaq?format=sigpro
Reply With Quote
  #20  
Old 02-05-2015, 02:18 AM
pityocamptes's Avatar
pityocamptes pityocamptes is offline
 
Join Date: Apr 2010
Posts: 595
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by AndrewSimm View Post
Are you sure feedburner is capable of https? The below link comes up fine. Your server would need to be configured to run SPDY for it to work.

https://feeds.feedburner.com/reuters/ytaq?format=sigpro

Thanks! I know it did not, maybe they changed something. Will check it out...


It worked thanks!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:31 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07020 seconds
  • Memory Usage 2,256KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (1)post_thanks_box_bit
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete