: How to optimize the load time of initial connection and SSL handshake phase of a web page on a 3G network? My website www.example.com(SSL enabled) is hosted on Amazon EC2 shared hosting. It
My website example.com(SSL enabled) is hosted on Amazon EC2 shared hosting. It loads faster (load time < 2 seconds) on a wifi/broadband connection. Issue is on 3G network in mobile**(H mode and not H+ mode)**. Initiate a connection phase and SSL handshake process takes a lot of time - 12 seconds. Monitored the timing parameters through Chrome Network tab. Below is the measured load timing for the webpage.
Kind of data handled on page:
Tested web page receives 5 key-value paired JSON data through AJAX and displays it on the web page. It is a very lightweight page with only 5-6 text content.
I have seen many websites load faster on a 3G mobile network(H mode). My website is too slow during initial connection establishment phase on a 3G network. Can someone please assist me on how to resolve/optimize the delay in initial connection phase? Will moving to dedicated hosting resolve the present issue?
Web Server is not busy and there is lot of CPU AND memory available always.
Server Configuration:
Amazon EC2 Instance - Shared hosting (32 CPU and 60 GB RAM).
Web Server - Apache.
SSL - Symantec.
More posts by @Hamaas447
2 Comments
Sorted by latest first Latest Oldest Best
Reading the title of your question, there are two things you can do to speed up the initial connection and SSL/TLS handshake. These work for any connection, not just 3G, so you should use these as best practice anyway.
First, use HTTP/2 to serve the site. This requires Apache 2.4.17 or later.
Second, configure Apache to use OCSP stapling. This requires Apache 2.3.3 or later plus OpenSSL 0.9.8h or later, with a good guide to set it up here. OCSP stapling won't speed things way up but it will do some of the work for the client and spare them the trouble of attempting an OCSP lookup.
Reading the body text of your question, I think you have a much bigger problem with your hosting environment. Those load times are unacceptable. You mention that it is 'shared hosting', you should contact whoever is managing that shared hosting and ask why their server is so unusually slow. You are probably better off trying a different shared host, or running a VPS yourself (this is more work but gives better speed and flexibility).
Since you are already on AWS, why not try their free tier to test things out and get your own server working and optimised? Use it with a subdomain and some static HTML pages for testing and then move your primary site over (scaling up past the free tier limits if needed).
Initial Connection
You will find that the initial connection includes negotiating the SSL, so since the handshake is high, its a good indicator that something is seriously wrong with the way you have setup the SSL.
Google Chrome: Understanding Resource Timing
Time it took to establish a connection, including TCP handshakes/retries and negotiating a SSL.
SSL Handshake and TTFB
You have two major issues, the Time spent completing a SSL handshake and the servers waiting TTFB (time to first byte).
TTFB: 4079ms (should be less than 1000ms)
SSL handshake 11830ms (should be less than 100ms)
It should also be noted that when testing with 3G/4G devices it can cause longer first bytes due to the fact that phone signals vary in strength... this can cause intermittent connection issues and varying latency times.
Step 1: Investigating the SSL issue
It's pretty obvious that you have a serious SSL issue and most likely due to a faulty install of OpenSSL or similar. Start by testing your SSL cert using SSL Labs and then correcting any issues or warnings it suggests.
If the SSL is still operating slowly then you most likely have a overloaded server or a server fault. If its the later then you will need to try and narrow down where the fault lies. Use the Server Fault stack should you need further assistance on this matter, one user reported that creating new keys resolved a slow SSL issue that he/she was encountering that may, or may not be relevant.
Load balancers can help if its a server resource issue.
Step 2: Investigating the TTFB
Once you have investigated resolved the issue of the SSL and you still have an increased TTFB then you should test your server by ensuring that it has enough resources.
The first byte time is influenced by but not limited to:
Distance from user to data centre hosting the server can increase TTFB
Uncached GZIP can increase TTFB
Congested networks can increase TTFB
Congested servers can increase TTFB
Sometimes increasing the CPU's and RAM isn't always the best option. Sometimes its better to introduce a load balancer because not only does it mean you can easily run multiple servers side by side but it actually offloads caching and SSL requests. Some other benefits include:
SOURCE
Caching: The appliance can store content that does not change (such as images) and serve them directly to the client without sending traffic to the web server.
Compression: Reduces that amount of traffic for HTTP objects by compressing files before they are sent.
SSL Offloading: Processing SSL traffic is demanding on a web server's CPU, so a load balancer can perform this processing instead.
High availability: Two load balancing appliances can be used in case one fails.
Tips for lowering your TTFB:
Ensure your database is on the same network, or a quality SQL cloud.
Ensure your database is read from memory and NEVER EVER the SWAP file!
Make use of a content delivery network, it offloads server requests and compression tasks.
Make use of Varnish Cache to reduce load on the database by caching pages
Benchmark your static files on the hard disk using HDParm
Benchmark your server using Apache HTTP server benchmarking tool
Benchmark the website with 10 passes with multiple remote locations using WebPageTest
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.