reduce HTTPS waiting time? [closed]

Question

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.

Closed 8 years ago.

I force SSL because of the limitations in PHP sessions because I have AJAX logins (http and https don't keep the same session id on the same site).

Chrome network reports ~150ms in waiting for all resources.

I was able to reduce by 100ms to 150ms from 250ms by enabling keep-alive which was massive.

Are there any other tricks like that that can bring it down further?

Many thanks in advance!

Answer 1

you could use SPDY although is only supported by new browsers. There is a mod_spdy for apache released by google. That would help.

Nevertheless I found weird your statement (http and https don't keep the same session id on the same site). since I have used to have SSL only in the login pages. I never found that problem.

The limitation you are talking about is not of PHP. You cannot do ajax requests across different domains nor schemes (that is called cross site posting). I would recommend you using some technique or to post to a stand only login page and tracking the referrer to send the user back to url they came from.