On 2017-05-02 09:19, Stefan Eissing wrote:
> A. "I want my site safe and usable with modern browsers!"
> B. "I want a safe setting, but people with slightly out-dated clients should
> be served as well."
> C. "I sadly need compatibility to some very old clients."
It would be great to explain the performance impact per setting.
The average Joe has no idea how to run benchmarks and interpret the
results. Yet I came across people who used the default settings
wondering why it wasn't performing that well.
I know, an average Joe shouldn't configure a web server (especially for
performance) in the first place, but you wouldn't believe how many
companies do not have proper resources.
I often heard people complaining that Apache wasn't performing well,
which in my opinion was misconfiguration and/or bad default settings.
Apache httpd deserves better than the younger generation favouring nginx
over Apache because of alleged better out of the box performance.
I'm not sure, how much perf difference there is between A, B, and C, but
SSL by itself has quite an impact, especially on boxes without the AES
regards Helmut K. C. Tessarek
lookup http://pool.sks-keyservers.net for KeyID 0xC11F128D
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.