I recently added in a test SSL setup to my mod_wsgi application to make sure
it was all gravy, but to my surprise, my app significantly slower when
rendering dynamic HTML/CSS that is being generated and returned from
mod_wsgi. When accessing the application under http and not https, its speed
is not an issue at all. Here's my config:
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName example.com
ErrorLog /var/log/httpd/error_log
DocumentRoot /srv/nfs/example/www
Alias /htc/ /srv/nfs/example/www/htc/
Alias /img/ /srv/nfs/example/www/img/
Alias /js/ /srv/nfs/example/www/js/
Alias /maintenance/ /srv/nfs/example/www/maintenance/
Alias /pdf/ /srv/nfs/example/www/pdf/
Alias /soap/ /srv/nfs/example/www/soap/
Alias /swf/ /srv/nfs/example/www/swf/
Alias /utils/ /srv/nfs/example/www/utils/
<Directory /srv/nfs/example/www>
Order deny,allow
Allow from all
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</Directory>
WSGIScriptAlias / /srv/nfs/example/apache/example.wsgi
WSGIDaemonProcess example.com user=apache group=apache processes=2
threads=5 display-name=%{GROUP} home=/tmp
WSGIProcessGroup example.com
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName example.com
DocumentRoot /srv/nfs/example/www
Alias /htc/ /srv/nfs/example/www/htc/
Alias /img/ /srv/nfs/example/www/img/
Alias /js/ /srv/nfs/example/www/js/
Alias /maintenance/ /srv/nfs/example/www/maintenance/
Alias /pdf/ /srv/nfs/example/www/pdf/
Alias /soap/ /srv/nfs/example/www/soap/
Alias /swf/ /srv/nfs/example/www/swf/
Alias /utils/ /srv/nfs/example/www/utils/
ErrorLog ssl_error_log
TransferLog ssl_transfer_log
CustomLog syslog access
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/ssl.d/trac.crt
SSLCertificateKeyFile /etc/httpd/ssl.d/trac.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory /srv/nfs/example/www>
Order deny,allow
Allow from all
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</Directory>
WSGIScriptAlias / /srv/nfs/example/apache/example.wsgi
WSGIDaemonProcess ssl.example.com user=apache group=apache processes=2
threads=5 display-name=%{GROUP} home=/tmp
WSGIProcessGroup ssl.example.com
</VirtualHost>
Any Ideas?
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/modwsgi?hl=en.
