How to optimize the load time of initial connection and SSL handshake phase of a web page on a 3G network?

https performance page-speed amazon-aws load-time
34,399

Solution 1

Initial Connection

You will find that the initial connection includes negotiating the SSL, so since the handshake is high, its a good indicator that something is seriously wrong with the way you have setup the SSL.

Google Chrome: Understanding Resource Timing

Time it took to establish a connection, including TCP handshakes/retries and negotiating a SSL.

SSL Handshake and TTFB

You have two major issues, the Time spent completing a SSL handshake and the servers waiting TTFB (time to first byte).

  • TTFB: 4079ms (should be less than 1000ms)
  • SSL handshake 11830ms (should be less than 100ms)

It should also be noted that when testing with 3G/4G devices it can cause longer first bytes due to the fact that phone signals vary in strength... this can cause intermittent connection issues and varying latency times.

Step 1: Investigating the SSL issue

It's pretty obvious that you have a serious SSL issue and most likely due to a faulty install of OpenSSL or similar. Start by testing your SSL cert using SSL Labs and then correcting any issues or warnings it suggests.

If the SSL is still operating slowly then you most likely have a overloaded server or a server fault. If its the later then you will need to try and narrow down where the fault lies. Use the Server Fault stack should you need further assistance on this matter, one user reported that creating new keys resolved a slow SSL issue that he/she was encountering that may, or may not be relevant.

Load balancers can help if its a server resource issue.

Step 2: Investigating the TTFB

Once you have investigated resolved the issue of the SSL and you still have an increased TTFB then you should test your server by ensuring that it has enough resources.

The first byte time is influenced by but not limited to:

  • Distance from user to data centre hosting the server can increase TTFB
  • Uncached GZIP can increase TTFB
  • Congested networks can increase TTFB
  • Congested servers can increase TTFB

Sometimes increasing the CPU's and RAM isn't always the best option. Sometimes its better to introduce a load balancer because not only does it mean you can easily run multiple servers side by side but it actually offloads caching and SSL requests. Some other benefits include:

SOURCE

  • Caching: The appliance can store content that does not change (such as images) and serve them directly to the client without sending traffic to the web server.
  • Compression: Reduces that amount of traffic for HTTP objects by compressing files before they are sent.
  • SSL Offloading: Processing SSL traffic is demanding on a web server's CPU, so a load balancer can perform this processing instead.
  • High availability: Two load balancing appliances can be used in case one fails.

Tips for lowering your TTFB:

  • Ensure your database is on the same network, or a quality SQL cloud.
  • Ensure your database is read from memory and NEVER EVER the SWAP file!
  • Make use of a content delivery network, it offloads server requests and compression tasks.
  • Make use of Varnish Cache to reduce load on the database by caching pages
  • Benchmark your static files on the hard disk using HDParm
  • Benchmark your server using Apache HTTP server benchmarking tool
  • Benchmark the website with 10 passes with multiple remote locations using WebPageTest

Solution 2

Reading the title of your question, there are two things you can do to speed up the initial connection and SSL/TLS handshake. These work for any connection, not just 3G, so you should use these as best practice anyway.

First, use HTTP/2 to serve the site. This requires Apache 2.4.17 or later.

Second, configure Apache to use OCSP stapling. This requires Apache 2.3.3 or later plus OpenSSL 0.9.8h or later, with a good guide to set it up here. OCSP stapling won't speed things way up but it will do some of the work for the client and spare them the trouble of attempting an OCSP lookup.

Reading the body text of your question, I think you have a much bigger problem with your hosting environment. Those load times are unacceptable. You mention that it is 'shared hosting', you should contact whoever is managing that shared hosting and ask why their server is so unusually slow. You are probably better off trying a different shared host, or running a VPS yourself (this is more work but gives better speed and flexibility).

Since you are already on AWS, why not try their free tier to test things out and get your own server working and optimised? Use it with a subdomain and some static HTML pages for testing and then move your primary site over (scaling up past the free tier limits if needed).

Share:
34,399

Related videos on Youtube

User234334
Author by

User234334

Updated on September 18, 2022

Comments

  • User234334
    User234334 over 1 year

    My website www.example.com(SSL enabled) is hosted on Amazon EC2 shared hosting. It loads faster (load time < 2 seconds) on a wifi/broadband connection. Issue is on 3G network in mobile**(H mode and not H+ mode)**. Initiate a connection phase and SSL handshake process takes a lot of time - 12 seconds. Monitored the timing parameters through Chrome Network tab. Below is the measured load timing for the webpage.

    Page load Network Timing Stats

    Kind of data handled on page: Tested web page receives 5 key-value paired JSON data through AJAX and displays it on the web page. It is a very lightweight page with only 5-6 text content.

    I have seen many websites load faster on a 3G mobile network(H mode). My website is too slow during initial connection establishment phase on a 3G network. Can someone please assist me on how to resolve/optimize the delay in initial connection phase? Will moving to dedicated hosting resolve the present issue?

    Web Server is not busy and there is lot of CPU AND memory available always.

    Server Configuration: Amazon EC2 Instance - Shared hosting (32 CPU and 60 GB RAM). Web Server - Apache. SSL - Symantec.

    • Admin
      Admin over 7 years
      Have you tried using an elastic load balancer and having it handle the HTTPS? That is what I use at Amazon, and I haven't seen performance problems like this. Then again, I've never specifically tested against a 3G connection.
    • Admin
      Admin over 7 years
      Thank you. Server is not load balanced. Will test the server on certain parameters again and will try it out.
  • User234334
    User234334 over 7 years
    Thank you for your detailed explanation. Will test the server again on the suggested parameters and will implement the best!
  • Simon Hayter
    Simon Hayter over 7 years
    @StephenOstermiller nicely spotted. The waiting TTFB is 4000ms while the SSL is over 11000ms. It's likely the SSL is impacting the TTFB. I've updated the question to reflect that.
  • User234334
    User234334 over 7 years
    Thank you! I tested my SSL at www.ssllabs.com and rating was "A". No warnings/issues were reported. I found that Apache version is 2.2.15 which is outdated. Need to update it now. My website contents(size in TB) are in /var/www/html/. Will updating/reinstalling Apache remove my website contents? Any safest method to update without losing data?
  • User234334
    User234334 over 7 years
    One more point - OpenSSL is also of latest version.
  • Goyllo
    Goyllo over 7 years
    Are you getting similar initial connection and TTFB time when you test it directly without selecting any device and network mode.
  • User234334
    User234334 over 7 years
    @Goyllo No. Load time is perfect in wifi/broadband connection on PC as well as mobile. Load time is worse only on a 3G network(H mode). In 3G(H+ mode), its perfect. Website server is located at US and i am accessing it from India.
  • Simon Hayter
    Simon Hayter over 7 years
    Don't test it with your broadband alone... its biased and often cached. Use multiple locations using WebPageTest as I've said. Focus on the first view only information.
  • Goyllo
    Goyllo over 7 years
    I highly doubt chrome network mode does not work like your local ISP 3g network work. Just test it in your local device with 3g mode, count a second manually and see weather it is fast or not. Lot's of things I did not understand how Google network mode work in reality. ISP have setup many of things on their background. Here Google chrome convert your wifi network into 3g network, so it might affect in timing. I have also tested my site, which is fast in real device but load slowly when I do throutlling in chrome dev tool
  • Simon Hayter
    Simon Hayter over 7 years
    @Goyllo testing it on one connection and one browser is hardly a test at all. There are various ways you can remote test a site with multiple passes, multiple regions, multiple browsers and guess what... you can select 3G, 3G H and 3G H+, 4G LTE, DSL/CABLE and Fibre at WebPageSpeed. Using the inbuilt testing tool may be handy for sites that receive low traffic each day but for sites with lots of traffic from various regions you need to test multiple-regions, and not just multiple-devices.
  • Simon Hayter
    Simon Hayter over 7 years
    Also with WebPageSpeed you can clear the SSL cache which is extremely handy.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Slow website response? How can I fix this issue?
Confused about missing width and/or height attributes
How to improve extremely slow page load time on a 23MB web page full of SVGs?
Performance: 4096 Bit RSA-Key compared to 2048 bit RSA-Key
Specifying image dimensions to improve browser performance
How to test the speed of a page that is guarded behind login page?
How can I simulate a slow connection for page load?
What is recommended minimum object size for gzip performance benefits?
Blank image. What to use: Base64 vs 1x1 JPEG image
Cache external static scripts?