Nginx can be configured with SPDY, why not support it?
OCSP stapling are available since Apache 2.3 or Nginx 1.3.7, this can help reduce TLS handshake time, please consider support it.
For the HTTPS Cipherlist, AEAD ciphers (e.g. AES-GCM) should be prioritized on the top, but the current config of the webservers are using AES256 then AES128 (however AES256-GCM are not widely supported, so it goes to ECDHE-AES-256-CBC), which Chrome tells it is an obselote cryptography. Please consider changing the cipherlist, here (Search for 'Cipher Suite Configuration') is an example.
And as APC is replaced by the Zend Opcache, but Opcache do not have the User Cache function, so APCu provides a user cache for the PHP.
Thanks for reading.
I hopes DirectAdmin team can consider enabling these functions because they can make websites faster and safer.
OCSP stapling are available since Apache 2.3 or Nginx 1.3.7, this can help reduce TLS handshake time, please consider support it.
For the HTTPS Cipherlist, AEAD ciphers (e.g. AES-GCM) should be prioritized on the top, but the current config of the webservers are using AES256 then AES128 (however AES256-GCM are not widely supported, so it goes to ECDHE-AES-256-CBC), which Chrome tells it is an obselote cryptography. Please consider changing the cipherlist, here (Search for 'Cipher Suite Configuration') is an example.
And as APC is replaced by the Zend Opcache, but Opcache do not have the User Cache function, so APCu provides a user cache for the PHP.
Thanks for reading.
I hopes DirectAdmin team can consider enabling these functions because they can make websites faster and safer.
SPDY, OCSP stapling, HTTPS Cipher list and APCu
Aucun commentaire:
Enregistrer un commentaire