Update Working on fixing a security issue...among other things

DI servers are in Singapore. I agree there are better, less congested, locations for the server to be. I'm looking into other options but I do still have 4 months paid up with the current host. That doesn't mean that I can't stick with them, they do have many different locations. The problem is knowing where to move to and then gaining the knowledge to make that happen. I really have no complaints with Digital Ocean, the only time the site has been down was due to my own ignorance with this stuff.

If you have any advice on this security stuff I'm all ears. I spent 10 hours today messing around with it trying to figure it out as I went along and I'm still not any closer to really understanding it. I don't think it is has anything to do with the handshake though. I've ran the website through several sites to test the security setup and the results aren't coming back with anything major....the setup is going through all these site's test averaging a "B". Speed tests are, as you have mentioned, a problem. One of the issues with the forum is that xenforo (the forum software) relies heavily on JavaScript; if you have an older computer it is going to struggle. Of course I knew nothing about that when I moved over to xf but the old software was so outdated, behind on upgrades, and quickly being left behind , almost forgotten by IT Brands that a move had to be made. I tried sticking with vbulletin but their new software was a complete heap of **** and their support was, and still is, absolutely worthless (and I dropped a significant amount of money on that software). I do have an IPB license but there is no way in hell I'm going to make another switch at this point....and honestly I don't care for that software very much.

With all that being said, if you have the knowledge I'd be more than happy to buy you a couple beers and soak up that knowledge. I'm not the type of guy that thinks it's my way or the highway....but if no one speaks up and shares their ideas knowledge then everyone can just scoot on back to the rear of the bus and go along for the ride while I figure it out on my own.

 

I think thus screenshot really shows what is slowing down the forum (I don't think the SSL certs have much to do with it). I don't have much problem with the forum being slow myself but I have fairly decent newer computer that can push through it. My tablet is about 3-4 years old and struggles with he forum....but it then again it struggles just to unlock itself to allowe to punch out the password these days.

After I sort out the server security issues here I'm going but the forum in debugging mode to look into removing some of the modifications that rely heavily on the JavaScript. But that's going to be difficult as almost every action you take on the forum uses js.

 

Made some changes with a few of the add-ons. Seems to be running faster on my computer and quite a bit better on the table.....though the difference for me could just be from my completely unreliable internet speeds.
Before the changes:


After the changes:


That pingdom website is still giving me a big fat "0" on the js score but most of that is coming from Google. Not a whole lot I can do about that (maybe getting rid of the responsive ads in favor of smaller ones would help but they can't be eliminated completely since running a forum isn't free).


Trying to do a traceroute but my internet is far too crappy for that tonight.

 

Black is alright as long as it is a locked padlock. The reason for it being black on some browsers is because my certificate does not supply ownership information (no organization listed on the cert). That shouldn't, and isn't, breaking the padlock....at least for my browsers. I have made several more changes today to the server. According to SSL Labs I should be compatible with all browsers/Operating systems minus IE6 on XP......if someone is still using IE6 on XP they obviously don't give a crap about securing their computer and I won't sacrifice the server security to cater to dinosaurs.

As good as it's going to get:



Brain hurts so I'm going to go get drunk now. I'll work on speeding up the forum more when I sober up.

 

Well hopefully I could get that information before we got plastered.

I've just implemented several caching mechanisms in the config file to speed things up....hopefully I have enough space on the servers to deal with that (if anyone starts having problems logging in shoot me an email). Switched the jQuery source from locally hosted over to Google, also "minified" CSS and BB code output is cached.

The current theme is responsive. Adding a mobile theme would mean I would have to do twice the work when editing the forum.....kinda why I added Tapatalk in the first place.

 

I added both front-end and file back-end caching (which wasn't happening at all). Judging from the files on my tablet it appears that most forums do this (I have a ton of avatar pictures in my temp folder). Forums are dynamic but a lot of the stuff is repetitive: avatars, emoticons, logos, etc. I wouldn't think that new text content would take long to load.

But every little bit helps.

Hopefully they have more than just one request cached.

Agree with you but try to convince the developers at Xenforo that they should develop a mobile theme. They are pretty d*mn proud of the standard responsive theme.....and they also live in the UK where they have decent internet. They care not about third world users.

A plan like that shouldn't exist in 2015. The average webpage in 2015 is 2MB. Globe can only get away with that crap because the vast majority of Filipinos never venture off of FB (where the 10MB data limit doesn't apply).

But I'm not saying it's ok to have a bloated website, DI needed to go on a diet. Currently with everything I have done so far the forum homepage is 700KB now and I'm only getting 65 total requests (on this thread the page size is 900KB but had around 100 requests...obviously threads that have more images are going to be larger but the size shouldn't be as much of an issue now).
This is average total requests for websites across the internet in 2015:

I'm not all the way there but I'm getting closer. I would like to cut the total requests on the threads in half. I've been focusing on the homepage since that's where most people land (and things I do there will carry over to other pages) but I'm going to start working my way to the actual threads to see where I can cut back on requests there. I'm also going to defer the JS to try to help perceived page load times (though that won't reduce page size any).

I have a feeling that I will never be able to make the people using Globe 10MB data plans and cheap Chinese Android no-name-band phones happy. Cheap electronics leads to a cheap online experience, nothing I do to the forum will change the hardware in their phones.

 

I've cut the requests and page size on thread pages almost in half by reducing the number of replies on a thread to 10 (like most other forums). Requests and page size is less than other forums that show faster load times as well. IMO it's gotta be the route traffic is taking to the server.