TTFB (Time to First Byte) is one of the hardest one to optimize in WordPress.
Recently I was playing around with Google Cloud infrastructure for running WordPress. While testing I noticed something. Without HTTPS I was able to achieve <200ms TTFB in most of the regions around the world. However, after enabling HTTPS, it’s only 3 or 4 regions. The TTFB increased by 100-200+ ms.
So I did some research on how to improve TTFB enabling HTTPS.
Table of Contents
What is TLS?
TLS or Transport Layer Security is a successor of Secure Socket Layer (SSL). A protocol used to provide end-to-end encryption while transmitting data through HTTP.
Will TLS or HTTPS slow down my site?
In short, Yes.
Every time you make an HTTPS request, your browser has to exchange some keys and do the handshake. It usually takes a few round trips to make this happen.
Here is the time your browser spends to connect and make an SSL connection.
The new TLS 1.3
TLS 1.3 is a new version of TLS which was released in August 2018. The major difference in TLS 1.3 when compared to the previous version 1.2 is the number of round trips.
Now let’s see how it really affects our TTFB.
TLS 1.3 Browser Support
TLS 1.3 is released in August 2018. So some old browsers won’t support it. It’s good to have both TLS 1.3 and 1.2 in your server.
How to find a website’s TLS version?
Open your website and check the ‘Security’ tab in developer tools (Ctrl+Shift+I or Ctrl+Opt+J).
How to enable TLS 1.3 in WordPress
If you’re using premium managed hosting providers like Cloudways or Kinsta, it’s already enabled by default.
Cloudflare
If your website is behind Cloudflare HTTP proxy, then it’s enabled by default. You can find it under the ‘Crypto’ tab.
Apache
TLS 1.3 is now supported in Apache2 version 2.4.36. If your Apache server version is below that, better upgrade it.
You can find your current apache version by apache2 -v command. To upgrade apache run the following commands.
sudo apt-add-repository ppa:ondrej/apache2
sudo apt-get update
sudo apt-get dist-upgradeNginx
You must have Nginx version 1.13.0 or greater built against OpenSSL 1.1.1 or greater, and a valid SSL certificate.
In Nginx configuration file, add TLSv1.3 to the ssl_protocols directive, like:
ssl_protocols TLSv1.2 TLSv1.3;Full conf file
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
root /var/www/example.com/public;
ssl_certificate /path/to/your/certificate.crt;
ssl_certificate_key /path/to/your/private.key;
ssl_protocols TLSv1.2 TLSv1.3;
}Make sure you restart Nginx by:
sudo systemctl reload nginx.serviceConclusion
It’s a small tweak, but enabling TLS v1.3 helps to improve TTFB a lot, as well as security. Make sure your CDN also supports TLS 1.3.
Comment below if you’ve any queries or feedback. I read and reply to each of them within 8 hours!
Comments are closed.