Google Blacklisting or marking Not Secure for http sites with logon

Anthony Parsons

Well-known member
Do you really have to do nothing on your server and flick a switch on CF's end?
You create a CSR on your server, input it at Cloudflare, CF generates your certificate and then you input it on your server like any certificate.

Argo is additionally a nice, cheap addition to CF, that gives you the fastest routing possible (Tier 1):

Argo is a service that uses optimized routes across the Cloudflare network to deliver responses to your users more quickly, reliably, and securely. Argo both reduces the number of cache misses and delivers significant latency improvements for requests that must interact with your origin.

CF really is a one-stop shop for improved performance and ease of use.
 

Xon

Well-known member
Lets encrypt renewal is as simple as creating a script and adding it to cron, i.e. for NGINX:

Code:
nano /etc/letsencrypt-renew.sh

PASTE

#!/bin/bash

systemctl stop nginx
/root/.local/share/letsencrypt/bin/letsencrypt renew --agree-tos
systemctl start nginx
Make it executable: chmod +x /xxx/letsencrypt-renew.sh

Then something as simple as (for cron): 0 0 1 * * root /xxx/letsencrypt-renew.sh

Takes all of a few seconds, run it at some obscure hour of the morning where the least traffic is online, auto renewal for Lets Encrypt sorted.
Fyi, you don't need to stop/start nginx. You can tell it to use an existing folder for the challange/response file and then do an reload so you can update the SSL cert without downtime.
 

Brent W

Well-known member
You create a CSR on your server, input it at Cloudflare, CF generates your certificate and then you input it on your server like any certificate.

Argo is additionally a nice, cheap addition to CF, that gives you the fastest routing possible (Tier 1):

Argo is a service that uses optimized routes across the Cloudflare network to deliver responses to your users more quickly, reliably, and securely. Argo both reduces the number of cache misses and delivers significant latency improvements for requests that must interact with your origin.

CF really is a one-stop shop for improved performance and ease of use.
We use Argo on all of our sites. With the bandwidth charges, all sites combined it comes out to be an additional 130 a month or so. Worth it with the latency drop. We have members all over the world and they have always complimented how fast our sites are thanks to CloudFlare services such as this. Argo + Railgun on Christian Forums is amazing.
 

Anthony Parsons

Well-known member
Not so good for this test: https://gtmetrix.com
Actually, not true.

All online test mechanisms should never be used with Google services (third parties too), such as ads or analytics (fonts are part of a page load). These are async services that do not affect page loading, yet will affect online test bench outcomes, especially now GTMetrix shifted to full page load time (including ads), which is highly unreliable for its service connection capabilities.

I have done the comparison on my pages with and without ads / analytics scripts. Without, the page loads in 1.5 - 2 seconds. With, depending on the ad that gets shown, these benchmarks can report 5 - 20 seconds, all based on the ad.

Real-world, desktop or phone (4G), my pages load with ads in around 1.5 - 2 seconds on average after the first load.

Webpagetest is far more accurate as it breaks down the loading. I'm sure Brent will correct me if wrong, but I remember him saying his ads are managed by a third party company. His ads are much slower than Google ads directly. The third party company is slowing his ads from loading quite significantly.

Screen Shot 2017-06-01 at 8.14.47 am.png

First byte just under 500ms which is just acceptable according to benchmark specs, yet far better than the average website.

The render is actually taking closer to 2 seconds per page. His ads are taking as long as 8 to 10 seconds to load for me, real-time usage. Google ads direct typically load around 500ms to a second after a page is rendered, real-time for the user.

That "user time" of 8.7 seconds with ads, is about realistic for his site pages based on what I am getting. The pages themselves are loading without ads, after the first page load, around the 1 - 2 second mark.

I stopped using GTMetrix the moment they changed their system, because their spiders can't capture async ads in real-time loading time frames that occur for the user. They should have left them out as their system was originally, just providing page load times.
 

Anthony Parsons

Well-known member
I don't run ads on my forum home, and this is how unreliable GTMetrix is running consecutive runs:

Screen Shot 2017-06-01 at 8.27.21 am.png

Screen Shot 2017-06-01 at 8.27.57 am.png

That's nearly a full second difference. What total nonsense.

I run the same test consecutively at Web Page Test and now I get near similar benchmarks:

Screen Shot 2017-06-01 at 8.30.16 am.png

Screen Shot 2017-06-01 at 8.30.58 am.png

Verdict: DO NOT use GTMetrix for webpage benchmark any more. Super inaccurate.
 

Anthony Parsons

Well-known member
is comparing a test from VA to one in Australia
Yup. Being in Melbourne, Australia, and my main site is in New Jersey, 1.5 - 2.5 second page loads, complete, real-time usage. I'm seeing slightly quicker in real-time with christian forums (which I would put down to railgun), except for the ads which are super slow to load compared to the page rendering.
 
Top