SPDY, OCSP stapling, HTTPS Cipher list and APCu

v998

Verified User
Joined
Jun 27, 2014
Messages
14
Nginx can be configured with SPDY, why not support it?

OCSP stapling are available since Apache 2.3 or Nginx 1.3.7, this can help reduce TLS handshake time, please consider support it.

For the HTTPS Cipherlist, AEAD ciphers (e.g. AES-GCM) should be prioritized on the top, but the current config of the webservers are using AES256 then AES128 (however AES256-GCM are not widely supported, so it goes to ECDHE-AES-256-CBC), which Chrome tells it is an obselote cryptography. Please consider changing the cipherlist, here (Search for 'Cipher Suite Configuration') is an example.

And as APC is replaced by the Zend Opcache, but Opcache do not have the User Cache function, so APCu provides a user cache for the PHP.

Thanks for reading.
I hopes DirectAdmin team can consider enabling these functions because they can make websites faster and safer.
 
I also asked this before. I have SPDY configured now.

I would also like OCSP stapling.
And I agree with the ciphers.

For me Opcache / Memcached is working fine.
 
Back
Top