1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:49 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Apache SSL configuration

mixed https/http content in webfiles

         

victors

8:49 pm on Dec 5, 2010 (gmt 0)

10+ Year Member



Hi everyone,

We have a strange problem which is occurring right now and it's affecting our website.

We have an Apache 2.2.4 website that runs on HTTPS. Our webfiles contain some HTTP links and there are a lot of HTTP links inside these webfiles because many people have contributed different content which is located on our http url.

The problem is that, right now, HTTPS url is loading extremely slowly, in fact it's sometimes not loading at all, it just trying to load. I checked our SSL certificate but it's good until 2012.

My guess is that the problem stems from a mixed content of HTTP and HTTPS inside our webfiles, but why it has started slowing down so much just now is a mystery.

Is there an Apache SSL configuration directive that can be made to ignore mixed HTTP/HTTPS content in webfiles?

Please, let me know, we run an ebusiness and rely on our website to work.

Thank you,
Victor.

jdMorgan

2:41 am on Dec 7, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It may be that your site is just "busy" recently -- either because of an up-tick in legitimate traffic due to holiday-season shopping, or due to 'harvesters' spidering your sites so that they can make some (unknown) use of your content, or due to an actual malicious "attack" -- It is impossible to tell without reviewing your access logs or 'stats.'

However, note that you should not have an "HTTPS Site" -- Only the pages of your site which actually need to be secure should be accessed by HTTPS, and all the rest should be accessed by HTTP. Using HTTPS for everything on your site puts a large and unnecessary load on your server, and that extra load will slow it it down, since it has to encrypt every response that it sends to a browser... That will keep the CPU very busy.

You may link from HTTPS pages to HTTP pages, and vice-versa. However, all objects included within HTTPS pages (for example, images, CSS, and JavaScript files) should be linked using HTTPS URLs, and all objects included in HTTP pages should be linked using HTTP URLs. If you break this rule, then the browser will show "Mixed secure/insecure content" warnings, which is a sure way to scare off visitors and lose business...

Note that you can use page-relative or server-relative linking on these objects to avoid having to specify the full canonical URLs including the protocol.

Jim
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:49 am May 2, 2026