+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / SSL: Page rendering too slow

SSL: Page rendering too slow

3 posts, 0 answered
  1. Saumitra
    Saumitra avatar
    127 posts
    Registered:
    10 Mar 2009
    21 Jan 2011
    Link to this post
    Hi,

    We have a website created using Sitefinity 3.7 SP3. The site has been deployed on two production servers which are behind a load balancer. Some of the pages in the site require SSL. Not knowing the Require SSL property in the page options, our client has enabled SSL for those pages on the load balancer (SSL Off-loading). When I try to set the Require SSL property to "Yes" for one of those pages, the page renders too slow. Sometimes the page doesnt render at all and the browser window has to be closed ultimately.

    Both the web servers have proper SSL certificates installed. What could be the cause of such a behaviour ??

    Thanks,
    Saumitra
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    19 Sep 2016
    21 Jan 2011
    Link to this post
    Hello Saumitra,

    Something is not correct with the SSL redirection and probably this causes endless loops.

    What Sitefinity does is switching the protocol depending on whether you have SSL or not for a given page.

    Each page has a property RequireSSL . If this property is set to true the page will open under SSL.
    When "Require SSL" is set to No the request is processed to the HTTP port.

    Inside <cms> node of website config file you could try adding =the following parameters that affect the SSL redirection.

    • ToHttpsOnly redirects only to HTTPS if RequireSSL  is true.
    • None - no redirection regardless of the RequireSSL page property
    Both - this is the default value- redirects in both directions regarding the RequireSSL property.

    Most probably there is some redirect that breaks the redirect. Check your SecureBindings metabase.



    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. OregonTech
    OregonTech avatar
    9 posts
    Registered:
    08 Jan 2009
    24 Apr 2012
    Link to this post
    We just got a hardware load balancer at our organization and I ran into a similar problem. It's been over a year since your post so I'm guessing that you've probably resolved this, but I'm going to post a detailed description for anyone else that may run into this. The problem is that when you are doing SSL offloading, the expectation is that your web servers are NOT performing any SSL functions.  What is happening is that your load balancer is actually contacting your web servers on the standard HTTP port 80.  When a page that has RequireSSL set to true is hit, the web server attempts to redirect the user to HTTPS, which causes a redirection loop because the load balancer will keep directing traffic to HTTP on the web server.  My solution was to set <cms sslRedirection="None">, and have the load balancer pass a header called "Front-End-Https" when it was accessed over HTTPS. I then wrote a HttpModule that looks for that header and redirects to HTTPS when RequireSSL is on for that page, but the "Front-End-Https" header is not set.  The code for the HttpModule is below:
    using System;
    using System.Web;
     
    using Telerik.Cms.Web;
     
    namespace OIT.Website
    {
        public class HttpsRedirectionModule : IHttpModule
        {
            public void Init(HttpApplication application)
            {
                application.BeginRequest += new EventHandler(Application_BeginRequest);
            }
             
            private void Application_BeginRequest(Object source, EventArgs e)
            { 
                HttpApplication application = (HttpApplication)source;
                HttpContext context = application.Context;
                 
               //If the page is not accessed via HTTPS
                if (context.Request.Headers["Front-End-Https"] == null)
                {
                    CmsSiteMapNode siteNode = (CmsSiteMapNode)SiteMap.Provider.CurrentNode;
     
                    //Check if the page exists in the site map, and if RequireSSL is set for the page
                    if (siteNode != null && siteNode.RequireSSL == true)
                    {
                        context.Response.Redirect(context.Request.Url.ToString().Insert(4, "s"));
                    }
                }
            }
     
            public void Dispose()
            {
            }
        }
    }
Register for webinar
3 posts, 0 answered