Paper Lantern for cPanel accounts is being retired this year. Find out more »
cPanel & WHM Version 102 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

Do not block KeepAlive for SSL connections over Internet Explorer 6+, only Internet Explorer 5 and below where the problem exists.

Liroy van Hoewijk shared this idea 8 years ago
Open Discussion

A while ago, Microsoft demonstrated what they do best: have buggy implementations of standards in their products. Namely for IE 2 to 5: their SSL implementation was bugged. However, these days (and since quite a while already) they have made amends and (partially...) fixed that particular issue. The problem in those browsers required Keep-Alive to be disabled for SSL connections when people were actually using IE. (the horror.)

Allegedly, there have been some reports that the problem might still exist in newer versions: but in another way.

However, cPanel/Apache still blocks SSL Keep-Alive for all versions of MSIE by this line in the directives:

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

This should be changed to:

SetEnvIf BrowserMatch ".*MSIE [2-5]\..*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

SetEnvIf BrowserMatch ".*MSIE ([6-9]|[0-9]{2}).*" ssl-unclean-shutdown

That will ensure that the older IE versions are being forced back how they're supposed to: but newer versions of this poor browser will be able to actually take advantage of Keep-Alive on SSL and significantly speed SSL connections up, while still fixing other problem areas with IE.

Not sure if cPanel can fix that, but I do believe cPanel generates vhosts? If so: you can, and should. ;)


Leave a Comment
Attach a file