My website does not show sensitive information (just public data, without users’ login), but I was told to implement Cloudflare’s ‘Full SSL’. However, since I did it, I’ve been experiencing speed issues, with TTFB values five times more than before.
I’ve done the following experiment with a very simple 92-byte HTML static page.
mywebsite.com/test.html … Wait time = 200 ms (average)
— Edge Certificates: ‘SHA 2 ECDSA’ and ‘SHA 2 RSA’ managed by CloudFlare
— Origin Certiciate: I’ve got “Let’s Encrypt” certificates.
foo.com/test.html (the same HTML code at the same server with other domain) … Wait time = 40 ms (average)
— Edge Certificates: just ‘SHA 2 ECDSA’ managed by CloudFlare
— Origin Certiciate: No certificates.
For my website, it’s important that TTFB are fast, and I wondered if it’s worth using ‘Full SSL’ in CloudFlare when I just need HTTPS protocol, but not a very strict security.
Thank you very much.