OK - there will be a number of apache restarts this morning while I make some more changes but they are more tidy up than likely to address the issues being experienced.
I'm going to disable TLSv1 and RC4 because they really shouldn't be supported any more and are only used by very old browsers. Likewise, we really should disable SSL3 as it is vulnerable to attack but (unfortunately) still used by Windows XP users and we still have quite a few of those.
Those having extreme latencies need to give me some data to work with as telling me that it takes 20-25 seconds to load a page is useless without knowing what your browser is doing in that time.
There are two servers involved in the TLS handshake - ours plus the Comodo one for verification.
As a starting point can you run the following two commands from a Command prompt and email the results to
admin@fordforums.com.au
tracert 66.226.77.74 > aff.txt
tracert 91.199.212.151 > comodo.txt
You can also go to
THIS SITE and perform a detailed speed test which will give you (and therefore us) a very detailed breakdown.
Only run the test for Brisbane as it takes forever to run the whole lot and you'll get a lot of extraneous data as it can only mimic an unregistered user and will thus load a lot of Google ad elements.
When the test completes, you'll see two tabs. One for first visit and one for Repeat visit. Click on the repeat visit tab and then click on the 'view waterfall2' button. Then click on the performance tab and look at the 10% of slowest elements and copy / paste those into an email top the same address mentioned above.
Cheers
Russ