What hardware is the webserver running, and what HTTP server are you using?

From my general understanding, use of nginx and HTTP2 should minimize any additional SSL usage load significantly (along with general page load). HTTP2 is only available as a patch to stable (I think), and mainline, but even with stable versions, SPDY exists). Both the main Phoronix page and the forums use neither HTTP2 nor SPDY (so if you really want to lessen load; that's probably a good place to start).

No idea what the SPDY or HTTP2 situation is on Apache or any other HTTP server, but if you're struggling for performance already, I'd at least hope you're using nginx or something other than Apache (although as I understand, newer versions can use some multithreaded engine (event) similar to nginx that make it a little more acceptable for large loads).

Use of Cloudflare essentially makes HTTPS pointless. With non-HTTPS, you just risk getting MITM'd. With Cloudflare, you're always MITM'd and get to deal with Tor users (and as I hear, even VPN users) getting hassled with captcha.

Edit: As for what I think about this decision, I agree with post #4.

I block ads (more specifically, I block various forms of tracking and malware; ads just happen to fall under that most of the time). I don't do this out of spite for content developers, I do this simply for security/privacy, system resource usage, and bandwidth purposes. Advertisements only benefit the host considering they get compensation for how many people just view it. Meanwhile, the end-user has to deal with what I previously mentioned, along with annoyance. I go by word-of-mouth product advertisements, not a flashy banner on a website. The latter is a good way to get me to ignore the product.

I might suggest finding out how to make premium more appealing for users (without lopping of features of non-premium users) and stop relying so much on advertisements. $3/month is a decent option, but some people even find this a little hard to do monthly.

One idea might be to have multiple tiers of premium, or at the very least, add a subscription payment option for $1/month, or maybe just use a pay-what-you-want ordeal. I realize this is a cheap price for premium, but this would get more people on-board who otherwise wouldn't be giving you anything.

Use Humble Bundles for a random example. Majority of the games included in the bundles wouldn't be outright bought by me. A pay-what-you-want option with the min as a $1 for Steam keys makes it a nice option for me to pay for the games that I otherwise wouldn't have paid anything for, and it easily makes for a nice gift option. Meanwhile, people who want to donate more than $1, but not be constrained to a specific price, can pay whatever they want (maybe $3.50, maybe $112, and maybe $1532).

PHP tends to be slow. I would suggest rewriting the page in C++ or Assembly.

For the news, this is total overkill! Why have dynamic pages anyway? Why not static pages lets say with with jekyll?

16 Haswell cores, 96GB RAM, SSD, 100mbps connection.

Apache due to a variety of reasons.

Hmm, which MPM for Apache? Using the built-in PHP thing or something like PHP-FPM?

I don't get why people care so much about HTTPS on sites like this. There's no sensitive info being passed around here, and w/e privacy benefit there is to it (if there even is one) is negligible at best. It's basically extra money being spent and extra server load for no reason.

My normal argument to this is that any site dealing with any kind of credentials (which this site does; hence a username, password, and email address being required for an account) should use HTTPS nowadays. Under decent setup conditions, the additional load should be negligible.

I'm not a veteran webhost or anything, but I'm having a hard time trying to imagine what kind of load would overpower a 16 Haswell core, 96GB RAM machine. The only other thing I can think of is that the Apache setup being used isn't optimized at all, in which case, I'm kind of curious why nginx and php-fpm wouldn't be a better choice (what are the "variety of reason"?).

Edit: Also, HTTPS prevents basic script-kiddie (more prevalent at public locations and anyone on the network you're on, malware, etc) and even ISP website modifications (Comcast's recent mess involving this is with them displaying pictures on-top of non-HTTPS websites telling people to upgrade their modems), along with credential sniffing. The general point is, HTTPS is pretty important to use with plenty of reasons for it, and there's little reason not to nowadays.

I'm about 99.999% certain that you've got some seriously bad code running on this. Forget about the people who say you shouldn't be running PHP, for what this site appears to be doing *WITH* PHP, and the kind of loads that this site can reasonably be assumed to receive, that kind of hardware is massively overkill... ***FOR A PHP SITE***.

The problem is that there is a VAST difference between somebody who can whip off a few "cool features", and somebody who actually understands how code runs.

I manage a number of people of all different skill levels, who work on different kinds of projects in different kinds of languages, including some very dynamic php/sql sites that certainly handle a much greater amount of traffic than phoronix, no offense. The PHP people are *by far* the worst, when it comes to optimizing code. One lousy script that does something (really) stupid, like a nested loop that iterates over a list several times instead of letting the sql server select the result from a properly indexed table, can make the difference between the server's CPU load being an easy 5-10%, and being on its knees.

FWIW https://www.gamingonlinux.com runs two simple cloud servers (1 core on each, 1gb ram on each) and we have zero issues serving https to everyone.

It sounds like some ppl have been off their medication since christmas, and now others have to suffer the consequences of it.

Phoronix is a news-site, without any banking services or the like??!? Better hurry up getting those images https encryped, Michael, before THEY find out!