HTTPS is becoming more important every day. Last year Google started ranking HTTPS websites higher than HTTP only websites. Serving your websites over HTTPS instead of HTTP also gives your customers a feeling of security and trustworthiness. You can read more about why Google is ranking HTTPS websites higher here: https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
What is HTTPS and why is it important?
By default most web servers are using the HTTP protocol to send the websites to the browsers of your visitors. HTTP is not encrypted and everyone can read all the network traffic between your server and the computer of your clients. They would be able to see which products your clients are interested in, what products your clients are purchasing and even read the customer data like name, address, email and even password. Because of this the use of HTTPS is highly recommended.
HTTPS adds a secure TLS encryption to the complete network traffic so nobody can read the data your server is sending to your clients (and the other direction as well) except for the URLs. Most payment providers also require a (good) HTTPS implementation on your server. And more and more users are only trusting webs hops that provide HTTPS support.
What is Varnish and why should i use it?
Varnish Cache is a caching HTTP reverse proxy, or HTTP accelerator, which reduces the time it takes to serve content to a user. It reduces the system load and page loading times by saving the website in the cache memory after the first page load is complete.
The web server will then load the website directly from Varnish instead of PHP. PHP has to generate the website every time it is accessed which is a resource intensive process. It also has to read the PHP code from the hard disk instead of the faster RAM (where the cache storage is located).
With Varnish you get not only faster page load times, it also uses less system resources than PHP which means that the same hardware can handle more concurrent users as compared to the same setup without Varnish.
You can read more about Varnish with Magento in our Blog Post Varnish Cache – Best performance for Magento
Why Varnish and HTTPS?
In Magento page load times can increase if you have a lot of modules installed or if your Magento installation is highly customised. In e-commerce, page load times are very important because trying to purchase something on a slow web shop is very frustrating and often potential customers just give up waiting for the pages to load, especially if they can get the same product on a faster web shop. In order to speed up the page loads a caching solution is needed.
The websites will then only once be generated by Magento and then get saved in the cache storage. When the same page gets requested again it is then loaded from the much faster cache storage. This generally only works with static content without any problems, which is the reason why we have the Varnish cache disabled for logged in users and if the shopping cart is not empty. To make the shopping experience consistent (and consistently fast) and more secure we have to get Varnish working with HTTPS.
What are the problems to solve with Varnish and HTTPS?
In order for Varnish to be able to serve cached pages over HTTPS we need to terminate the HTTPS connection on the web server, send the request to Varnish and encrypt the response we get from Varnish again to send it back via HTTPS. This means that for Varnish all requests are HTTP and not HTTP and the web server (nginx) handles all the HTTPS requests. We have to do this because Varnish itself does not support SSL directly and probably never will
(If you want to know why: https://www.varnish-cache.org/docs/trunk/phk/ssl.html). While we are at it we can also improve Varnish by making it able to cache dynamic pages, for example when a user is logged in or there is an item in the shopping cart.
What is ESI and how does it work?
Edge Side Includes or ESI is a small markup language for edge level dynamic web content assembly. The purpose of ESI is to tackle the problem of web infrastructure scaling. It is an application of edge computing. (https://en.wikipedia.org/wiki/Edge_Side_Includes)
That means that with ESI Varnish is able to cache dynamic websites as well.
Or at least the static part of a dynamic page. For example we have the shopping cart information on every page of our web shop. If no Item is in the shopping cart then it will just say “Cart (0)”. If we now add an Item to the shopping cart we want that to update to “Cart (1)” (or “Cart (2)” for 2 items etc…) while the rest of the page stays the same.
example dynamic content: CART (1)
With ESI we can tell Varnish to load the static page from the cache but replace just this small part with a dynamic version directly from Magento. Instead of loading the whole website from Magento we now only load a very small part of it which results in the performance improvement of the Varnish cache without sacrificing on the features of the website.
We are now able to serve fast, cached websites both via HTTPS and with dynamic content for all users on all your pages to improve the general experience your customers are having on your website. And the best part about it: You don’t need to worry about how it works at all! Starting with our Ultimate Plan we include Varnish in all our Setups and we will set everything up for you so you can have the best performance possible and the happiest customers.