What is ModPagespeed?
mod_pagespeed is a Google web server module that applies chosen filters to pages and associated assets (stylesheets, JavaScript, and HTML files), as well as to images and website cache requirements.
You can use it to automatically optimize and boost your site performance.
To use though, you have to explicitly enable it.
WARNING
While you can start using this right way, it is very important to point out that Mod_pagespeed may cause stability issues if misconfigured.
When you enable ModPagespeed, it will start with standard core filters that are known to be safe for most websites.
Before adding a new filter, make sure that you understand the risk.
We assume that you have the technical experience as we won't be providing support for mod_pagespeed issues.
We highly recommend that you try everything out in a development environment before enabling mod_pagespeed on a live website.
If you discover after enabling mod_pagespeed that your website is having issues, please disable mod_pagespeed.
Security Considerations
Changes to a website have the possibility of introducing new security holes and Pagespeed is not an exception to this rule.
If you adding additional filters, do bear in mind that any time you reference untrusted content on your website, you are at risk of a security attack.
This is most clear for JavaScript which will have access to your domain's cookies because of the Same Origin Policy.
It can also be true for CSS, which can contain JavaScript references (ex. the IE behavior property).
Even images in certain situations can be used in attacks (ex: GIFAR attack).
Try not to reference untrusted content on your website. If you do store user content or other untrusted content, keep it on a separate cookie-less domain and do NOT tell PageSpeed to rewrite from that domain to your main cookied domain.
Serving Private Content
Explicitly mark private content as not publicly cacheable because PageSpeed will re-serve resources that are publicly cacheable.
If you serve private content as publicly cacheable, PageSpeed will proxy it to any who requests a specific URL.
How To Enable ModPagespeed For Individual Website
You can easily enable mod_pagespeed on any domain by simply following the steps below:
Log in to cPanel
Ensure that the domain you are activating ModPagespeed on is HTTPS enabled.
Select File Manager from the Files section.
Select the .htaccess file and click on Edit. if the file is not visible, configure File Manager to show hidden files. If still after that you can't see a .htaccess file, then you need to manually create one.
Add the following to the file:
ModPagespeed on
The complete code to use is available at https://cdn.webhostingmagic.com/announcements/modpagespeed-on.txt as a downloadable file.
Save and close the file.
Now visit the website to make sure that everything is OK.
How To Verify PageSpeed is Enabled
Once you have enabled mod_pagespeed optimization, you can easily verify it works either by:
- reviewing the response headers via your favorite browser's developer tools
- checking for the headers using the curl command:
curl -v --silent https://example.com/ 2>&1 | grep pagespeed
- viewing your web page source code and looking for instances of "x-mod-pagespeed "
- or using third-party tools such as https://securityheaders.com or https://www.sureoak.com/seo-tools/http-headers-checker to check the header and look for ModPagespeed.
