Please read this discussion thread from 2 years ago for a discussion on the pros/cons of this approach: https://news.ycombinator.com/item?id=2759596
Yes.. disabling DHE ciphers will speed things up. Please understand the security implications of what you're doing. The ephemeral Diffie-Hellman cipher suites are the only way to achieve that Perfect Forward Secrecy that's been all the rage lately (sure, there are plenty of ways to screw it up even then, but it's a prerequisite).
At least consider leaving tossing a few ECDHE ciphers at the start of the list. They're plenty fast, and are a good foundation for providing PFS for your users.
One more thing I'd advise is adding this directive if you're running Nginx 1.3.7 or higher:
The tech behind this is explained here:
Lastly, if you can be bothered to build Nginx 1.4 (1.4.2 is the latest version at the time of writing), you can enable SPDY support as well.
Sadly, these days we want PFS everywhere to stop the snooping apparati, but if you're not really important and just want to stop local network or MiTM snooping, removing PFS should be okay (at least for my boring sites).
One of the performance perks comes from the session cache. Is there an effective way to share that cache between machines serving on the same hostname? For instance: ten servers all serving round robin requests for www.example.com.
Why do people do this?! t1.micros run beautifully at load for 30 seconds then essentially stop entirely for a while... not to mention having much slower internet than even a m1.small.
> Why do people do this?
Add in others' comments about this basically compromising security for speed and this is a bit of an irresponsible article.
pm.max_children = (total RAM - RAM used by other process) / (average amount of RAM used by a PHP process)