Okay, thanks for the advice. Looks like I had other issues, my wife's MacBook and one of my Raspberry Pi's were fighting for the same IP address, to the point that the MacBook's host name was that of the Pi. Fixed that, then I started looking at my WiFi signal, the Mbps was extremely low on upload and download streams even though I'm in the same room with the cable modem. I live in an apartment and have to change WiFi channels periodically. I put my iMac back on an ethernet connection and everything improved, some sites like slashdot and linux.com still hesitate, but load much faster on a wired connection, of course. I'm going to keep tinkering around on my my wife's MacBook and my Linux laptop to see if I can improve anything on WifFi connected machines.
I just wanted to add to this - me too.
My ISP is BT in the UK which has a very large market share so this would also affect a lot of users in the UK.
Following along with all the above. I'm seeing some slow load times for some pages. Not sure what's up yet. I don't have an IPv6 address assigned, so that's probably not my issue? Also, I'm taking a stab at running this on debian on google cloud vs. my rpi. Thoughts?
Thanks!
Make sure your port 443 rejects traffic instead of dropping it.
Thanks for the response. Where should be be rejected specifically? For the redirects that go back to the lighttpd instances?
Use iptables:
iptables -A INPUT -p tcp --destination-port 443 -j REJECT
Thanks. That does make sense. However, I configured lighttpd and the admin service to use HTTPS. I have a habit of securing connectivity, especially when transmitting passwords. But I see where you're going, so I'll do some digging on options. Thanks again!
If port 443 isn't dropping traffic, then it should be fine.
I've been reading up on iptables lately, would multiple rules for 443 be beneficial?
-i is input versus -o for output?
I'm personally not well versed with iptables beyond the basics, so whatever fits your situation.
No, you specify if a rule applies for in- or output by adding it to the appropriate chain (-A INPUT or -A OUTPUT).
I was running into this issue but only on Chrome for Android specifically -- no other computer, browser, etc. -- and it hadn't happened before. I remembered I recently installed Uncomplicated Firewall onto my pihole and decided that must be the issue, and it is. I had ports 22, 53, and 80 allowed from local IPs on both UDP and TCP, and every other port was set to "deny".
Neither allowing port 443 nor rejecting port 443 fix the slow loading issue for me. The only way to fix the loading issue is to disable the firewall completely. Is there another port I should be aware of?
Have you tried ufw reject https instead of just allowing the default deny rule to take place on that port?
I tried that and it works perfectly! Thank you so much!
You're welcome, it short circuits out the process and immediately says "No connection" instead of waiting for a DROP to timeout.
I did open 443/tcp that did solve the issue for me with slow loading on some pages 
So I have open port 80/tcp 443/tcp 53/tcp and udp in ufw is it any more ports that I need to open?
Those should be all the ports required.
I know that this is an old thread but this just bit me this morning. Here's a workaround script while someone smarter fixes it properly. I have this run in my cron hourly.
I re-wrote @linuxpng's script to work with the current RPI's ifconfig output, modernized it a bit, and hosted it here: