Do not block KeepAlive for SSL connections over Internet Explorer 6+, only Internet Explorer 5 and below where the problem exists.

A while ago, Microsoft demonstrated what they do best: have buggy implementations of standards in their products. Namely for IE 2 to 5: their SSL implementation was bugged. However, these days (and since quite a while already) they have made amends and (partially...) fixed that particular issue. The problem in those browsers required Keep-Alive to be disabled for SSL connections when people were actually using IE. (the horror.)

Allegedly, there have been some reports that the problem might still exist in newer versions: but in another way.

However, cPanel/Apache still blocks SSL Keep-Alive for all versions of MSIE by this line in the directives:

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

This should be changed to:

SetEnvIf BrowserMatch ".*MSIE [2-5]\..*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

SetEnvIf BrowserMatch ".*MSIE ([6-9]|[0-9]{2}).*" ssl-unclean-shutdown

That will ensure that the older IE versions are being forced back how they're supposed to: but newer versions of this poor browser will be able to actually take advantage of Keep-Alive on SSL and significantly speed SSL connections up, while still fixing other problem areas with IE.

Not sure if cPanel can fix that, but I do believe cPanel generates vhosts? If so: you can, and should. ;)

Thanks.