Hi,
welcome to the IPFire community and thank you for your feedback.
First, I was surprised after the almost 300mb download that I had to plug in to internet during install to get more downloads. What is downloaded that couldn’t be included in the iso? Updates I assume?
Hm, if you used an outdated ISO file, those probably were updates indeed. Are you running a 32-bit installation (which we do not recommend any more for security purposes)? In this case, your system most likely downloaded the PAE kernel for addressing RAM beyond 3072 MByte.
So certificate issue needs to be fixed or there needs to just be standard http option.
Unfortunately, we cannot change this: Browsers require valid x.509 certificates signed by certificate authorities (CAs) they trust, otherwise, they will display a warning. We cannot request such a certificate as we have no idea who is going to run IPFire using which FQDN.
Some ISPs bake a (valid!) certificate for fritz.box or speedport.ip (german Telecom) into their routers, which is a pity since
- there is no way of changing the devices’ FQDN without making the certificate invalid
- if the embedded private key is lost, an attacker can abuse the trusted certificate (e. g. for attacks against other customers of the same vendor)
Transmitting the web interface contents in plaintext is dangerous as well, since you have to authenticate and an attacker might alter your inputs in transit. Indeed, permanently storing certificate exceptions is not easy nowadays, but I managed to do so in Firefox.
A logout should be standard as well.
You will be logged out as soon as you close your browser window.
If so I will happily donate to the project.
We will certainly appreciate it. 
The projects’ funding situation is poor, and practically all people are working for it in their spare time.
Unfortunately, I cannot give you any advice regarding QoS. It works on every IPFire machine I administer, but I am not very much into it’s technical details.
Thanks, and best regards,
Peter Müller