HOW TO SETUP HTTP/2 SUPPORT (NGINX, APACHE, PLESK)

Gather November 9th 2015

I'VE BEEN KEEPING TRACK OF THE SPECIFICATION PROGRESS, FIND OUT HOW TO START USING HTTP2 HERE.

The Future of the Web is Here

Earlier this year (18th Feb 2015) it was announced that the IESG had formally approved the specification for both HTTP/2 and HPACK. After a 15 year wait since HTTP/1.1 the next MAJOR installment of how the web works is finally on its way to receiving an RFC number and to being published. One of my favourites is RFC1149 - let's be glad that is not how the web works today.

It was announced shortafter that Google's SPDY protocol (from which much of the HTTP/2 standard is based) was to be discontinued - there was really a lot of thanking here to those committed to the spdy project and how this has accelerated HTTP/2's standardisation.

 

Serve With Http/2 Now!

Well ok, not really this is still mod_spdy and therefore only a draft outdated specification,

though it makes sense to start additionally serving your content through HTTP/2 esque straight away.

 

Yes that's right, start serving proper HTTP/2 pages by following the guides below. With around 70% global support in browsers it's an absolute no brainer (via caniuse.com). Although you don't have much control over how your content is accessed, making it available is a bonus. For people who visit your site through an older web browser (supporting only HTTP/1.1) there will be no difference, though for those using a more modern browser, making HTTP/2 available is beneficial to their visit.

If you have a web server running either Apache (2.2.4+) or nginx mod_spdy will do thr trick, whilst nginx supports it natively there is an additional module required for support on Apache (mod_spdy) at the moment. Note that SPDY protocol (from which much of HTTP/2 is derived) requires an HTTPS connection.

There's also been a couple of improvements to the HTTP2 spec since the later versions of the spdy protocol. The largest one being that HTTP2 will support mutiplexing over multiple hosts, as opposed to a single host (that's a major advantage for sites using CDN).

 

Installing mod_spdy on Apache

Apache's mod_spdy is an opensourced module that allows requests over HTTPS to be served using the SPDY protocol. Recently Google has donated this project over to the Apache foundation to be integrated directly in the Apache, so far the module is only included in bleeding edge repositories, rather than in the main 2.4 repo.  It is planned for integration in apache 2.4, 2.6/3.0.  This module does not work with HTTP connections, so you need to purchase and configure SSL/mod_ssl first. 

 

Step 1: Install mod_spdy

Open a console as a root user and download the appropriate package for your linux distribution, run uname -m if you're unsure

 

//Debian/Ubuntu (32-bit) wget https://dl-ssl.google.com/dl/linux/direct/mod-spdy-beta_current_i386.deb //Debian/Ubuntu (64-bit) wget https://dl-ssl.google.com/dl/linux/direct/mod-spdy-beta_current_amd64.deb //CentOS/Fedora (32-bit) wget https://dl-ssl.google.com/dl/linux/direct/mod-spdy-beta_current_i386.rpm //CentOS/Fedora (64-bit) wget https://dl-ssl.google.com/dl/linux/direct/mod-spdy-beta_current_x86_64.rpm

Debian/Ubuntu
Install the packages

dpkg -i mod-spdy-*.deb apt-get -f install service apache2 restart

Centos/Fedora
Install the packages (requires 'at')

rpm -U mod-spdy-*.rpm service httpd restart

Step 1: Update your web stack

 

To start serving using HTTP2, you're going to need the following:

  • Apache 2.4.17, the first version of Apache with mod_http2 built in (mod_http2 is the renamed mod_h2 module)
  • NGINX 1.9.5, the first verison of nginx with official http2 support

 

Step 2: Configure & Test

The Google repository of mod_spy automatically installs an NPN TLS HTTPS extension for Apache adding support for HTTP/2 over HTTPS only, additionally if you require PHP to be served over HTTP/2 then you will need to configure PHP to run in cgi mode or PHP-FPM, rather than mod_php.

 

Apache

In short it's a quick reconfiguration of your apache config, add the following lines (whichever appropriate) - bare in mind that whilst HTTP2 protocol does not require SSL, many browsers that use http2 do

# for a https server #Protocols h2 http/1.1 # for a http server Protocols h2c http/1.1

A full guide for apache in Ubuntu is available here - via Pixelinc


NGINX

Again, it's a very simple recongifuration in NGINX - source

server { listen 443 ssl http2 default_server; ssl_certificate server.crt; ssl_certificate_key server.key; ... }

To test if HTTP/2 is working launch a web browser and goto http://spdycheck.org/ https://www.h2check.org/ - type your server domain name to check.

 

HTTP/2 in Plesk Control Panel
Users of Plesk control panel will need to make sure that the mod_spdy mod_http2 is selected as an enabled apache module in their admin/server/optimization-settings page

e.g. https://youserver.com:8443/admin/server/optimization-settings

 

Step 3: Watch out for updates

As this is new theres likely to be many updates with the software in coming months, be sure to keep your server software up to date.

 

Update 09/11/2015 - Real HTTP2 support

 

I've been meaning to do this for a few weeks, but time just seems to slip into other projects; however, I have updated the guide above with new information. Thanks Tyler for commenting your guide, to remind me do this.

Author Gather