HTTP 2 : HTTP/2 (HTTP/2.0) is the major upgrade over older version HTTP/1.1 protocol.HTTP/1 was released in 1997 and after a long time the HTTP/2 is released in 2015. HTTP/2 (originally named HTTP/2.0) is the second major version of the HTTP network protocol which was released by Internet Engineering Task Force (IETF) HTTP Working Group. HTTP/2 protocol is based on SPDY (generally known as speedy). Some of the key improvements of HTTP/2 are:
- Server push: Server will pro-actively sent components to clients, So clients doesn’t need to wait for sending requests to server.
- Multiplexing: Reducing number of active connection by bundling multiple HTTP requests from client and sent to server.
- Encryption: efficiently use to encryption with TLS protocol in HTTP/2 over HTTP/1.1.
- HTTP header compression: Compressed headers will reduce the overhead of additional requests to web server.
It’s based on SPDY, SPDY (pronounced speedy) is an open networking protocol developed by Google to serve web content with reducing web page load, latency and improving web security. This can be achieved through compression, multiplexing, and prioritization. HTTP/2 will support HTTP & HTTPS but most of the browsers only support https with HTTP/2. If you want to avail advantages & performance benefits of HTTP/2 better migrate to HTTPS instead of HTTP.
HTTP/2 Improvements Support (NGINX, APACHE, PLESK)
- HTTP/2 is binary, instead of textual.
- It is fully multiplexed, sending multiple requests in parallel over a single TCP connection.
- It uses header compression HPACK to reduce overhead.
- It allows servers to “push” responses proactively into client caches instead of waiting for a new request for each resource
- It uses the new ALPN extension which allows for faster-encrypted connections since the application protocol is determined during the initial connection.
- It reduces additional round trip times (RTT), making your website load faster without any optimization.
- Domain sharding and asset concatination is no longer needed with HTTP/2.
- For more details about HTTP2 improvements
- For more details about HTTP2
- http working group link.
Install or Update Apache 2.4.17 PPA for Ubuntu/Mint
HTTP/2 protocol supported over Apache version >=2.4.17. So make sure that your Apache version supporting HTTP/2 protocol. If you have not installed Apache or using older version upgrade it first. Use the following commands to add PPA for installing latest Apache2 version on your Ubuntu system.
- No need to add the PPA to latest version of Ubuntu & LinuxMint systems because by default official package available.
$ sudo add-apt-repository ppa:ondrej/apache2
$ sudo apt-get update
$ sudo apt-get install apache2
- Check Apache2 version.
$ apache2 -v
Server version: Apache/2.4.17 (Ubuntu)
- By default CentOS 7.x, Fedora 23, 24 & openSUSE 42.1 official package available for Apache 2.4.17. For other distributon, we need to install manually, Also we need to install
mod_http2module to RPM based system, which will enable automatically on apache while restarting.
Enable HTTP/2 in Apache Module
HTTP/2 protocol requires SSL/TLS virtual hosts. You can’t use HTTP/2 protocol without SSL/TLS enabled websites. Now edit your website VirtualHost and add http2 keyword in listen section.
Use the below command to enable HTTP2 module in Apache.
[Enable HTTP2 module in Ubuntu/Debian/Mint System]
$ sudo a2enmod http2
[Install HTTP2 module in RHEL/CentOS/Fedora 21 and older Systems]
$ sudo yum install mod_http2
[Install HTTP2 module in Fedora 22 and later Systems]
$ sudo dnf install mod_http2
Now configure a VirtualHost with SSL for your domain and use following online tool for testing HTTP/2 support on your website.
TLS Support For HTTP 2
Most people will want to use HTTP/2 with browsers and browser only support it on TLS connections (
https:// urls). You’ll need proper configuration for that which I cover below. But foremost what you will need is an TLS library that supports the ALPN extension.
ALPN is neccessary to negotiate the protocol to use between server and client. If it is not implemented by the TLS lib on your server, the client will only ever talk HTTP/1.1. So, who does link with Apache and support it?
OpenSSL 1.0.2and onward.
LibreSSL 2.1.3and onward.
If you get your library from your Linux distro, the version number used there might be different from the official OpenSSL releases. Check with your distro in case of doubt.