If you're using HTTPS on your Apache-driven websites and want to make use of HTTP Protocol 2, Jack Wallen has the steps you need to take to make this happen.
HTTP/2 is much faster than HTTP/1.1. The HTTP/2 protocol achieves this by enabling web browsers to send multiple, simultaneous requests to the server. Unfortunately, out of the box, the Apache2 installation in Ubuntu Server defaults to HTTP/1.1. In order to make use of HTTP/2, you must jump through a few hoops. I want to walk you through the steps of enabling HTTP/2 on a Ubuntu Server 16.04 platform. It's not terribly hard, but there are a few requisites.
First and foremost, your web server must be making use of HTTPS, so you'll need to have an SSL certificate installed. Since you cannot make this work with a self-signed certificate, you will need to make use of a tool, such as Let's Encrypt.
You will also have to have a version of Apache that is at least 2.4.26. Any release prior to that and HTTP/2 is not production-ready.
Let's take care of the Apache2 requisite. Fortunately, the maintainer of Certbot has created a repository for this. To upgrade Apache2 to this version, issue the following commands:
sudo apt install software-properties-common sudo add-apt-repository ppa:ondrej/apache2 sudo apt update sudo apt install apache2
Enable the HTTP/2 module
Now that you've taken care of the requirements, you can enable the HTTP/2 module with the command:
sudo a2enmod http2
With that module enabled, restart Apache2 with the command:
sudo systemctl restart apache2
Enable your sites
The next step will be to enable your sites to make use of HTTP/2. This will work for those sites you've enabled HTTPS. For the sake of simplicity, let's say you've enabled the default site to work with HTTPS. The configuration for this will be found in /etc/apache2/sites-enabled/000-default-le-ssl.conf.
Note: All sites in which you've enabled HTTPS, via Let's Encrypt, will end with le-ssl.conf.
Issue the command sudo nano /etc/apache2/sites-enabled/000-default-le-ssl.conf and add the following tag after the <VirtualHost *.443> directive tag:
Protocols h2 http:/1.1
Save and close that file. Restart Apache2 with the command sudo systemctl restart apache2. If you've taken care of all the requirements, your Apache server should now be capable of working with the HTTP/2 protocol. You can test that site with the likes of the Firefox HTTP/2 Indicator extension. With that extension installed and enabled, you will see a blue lightning bolt, in the address bar, for any site that uses HTTP/2 (Figure A).
Enjoy that faster Apache server.
- Apache or NGINX: Which web server is right for you? (TechRepublic Video)
- 5 tips for better NGINX security that any admin can handle (TechRepublic)
- How to install Apache on Fedora 26 through Cockpit (TechRepublic)
- How to configure Apache mod_deflate to enhance web server performance (TechRepublic)
- How to run vulnerability scanning against your web server with Nikto2 (TechRepublic)
- Equifax confirms Apache Struts security flaw it failed to patch is to blame for hack (ZDNet)