Enabling HTTP/2 on my server


  • Applies to: DV
    • Difficulty: Medium
    • Time Needed: 15
    • Tools Required: Plesk administrator access, SSH access
  • Applies to: DV 4.0
    • Difficulty: Medium
    • Time Needed: 15
    • Tools Required: Plesk administrator access, SSH access
  • Applies to: DV Developer
    • Difficulty: Medium
    • Time Needed: 15
    • Tools Required: Plesk administrator access, SSH access
    • Applies to: Grid Service
      • Difficulty: Easy
      • Time Needed: N/A
      • Tools Required: N/A
  • Applies to: Managed WordPress
    • Difficulty: N/A
    • Time Needed: N/A
    • Tools Required: N/A

Overview

Unfortunately the Managed WordPress servers do not support HTTP/2 at this time. However, should this feature become available in the future, this page will be updated.

If your site requires HTTP/2 immediately, there is the option to migrate your site(s) a Grid server which supports HTTP/2 by default.

Overview

The Grid currently operates on Apache 2.4 which supports HTTP/2. To test this, you can use a third-party website such as https://tools.keycdn.com/http2-test.

Keep in mind, HTTP/2 will only work with an active SSL. In a push to make the internet more secure, no browser currently supports HTTP/2 over an unencrypted network.

test-1.png

Overview

Good news! Plesk 12.5 (with update #28 and above) now includes support for HTTP/2. This is a major update to HTTP1.1, which is over 15 years old. As you know, the internet has grown quite a lot over that time. HTTP/2 is designed to be a nimbler, more reliable protocol than its predecessor. This article explains how to enable HTTP/2 on your Media Temple DV with Plesk. 

From the official HTTP/2 Github FAQ: "Why revise HTTP? HTTP/1.1 has served the Web well for more than fifteen years, but its age is starting to show. Loading a Web page is more resource intensive than ever (see the HTTP Archive’s page size statistics), and loading all of those assets efficiently is difficult, because HTTP practically only allows one outstanding request per TCP connection.In the past, browsers have used multiple TCP connections to issue parallel requests. However, there are limits to this; if too many connections are used, it’s both counter-productive (TCP congestion control is effectively negated, leading to congestion events that hurt performance and the network), and it’s fundamentally unfair (because browsers are taking more than their share of network resources). At the same time, the large number of requests means a lot of duplicated data “on the wire”. Both of these factors means that HTTP/1.1 requests have a lot of overhead associated with them; if too many requests are made, it hurts performance. This has led the industry to a place where it’s considered Best Practice to do things like spriting, data: inlining, domain sharding and concatenation. These hacks are indications of underlying problems in the protocol itself, and cause a number of problems on their own when used. "

Advanced Support can help!

If you're having trouble with the steps in this article, additional assistance is available via Advanced Support, our premium services division. For more information on what Advanced Support can do for you, please click here.

Instructions

Testing for HTTP/2

An easy way to check if your server supports HTTP/2 is by using a third-party website such as https://tools.keycdn.com/http2-test.

cp-0.5.png

If you receive results saying HTTP/2 is unsupported, feel free to review the instructions below on how to enable HTTP/2 for your server. Then revisit this test to check if HTTP/2 was successfully enabled.

Plesk

Use this guide to configure your Plesk-managed sites to use HTTP/2. 

Important Notes:

  • Nginx versions 1.9.14+ support HTTP/2. 
  • HTTP/2 will only work with an active SSL. In a push to make the internet more secure, no browser currently supports HTTP/2 over an unencrypted network. 

Google Chrome: A policy update for the Chrome web browser that was released in May/2016 removes support for NPN. This means that many Chrome users are seeing sites default back to HTTP/1. For Media Temple DVs managed with Plesk, support for HTTP/2 over Chrome is largely dictated by which version of CentOS you are using.

  • CentOS 6 - OpenSSL has not been updated in NGINX on Plesk for Centos 6. HTTP/2 can NOT be used in Google Chrome for CentOS 6 with Plesk at this time.
  • CentOS 7 - The latest micro-update of Plesk on CentOS 7 has OpenSSL 1.0.2h. Ensure that HTTP/2 continues working for Chrome users by updating to the latest version of Plesk.

1. Begin by making sure that you're using Plesk 12.5 (update #28 and above) and that it's updated. To update Plesk, use the update tool found in Tools & Settings >> Updates and Upgrades.

 

2. If you haven't done so, purchase and install an SSL. An SSL significantly increases the security of your site, and all browsers currently require one when using HTTP/2. You may also easily install a free SSL using the Let's Encrypt extension for Plesk. Instructions are found here. Sites that do not have an SSL enabled will default to using HTTP1.1. Media Temple SSL certificates offer a one-click domain-ownership verification option for domains using Media Temple DNS servers and also provide a one-click installation option for Plesk.

3. Verify that your version of Nginx is 1.9.14 or later and that it is running.

  • Navigate to Tools & Services >> Server Components. Scroll until you see Nginx and verify that the version is compatible with HTTP/2. This should be fine as long as you are using an up-to-date version of Plesk 12.5.
  • Navigate to Tools & Settings >> Service Management. Verify that Nginx is running. There should be a green check next to Reverse Proxy Server. If Nginx has been stopped, use the green arrow to the right of the service list to start it.                                                                                                              

4. SSH to your server and update the Nginx template. You'll need to use an editor. Help with using SSH may be found here. If you are unfamiliar with using BASH text editors, this article can help.  

  • SSH to your server and execute the following command. Any other editor such as vi or nano will also work fine:
vim /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php
  • Next, identify the following lines: 
listen escapedAddress . ':' . $OPT['frontendPort'] .
        ($OPT['default'] ? ' default_server' : '') . ($OPT['ssl'] ? ' ssl ' : '') ?>; 
  • Replace with the following:
listen escapedAddress . ':' . $OPT['frontendPort'] .
        ($OPT['default'] ? ' default_server' : '') . ($OPT['ssl'] ? ' ssl http2' : '') ?>;

  • save and quit
:wq
  • Update the Nginx template and restart the web server.
/usr/local/psa/admin/bin/httpdmng --reconfigure-all
service nginx restart

Your sites should now be using HTTP/2. If you have any questions or concerns, please feel free to contact our award winning 24/7 support team.  

cPanel

Important Notes:

  • Enabling HTTP/2 will require EasyApache 4
  • HTTP/2 will only work with an active SSL. In a push to make the internet more secure, no browser currently supports HTTP/2 over an unencrypted network
  1. Log into WHM.
  2. On the left-hand menu, search for Software >> EasyApache4.

    cp-1.png

  3. Click on Customize.

    cp-3.png


  4. Click on Apache Modules.

    cp-4.png

  5. Locate the module called "mod_http2" and eneable it.

    cp-5.png
  6. WHM may inform you of existing modules that will need to be removed in order to enable mod_http2. If so, you may want to consult your developer first to ensure that these changes will not affect your sites. Once deemed it safe to proceed, you may click on Yes.

    cp-6.png

  7. In this example, we need to pick a new mpm package. "mod_mpm_event" or "mod_mpm_worker" are compatable with http2. You may again wish to consult your developer on which one you to use. After selecting the desired mpm package, click Next.

    cp-7.png

  8. Click on Review.

    cp-1.6.png
  9. Scroll to the bottom of the page, then click Provision.

    cp-9.png

Your server should now support HTTP/2. If you have any questions or concerns, please feel free to contact our award winning 24/7 support team.  

Resources