16 C
Texas
angeloma
Senior Writer and partner

How to enable HTTP/2 on Apache web server

Hello friends. Learning how to enable HTTP/2 in Apache is a very good way to improve the security of your website. In addition to this, it also allows for better system loading.

As is well known to many HTTP is the protocol that allows the transfer of information over the web. This protocol was improved and evolved little by little until it reached version 2 which incorporates many advantages in security and performance.

HTTP/2 is a binary protocol that retains the same semantics as the HTTP1.X protocol, which means that all verbs, headers, etc. continue to work unchanged. This means that there is no need to rewrite the way connections are made in the server. With this new version, transfer speed is improved and connection security is added.

Some advantages of using this protocol instead of HTTP 1.x are:

  • Faster loading speed
  • Improved web positioning, thanks to the fact that Google values sites with better loading times.
  • Less bandwidth consumption
  • Immediate presentation of the results.
- Advertisement -

So if you have a website then you should enable HTTP/2 at the server level and you will learn how to do it today.

Enabling HTTP/2 on Apache

Install and configure Apache for HTTP/2

For this post, we are using a clean Ubuntu 20.04 server. So, if you have one in production make sure you make some backups of files and settings.

So, update the distribution first.

sudo apt update
sudo apt upgrade

Then, install Apache from the official repositories.

Note that not all versions of Apache support this new protocol, but in the case of modern distributions, there are no problems.

sudo apt install apache2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libgdbm-compat4 libjansson4 liblua5.2-0 libperl5.30 perl
  perl-modules-5.30
Suggested packages:
  apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl make libb-debug-perl
  liblocale-codes-perl
Recommended packages:
  ssl-cert
The following NEW packages will be installed:
  apache2 apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libgdbm-compat4 libjansson4 liblua5.2-0 libperl5.30 perl
  perl-modules-5.30
0 upgraded, 14 newly installed, 0 to remove and 3 not upgraded.
Need to get 8,768 kB of archives.
After this operation, 54.2 MB of additional disk space will be used.
Do you want to continue? [Y/n]

Check the status of the service to make sure everything is in order.

systemctl status apache2
● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2021-07-19 18:44:49 CEST; 16s ago
       Docs: https://httpd.apache.org/docs/2.4/
   Main PID: 4467 (apache2)
      Tasks: 55 (limit: 2286)
     Memory: 5.2M
     CGroup: /system.slice/apache2.service
             ├─4467 /usr/sbin/apache2 -k start
             ├─4469 /usr/sbin/apache2 -k start
             └─4470 /usr/sbin/apache2 -k start

Jul 19 18:44:49 osradar systemd[1]: Starting The Apache HTTP Server...
Jul 19 18:44:49 osradar apachectl[4454]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName'>ul 19 18:44:49 osradar systemd[1]: Started The Apache HTTP Server.

Next, install the php7.4-fpm package if you don’t already have it.

sudo apt-get install php7.4-fpm
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  libmagic-mgc libmagic1 php-common php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-readline
Suggested packages:
  file php-pear
The following NEW packages will be installed:
  libmagic-mgc libmagic1 php-common php7.4-cli php7.4-common php7.4-fpm php7.4-json php7.4-opcache php7.4-readline
0 upgraded, 9 newly installed, 0 to remove and 3 not upgraded.
Need to get 4,370 kB of archives.
After this operation, 24.2 MB of additional disk space will be used.
Do you want to continue? [Y/n]

And now the game begins. Disable the php7.4 module in Apache.

sudo a2dismod php7.4

If you do not have PHP installed, then you will be told that the module does not appear. So there is no problem.

Enable the php-fpm configuration and the proxy_fcgi module.

sudo a2enconf php7.4-fpm
sudo a2enmod proxy_fcgi

Restart Apache to apply the changes.

sudo systemctl restart apache2

The mpm_prefork module does not support HTTP/2 so you have to disable it.

sudo a2dismod mpm_prefork

And enable the mpm_event, ssl and http2 modules.

sudo a2enmod mpm_event
sudo a2enmod ssl
sudo a2enmod http2

Restart Apache to apply the changes.

sudo systemctl restart apache2

And now you can check the service status again to verify Apache.

sudo systemctl status apache2

With everything in order, edit the Apache available mods configuration file.

sudo nano /etc/apache2/mods-available/http2.conf

And make sure this line is present:

Protocols h2 h2c http/1.1

Or edit the existing one and leave it as indicated.

Save the changes and close the editor.

Enabling HTTPS with Certbot

Now, you need to secure the website with Certbot. So, install the package to get the certificate and the Apache plugin.

sudo apt install certbot python3-certbot-apache
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  augeas-lenses libaugeas0 python3-acme python3-augeas python3-certbot python3-configargparse python3-future python3-josepy python3-mock python3-parsedatetime
  python3-pbr python3-requests-toolbelt python3-rfc3339 python3-tz python3-zope.component python3-zope.event python3-zope.hookable python3-zope.interface
Suggested packages:
  augeas-doc python3-certbot-nginx python-certbot-doc augeas-tools python-acme-doc python-certbot-apache-doc python-future-doc python-mock-doc
Recommended packages:
  python3-icu
The following NEW packages will be installed:
  augeas-lenses certbot libaugeas0 python3-acme python3-augeas python3-certbot python3-certbot-apache python3-configargparse python3-future python3-josepy
  python3-mock python3-parsedatetime python3-pbr python3-requests-toolbelt python3-rfc3339 python3-tz python3-zope.component python3-zope.event python3-zope.hookable
  python3-zope.interface
0 upgraded, 20 newly installed, 0 to remove and 3 not upgraded.
Need to get 1,570 kB of archives.
After this operation, 8,498 kB of additional disk space will be used.
Do you want to continue? [Y/n]

Now, generate and install a certificate for your website and Apache as follows:

sudo certbot --apache -d [your-domain] -d www.[your-domain]

For this, you have to have a valid domain and then restart Apache.

sudo systemctl restart apache2

Conclusion

In this post, you have learned something fundamental to improve the loading and speed of your web pages. This protocol change is an advantage that you can use to your advantage. As you can see the process is not strange at all and it is usable.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article