How to enable http2

Hi all,

I know that IW supports http2 since Version 6.0.9, but how do I enable it? Any pointers? We are running Centos 7.

Cheers
Michael

Hi Michael

Hope your well and business is good

It is already enabled or should be

As a test, google http2 test online and check a website on server

Many thanks and hope that helps a little

John

Hi Michael

I hope you don’t mind, but to save you time, this site will test for http2 https://http2.pro/

There are many other sites though

Also, if you login to nodeworx, server, webserver, looking at modules, you should see http2 enabled and http enabled. Http2 I think only works over https

I hope that helps a little

Many thanks

John

http2.png

Hi John,

I did one of those tests and when it failed, I googled a bit and then I came here :slight_smile:

Unfortunately I don’t have the http2_module installed. So that would have been part of an IW update? Or did I miss something?

Cheers,
Michael

Hi Michael

Many thanks

Please what IW version are you running and what centos 7 version

I guess IW maybe running RC version so I?ll post my versions to see if we can narrow it further

Hope that?s alright

Many thanks

John

Hi Michael

Please see our centos versions as below

Many thanks

John

InterWorx Version 6.1.26-1600

Distribution CentOS Linux release 7.5.1804 (Core)

Hi Michael

just on of chance, could you try this, but if IW-CP is stable version, I would update to IW RC version and see if it has enabled http2 first

Many thanks

John

Enable HTTP/2 module
Apache’s HTTP/2 support comes from the mod_http2 module. Enable it from:
a2enmod http2
apachectl restart
If above commands do not work in your system (which is likely the case in CentOS/RHEL), use LoadModule directive in httpd configuration directory to enable http2 module.
Add HTTP/2 Support
We highly recommend you enable HTTPS support for your web site first. Most web browser simply do not support HTTP/2 over plain text. Besides, there are no excuses to not use HTTPS anymore. HTTP/2 can be enabled site-by-site basis. Locate your web site’s Apache virtual host configuration file, and add the following right after the opening <VirtualHost> tag:
Protocols h2 http/1.1
Overall, your configuration file should look something like this:
<VirtualHost *:443>
Protocols h2 http/1.1
ServerAdmin you@your-awesome-site.com
ServerName your-awesome-site.com

</VirtualHost>
After the changes, don’t forget to reload/restart Apache.
apachectl restart

Hi John,

our versions are exactly the same as yours and we’re on RC. Will look into the httpd conf now…

hmm, the 10-http2.conf is there, as well as a correct 00-mpm.conf and which is set to prefork. Switching that to Worker and restarting apache loads http2_module but the http/2 test still faills :frowning:

John, do you have that line Protocols h2 http/1.1 in your config files? If so which one?

Hi Michael

Ah sounds like your getting there

That line is actually in http.conf (easily looked at from webserver, edit) and appears as:

Unknown protocols are ignored by Apache, h2 can stay even if

the http2 module is not loaded. See conf.modules.d/10-http2.conf

Protocols h2 http/1.1

so no, the line does not appear in vhost configs.

Which file did you change to workers from prefork, as mpm changed and as far as I remember, does not allow preforking any longer

Many thanks

John

Hi Michael

Sorry and apologies in advance for a silly suggestion/question

Do you have a proper domain installed on server to test with (if so, could you let me know it privately)

The reason I ask is because I have jsut checked, and if using server FQDN, them http2 reports failed. If using proper domain as created as a siteworx account, http2 passes (but you may need a proper SSL from lets ecrypt) eg server FQDN muserver.url, so you try testing using https://muserver.url or https://muserver.url:2443/nodeworx will fail. create muserver.url as a siteworx account, create SSL by LE, test as https://muserver.url and test passes

I hope that makes sense and its just a thought incase your chasing a ghost

Many thanks

John

Hi John,

I don’t have that line in my http.conf

So that would be the reason it doesn’t work. Adding it and restarting Apache makes http2 work! (This also answers the domain question :wink: )

But the question is, why is it not there, i.e. why is our http.conf not the iW standard (I never touched it!)?

Cheers

Michael

Oh, and the other question would be: Why was the MP module set to prefork instead of worker by default? Or what MPM do you have?

Hi Michael

Excellent news. Kudos to you

I will email you the mpm conf later this afternoon if alright and I have not altered any conf files, so I?m not sure why yours was different.

I may try a clean install test to see if anything has reverted on last update (does happen rarely as the build may link to an earlier revision), so you may have found a bug perhaps

Thinking though, as a test, could you revert the mpm conf file back to original and restart apache then test

It may have just been the missing line in http.conf that was stopping the module from starting, as apache needs to server both http and http2

Hope that?s alright

Many thanks

John

Nope, it only works with MPM being set to “worker”.

So it might be worth for IW to look into this, i.e. why the default configs are differing from the standard…

Hello–

Http/2 and the Event MPM being enabled automatically was only for new installations, which is where I think the confusion between your servers lies. It sounds like John’s is a newer install, but Micheal’s is not. The info on the module showing in the GUI is also something that was for newer installations, as well. Exposing the info on the Webserver page, and using Event and http/2 by default was put into place in 6.1.1, which was around the beginning of March of this year. So servers older than that would not look the same. It was done this way so as to not potentially cause any issues with the existing servers, as changing the mpm automatically away from prefork could have caused some problems.

We built in support for http/2 in 6.0.9, but I believe at that point, it was still something that needed to be enabled in the conf. I thought we had public documentation on how to do that, but I can not, for the life of me, find it now. I’ll put something together as a reference so as to potentially get around this confusion in the future. :slight_smile:

So basically, there are a couple differences in what is considered the default, depending on when InterWorx was installed.

Sorry for the confusion! Glad everything was able to be resolved! :slight_smile:

Hi Jenna,

thanks for the explanation, that makes sense. And now I know to use Event MPM.

There’s one thing though, when I switched from worker to event MPM, some values in the web server options have been cleared. Is this by deisgn, i.e because they have to be set again or to other
values?

John, could you list your values (like “Server limit”, Threads per Child" and so on)?

Any recommendations for suitable settings for a VPS with 8 Xeon (Sandy Bridge) cores @2,1Ghz? And for an even beefier Skylake Xeon machine with 8 or 16 dedicated (exclusive) cores and NVMe?

I usually don’t touch the defaults unless I have to, but now that they are gone, I will use that as an excuse to fiddle a little :slight_smile:

Oh, and these 8 core machines have 32GB RAM, the 16 core 64GB, almost forgot. I know that I should consider the average memory usage of apache processes, but right now these machines are mostly idling, so I will have to guess a little bit…

Hi Michael

Many thanks, yes will do but if I am thinking correctly, I think 1 of your option boxes will be blank and not allow an entry to be made.

If this is correct, please could you open a support ticket with IW for correction. IW will correct and the values will appear normally.

The new version allows more control so it is a little more complicated ie if you edit a siteworx account, you will see you have greater control over mpm to limit or allow more resources

I suppose the reality is given the cores/memory it may come down to site usage alone, which you can control to a degree but please do not forget you may have ssd v3/4 as well, so that?s added to the mix

It?s all good fun though and I think needs thinking out side of box. Our new server has 24 cores and 50gb of ram with full ssd, setup using 3 independent volumes and an independent swap. It?s a beast and benchmarking shows excellent on defaults alone

Many thanks

John