How to Enable HTTP2 on Apache

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

A step-by-step guide on How to Enable HTTP2 on Apache

Apache is an open-source web server that serves both static and dynamic content. It’s particularly useful because it’s suitable for websites ranging in size from a few pages to thousands of pages. Developed and maintained by an open community of programmers (Apache Software Foundation), Apache has the highest market share in the web server market.

Apache uses the TCP/IP suite of protocols, and HTTP that runs over this protocol suite defines how requests and responses are exchanged between the client and the server. HTTP/2, the second significant change in the HTTP family after HTTP/1.1, is supported by all major browsers and servers.

Let us now look into how to enable http2 in apache server.

Enable HTTP/2 on Apache

  • Prerequisites:
    • Enable HTTPS on your server since almost all browsers allow HTTP/2 only over HTTPS. Hence, it’s necessary to install an SSL certificate.
    • TLS 1.2 and above with modern cipher suites is required.
    • The Apache version must be 2.4.17 or higher because these versions have built-in HTTP/2 support.
  • After Apache is upgraded, enable SSL and HTTP/2 from the mod_http2 module using the following commands.

    > sudo a2enmod ssl
    > sudo a2enmod http2
    > sudo apachectl restart

    If the above command doesn’t work, open the httpd.conf file and use LoadModule directive to enable the HTTP2 module.

    > LoadModule http2_module modules/mod_http2.so

  • After loading the necessary modules, navigate to the Apache configuration directory and edit the website’s virtual host config file.

    Add “Protocols h2 http/1.1” right after the tag

    The host’s config file should look like the following:


    Protocols h2 h2c http/1.1
    ServerAdmin example@your-site.com
    ServerName your-site.com

    Note: the three parameters in the above protocols directive:

    • h2 – instructs Apache to support HTTP/2 protocol over SSL/TLS
    • h2c – instructs Apache to support HTTP/2 over TCP
    • http/1.1 – if client browser does not accept HTTP/2 then the request is served over HTTP/1.1
  • After the changes, remember to reload/restart Apache.

Troubleshooting

During the process of enabling HTTP2 on Apache, you may run into a few issues.

Apache 2.4.27: HTTP/2 is Not Supported in Pre-Fork

From Apache version 2.4.27, the Apache multi-processing module (MPM) pre-fork does not extend support to HTTP/2. It’s indicated in the Apache error log as an “MPM module not supported” type of message.

To correct this, a different MPM event or worker needs to be selected.

Note: The following example assumes that PHP has been installed from Ubuntu’s ondrej/php repository. The PHP package names could be different in other repositories. The package names and apt-get commands might need to be changed accordingly to match the PHP vendor and package manager.

To fix this error, follow the steps mentioned below, using these commands:

  • To stop the service:

    > apachectl stop

  • To install the php-fpm from your PHP repository. This package name depends on the vendor (Change package name and apt-get commands to match your PHP vendor and package manager):

    > apt-get install php7.1-fpm
    > a2enmod proxy_fcgi setenvif
    > a2enconf php7.1-fpm

  • To disable mod_php:

    > a2dismod php7.1

  • To disable the prefork MPM since only one MPM can run at a time:

    > a2dismod mpm_prefork

  • To enable event MPM (you can also enable mpm_worker):

    > a2enmod mpm_event

  • To start the service:

    > apachectl start

HTTP 421: Misdirected Request Error

Ensure that the TLS settings are the same for all virtual hosts that are being used to serve a specific site.

HTTP/2 Not Enabled on Older Versions of TLS

Apache can be forced to attempt HTTP/2 upgrade with the following directive, but the effectiveness is questionable because browsers do not support HTTP/2 for older TLS versions or cipher suites.

> H2ModernTLSOnly off

Purchase a Multi-Domain SSL Certificate from CheapSSLSecurity & Save Up to 89%!

We offer the best discount on multi-domain SSL certificates starting as low as $18.68 per year.

Shop All Multi-Domain Certificates