logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.


Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: http/2 support in 2.4.41
Author
sam452



Joined: 19 Dec 2016
Posts: 22
Location: US, Nashville

PostPosted: Sun 03 Jul '22 22:07    Post subject: http/2 support in 2.4.41 Reply with quote

When a vulnerability scan suggested to prefer http/2 I was glad to find this https://www.apachelounge.com/viewtopic.php?t=6804 and followed its instructions.

From what I read 2.4.41 does have this support and I have uncommented the LoadModule http2_module modules/mod_http2.so line.

This is placed after my load of ssl_module in httpd.conf.
Code:
<IfModule http2_module>
  ProtocolsHonorOrder On
  Protocols h2 http/1.1
</IfModule>


But after a full Apache restart I use curl to my site to verify that the http/2 is being used but I still get http/.1.

Looking at the Downloads section it doesn't suggest there is a special download of Apache with the nghttp2 support so I would anticipate that my version would have everything it needs. What else should I do to ensure this is loading? thx, sam
Back to top
tang_88888



Joined: 10 Jul 2015
Posts: 9

PostPosted: Mon 04 Jul '22 5:11    Post subject: Reply with quote

Hi, I've used the following syntax several years ago. Besides, you need to check whether your web application firewall can support this protocol. Since my network team replied that previous firewall had not supported HTTP/2 yet, my Apache HTTP server could only use 1.1 at that time.

Code:
Protocols h2 h2c http/1.1


Ref:
https://httpd.apache.org/docs/2.4/howto/http2.html
Back to top
sam452



Joined: 19 Dec 2016
Posts: 22
Location: US, Nashville

PostPosted: Mon 04 Jul '22 15:09    Post subject: firewall? Reply with quote

Thank you for your reply. It suggests that a firewall external to Apache may be the culprit. But the more I think about it a firewall is looking at port numbers and whether it's TCP and/or UDP. I've added the h2c to httpd.conf, restarted Apache. However, when I run
Code:
curl -sI http://localhost/ -o/dev/null -w '%{http_version}\n'

It still returns 1.1 and I would think the Windows firewall is not acting on traffic internal to that server?
Since my download from apache lounge has mod_http available I can assume that it was built with the libnghttp2 library?
Back to top
tangent



Joined: 16 Aug 2020
Posts: 217
Location: UK

PostPosted: Mon 04 Jul '22 20:14    Post subject: Reply with quote

Your test connection with curl is to a non-secure port, so as tang_88888 says, you need to list the h2c protocol too.

Also, force curl to upgrade to http2 by adding a --http2 option.

This is what I get with, adding -v to see more detail (Windows instance of Apache and curl)

Code:
C:\>curl -sIv --http2 http://localhost/ -onul -4 -w %{http_version}\n
*   Trying 127.0.0.1:80...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: localhost
> User-Agent: curl/7.83.0
> Accept: */*
> Connection: Upgrade, HTTP2-Settings
> Upgrade: h2c
> HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 101 Switching Protocols
< Upgrade: h2c
< Connection: Upgrade
* Received 101
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=153
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 200
< last-modified: Mon, 11 Jun 2007 18:53:14 GMT
< etag: W/"2e-432a5e4a73a80"
< accept-ranges: bytes
< content-length: 46
< content-type: text/html
< date: Sun, 00 Jan 1900 00:00:00 GMT
< server: Apache/2.4.54 (Win64)
<
* Connection #0 to host localhost left intact
2
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7141
Location: Germany, Next to Hamburg

PostPosted: Tue 05 Jul '22 8:37    Post subject: Reply with quote

I suggest also adding

H2Upgrade on
H2Direct On
Back to top
JorgeCarousel



Joined: 14 Jul 2022
Posts: 11
Location: USA, New york

PostPosted: Wed 10 Aug '22 21:53    Post subject: Reply with quote

I'm having the same issue, when using https, it shows as HTTP/2, but when using http it shows as http/1.1, my onfiguration is this:

Code:
<IfModule http2_module>
    ProtocolsHonorOrder On
    protocols h2 h2c
    H2Upgrade on
    H2Direct On
</IfModule>


Any ideas what I have to do so it is HTTP/2 in clear text?
Back to top
JorgeCarousel



Joined: 14 Jul 2022
Posts: 11
Location: USA, New york

PostPosted: Thu 11 Aug '22 17:44    Post subject: Reply with quote

I don't know if this is true, but this s what they say at stackoverflow:

And the reason browsers only support HTTP/2 over HTTPS is its so unreliable over HTTP as middleboxes assume HTTP/1 - which means the only use of h2c is for non-browser communication where you’re basically in control of the end to end connection so can skip the upgrade dance and go straight the h2c (aka the “prior knowledge” method of using HTTP/2). The preface message can always be used to reject and/or fallback to HTTP/1 if a client unexpectedly doesn’t support HTTP/2.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7141
Location: Germany, Next to Hamburg

PostPosted: Fri 02 Sep '22 13:55    Post subject: Reply with quote

Indeed the major browsers only support http/2 over SSL.
Back to top


Reply to topic   Topic: http/2 support in 2.4.41 View previous topic :: View next topic
Post new topic   Forum Index -> Apache