Nginx is an open source web server that has won the hearts of many administrators and developers due to its efficient operation, low memory consumption and powerful support for various protocols. Today we will talk about configuring HTTP/2 support in Nginx.

HTTP/2 is an evolution of HTTP protocol that improves data transfer between server and user. It replaced HTTP 1.1, which had a limit on the number of simultaneous connections and therefore slowed down the loading of heavy pages. HTTP/2 solves this problem by allowing concurrent data downloads and compression of HTTP headers.

Why is switching to HTTP/2 important? 📈

Switching to HTTP/2 not only makes your site load faster, but also increases the security of data transfer. All modern browsers require sites to use HTTPS to support HTTP/2, which makes data transfer between the server and visitors more secure.

The process of migration to HTTP/2🔧

Before you start configuring HTTP/2, you must have a server with Ubuntu 18.04 and Nginx installed. Also, your domain name must be pointed to the server, and you must have an SSL certificate (such as Let’s Encrypt) installed for that domain.

1. Server setup🌐

Open your domain’s configuration file:

[php]

vim /etc/nginx/sites-available/your_domain

[/php]

Add HTTP/2 support for IPv6 and IPv4 connections:

[php]

listen [::]:443 ssl http2 ipv6only=on;
listen 443 ssl http2;

[/php]

Save the changes and check the syntax:

[php]

nginx -t

[/php]

2. Improvement of security🔒

To improve security, exclude insecure ciphers. In your domain configuration file, change the ssl_ciphers option:

[php]

ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

[/php]

Check the syntax and restart the server:

[php]

nginx -t
systemctl restart nginx.service

[/php]

3. Adding HTTP Strict Transport Security (HSTS)🛡️

For even more security, add the HTTP Strict Transport Security header to your Nginx configuration file. This header ensures that browsers will only use HTTPS connections.

In the Nginx configuration file:

[php]

add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;

[/php]

Check the syntax and restart the server.

4. Checking correct operation of HTTP/2🚀

You can verify that HTTP/2 is working by using the curl command:

[php]

curl -I -L https://your_domain

[/php]

There should be a mention of HTTP/2 in the server response.

You can also use Google Chrome and developer tools to check for HTTP/2 support.

Now your website is ready to work with HTTP/2 – a faster and more secure version of the HTTP protocol! 🚀🔒

Don’t forget to always keep your server up to date and secure. Good luck! 😊🌐

About the Author

Andrii Kostashchuk

Andrii has experience in programming in various languages for different platforms and systems. He has spent more than 8 years in the Internet sphere, working with various CMS, such as: Opencart, Drupal, Joomla, and of course, the most popular content management system WordPress.

View All Articles