Recently, while analyzing SSE technology, I briefly mentioned HTTP/2, as the HTTP/1.x protocol has long been considered an “antique”.
Reasons for Upgrade
Upgrading from HTTP/1.x to HTTP/2 can bring various performance improvements and optimizations:
Multiplexing
- In HTTP/1.x, each TCP connection can only handle one request or response, leading to the so-called head-of-line blocking issue. In HTTP/2, multiplexing allows multiple requests and responses to be sent simultaneously over the same TCP connection, greatly improving resource utilization and reducing page load times.
Header Compression
- HTTP/2 introduces the HPACK algorithm to compress HTTP header information, reducing the amount of data transmitted for each request and response. This is particularly beneficial in mobile network environments, as it reduces latency and bandwidth usage.
Enhanced Security
- Although HTTP/2 can theoretically support plaintext transmission, all major browsers only support HTTP/2 implemented over TLS (typically HTTPS). This means that adopting HTTP/2 usually also enhances the security of the website.
Upgrading to HTTP/2 can significantly improve website loading speed and user experience, especially in high-latency or low-bandwidth environments.
Upgrade Methods
Apply for a Certificate
Currently, most modern browsers only support HTTP/2 when using TLS (i.e., HTTPS), so it is necessary to configure an SSL/TLS certificate for the website “preferably enabling forced HTTPS”.
If you do not have an SSL certificate, you can consider using Let’s Encrypt to obtain one for free. (Several cloud product platforms in China also seem to offer this.)
Upgrade Web Server
High versions of web servers support HTTP/2:
- Apache: Supports HTTP/2 starting from version 2.4.17.
- Nginx: Supports HTTP/2 starting from version 1.9.5.
- IIS: Supports HTTP/2 starting from Windows Server 2016 and Windows 10.
Apache
Ensure that the mod_http2 module is installed and enabled.
<VirtualHost *:443>
...
# Ensure SSL is enabled
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
# Enable HTTP/2
Protocols h2 http/1.1
...
</VirtualHost>
// Support both HTTP/2 and plaintext version of HTTP/2 (h2c)
Protocols h2 h2c http/1.1
Note! Most browsers do not support unencrypted HTTP/2 connections (h2c).
Remember to restart after making changes!!!
Nginx
First, ensure that Nginx was compiled with the HTTP/2 module. You can check for the –with-http_v2_module option by running the nginx -V command.
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
# Redirect all HTTP requests to HTTPS
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2; # Note the http2 parameter here
...
}
IIS
If you are using Windows Server 2016 or Windows 10 and later, IIS supports HTTP/2 by default.
Just ensure that your website has HTTPS enabled, and IIS will automatically enable HTTP/2 support without additional configuration.
Verification
If you want to check whether your website has successfully enabled HTTP/2, open the Chrome console, select Network, and right-click on any interface.
Select Header Options, check Protocol, and refresh the page.
You will see a column labeled Protocol in the Network tab; if it shows h2, it indicates that HTTP/2 has been successfully enabled.
