How to Enable HTTP2 on Debian 8 with Nginx Web Server
As you may already know, HTTP2 is the latest update to the HTTP/1.1 protocol. HTTP2 is said to significantly speed up webpages due to the ability to send as many HTTP requests as the browser like on a single TCP connection.
HTTP2 is based on SPDY. This tutorial shows how to enable HTTP2 with Nginx on Debian 8 server and explain some Nginx knowledge. For a detailed explanation of why HTTP2 is way faster than HTTP/1.1, check out the following article.
You can skip it and read the following text if you just want to know how to enable HTTP2.
Install the Latest Version of Nginx on Debian 8 Jessie
Nginx only supports HTTP2 after version 1.9.5. The Debian 8 repository has Nginx 1.6.2. We can install the latest version from official Nginx repository.
There are two branches of Nginx: nginx stable and nginx mainline. As its name suggests, nginx stable is the more stable and older version and nginx mainline is the more recent version. That doesn’t necessarily mean nginx mainline is unstable. In fact, nginx.org recommends using nginx mainline if you don’t have a strong reason to use the older version.
To install Nginx mainline on Debian 8, first we need to fetch the Nginx GPG public key.
Then import the key to Debian 8 with the below command:
sudo apt-key add nginx_signing.key
After that edit /etc/apt/sources.list file.
sudo nano /etc/apt/sources.list
Add the following two lines at the end of the file.
deb http://nginx.org/packages/mainline/debian/ jessie nginx deb-src http://nginx.org/packages/mainline/debian/ jessie nginx
Press Ctrl+O to save the file, then press Ctrl+X to close nano text editor.
During the installation process, Nginx will automatically install a new configuration files. So before the installation you should back up your configuration files. The following command will copy the main config file and server block config files to the home directory.
cp /etc/nginx/nginx.conf /etc/nginx/sites-available/*.conf /etc/nginx/conf.d/*.conf ~
If you have installed Nginx before, remove it:
sudo apt-get remove nginx nginx-common nginx-full nginx-core
Now update local package index and install Nginx mainline branch.
sudo apt-get update && sudo apt-get install nginx
Once the installation is completed, check your nginx version.
[email protected]:~$ sudo nginx -v nginx version: nginx/1.11.1
A little Note about Different Nginx Packages
On Debian and Ubuntu, you can find that there are
/etc/nginx/sites-enabled directory and also a
/var/www directory as the default document root. This follows the Apache web server tradition.
However, official Nginx package sets
/usr/share/nginx/html as the default document root and server block config file are stored in
/etc/nginx/conf.d/ directory. RHEL, CentOS and Fedora follows the official way. To use this directory, the
http section needs the following directive in /etc/nginx/nginx.conf file.
The Debian package maintainer believe it’s easier to enable or disable Nginx server blocks with the Apache way. You just need to create or delete a symlink between sites-available and sites-enabled.
But I think it’s also easy to do so with
/etc/nginx/conf.d/. To disable an Nginx server block, you just need to make sure the file doesn’t end with
.conf extension. For example:
sudo mv /etc/nginx/conf.d/example.conf /etc/nginx/conf.d/example.conf.save
After renaming the file, reload Nginx and the server block is disabled.
sudo service nginx reload or sudo systemctl reload nginx
If you still need sites-available and sites-enabled, you can manually create them.
sudo mkdir /etc/nginx/sites-avaiable /etc/nginx/sites-enabled
Then add the following line in the
http section and reload Nginx.
After you create a server block config file in sites-available directory, run the following command to create a symlink which will enable the server block.
sudo ln -s /etc/nginx/sites-available/example.conf /etc/nginx/sites-enabled/example.conf
To disable the server block, just delete with symlink with
sudo rm /etc/nginx/sites-enabled/example.conf
nginx or www-data ?
Please also note that the official Nginx sets nginx as the nginx user instead of www-data. You want to make sure the php-fpm process is running as the same user. Check the php www pool configuration file. (I suppose you installed PHP7.)
sudo nano /etc/php/7.0/fpm/pool.d/www.conf
Find the user and group name.
user = www-data group = www-data
You can see it’s running as www-data user. So you will want to configure Nginx to run as www-data.
sudo nano /etc/nginx/nginx.conf
At the top of this file, change user from nginx to www-data.
Save and close the file. Then reload Nginx.
Enable HTTP2 with Nginx Web Server
The HTTP2 specification itself don’t require HTTPS. However, all major Web browsers (Firefox, Google Chrome, Edge etc) only support HTTP2 with HTTPS sites. So you need to obtain a TLS/SSL Certificate. Thanks to Let’s Encrypt, you can now easily obtain a free cert. Check out the following tutorial.
Once you enable HTTPS on your site, edit your server block config file.
sudo nano /etc/nginx/conf.d/example.conf
sudo nano /etc/nginx/sites-available/example.conf
To enable HTTP2, you simply need to append
http2 to the end of the listen directive.
listen 443 ssl;
listen 443 ssl http2;
Save and close the file. Then test nginx configuration.
sudo nginx -t
If the test is successful, reload Nginx
sudo service nginx reload or sudo systemctl reload nginx
And you are done. Very easy !
How to Check if HTTP/2 is Working on Your Site
You have the following methods to choose from.
- Go to https://tools.keycdn.com/http2-test and enter your domain name.
- Install the HTTP/2 and SPDY indicator extension in Google Chrome and Firefox