If you are installing NGINX using an apt package manager like
apt install nginx-fullYou will install nginx 1.18 despite using the latest Ubuntu (Ubuntu 22.04) and yet still use HTTP 1.1 on the default nginx vhost SSL configuration.
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name <your host name>;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/redroc.nauf.al/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/redroc.nauf.al/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
So, in order to use HTTP/2, you should change the line listen ssl to listen ssl http2.
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
Change into
listen [::]:443 ssl ipv6only=on http2; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
What is the HTTP/2 Protocol
HTTP/2 improved on HTTP/1.1 in a number of ways that allowed for speedier content delivery and improved user experience, including:
- Binary protocols – Binary protocols consume less bandwidth, are more efficiently parsed, and are less error-prone than the textual protocols used by HTTP/1.1. Additionally, they can better handle elements such as whitespace, capitalization, and line endings.
- Multiplexing – HTTP/2 is multiplexed, i.e., it can initiate multiple requests in parallel over a single TCP connection. As a result, web pages containing several elements are delivered over one TCP connection. These capabilities solve the head-of-line blocking problem in HTTP/1.1, in which a packet at the front of the line blocks others from being transmitted.
- Header compression – HTTP/2 uses header compression to reduce the overhead caused by TCP’s slow-start mechanism.
- Server push – HTTP/2 servers push likely-to-be-used resources into a browser’s cache, even before they’re requested. This allows browsers to display content without additional request cycles.
- Increased security – Web browsers only support HTTP/2 via encrypted connections, increasing user and application security.
HTTP/2 explanation : https://www.imperva.com/learn/performance/http2/