Add a section on enabling HTTP2 in Apache, included in this diff is the following: Document the second mod_http2 port and why it should be used; Document how to enable for single virtual hosts or globally; Note incompatibility with mpm; Show how...
ClosedPublic
Actions

Authored by trhodes on Oct 19 2020, 3:18 AM.

Details

Reviewers

bcr
brnrd

Commits

rD54630: Add a section on HTTP2 with Apache.

Summary

...to enable plain text HTTP2 but advise against that;
Note a method of testing HTTP2 usage through the log file

Diff Detail

Repository

rD FreeBSD doc repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

trhodes requested review of this revision.Oct 19 2020, 3:18 AM

trhodes created this revision.

Harbormaster completed remote builds in B34250: Diff 78406.Oct 19 2020, 3:18 AM

trhodes added a subscriber: Doc Committers.Oct 19 2020, 3:21 AM

Reads well, thanks for this addition!

This revision is now accepted and ready to land.Oct 19 2020, 7:40 AM

Nice! I think we can improva a bit before committing.

en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
3733–3736 ↗	(On Diff #78406)	Apache support for the next version of the HTTP protocol, HTTP/2, and is included by default when installing the port with pkg. Doesn't flow well perhaps Support for the next version of the HTTP protocol, HTTP/2, is included by default when installing the Apache port with pkg and is enabled by default if you build Apache from ports.
3740–3741 ↗	(On Diff #78406)	"packet header data is compressed and encryption is used by default." ?
3743 ↗	(On Diff #78406)	I don't believe that's true... All browsers still support http, but https is preferred.
3761 ↗	(On Diff #78406)	That's bad... Should change the port to default to mpm_event. Thanks for the pointer!
3767–3774 ↗	(On Diff #78406)	On second thought, this may be confusing to the reader. We can leave it out. I'll check if the install message for the port is sufficiently clear.
3812 ↗	(On Diff #78406)	Range 192.0.2.0/24 is reserved for documentation, see rfc5737
3822 ↗	(On Diff #78406)	<para><acronym>HTTP</acronym>/2 is also available for reverse proxy connections. Enable the mod_proxy_http2 module and change the ProxyPass or RewriteRule [P] statements to h2://</para>

This revision now requires changes to proceed.Oct 19 2020, 11:18 AM

Thanks, everyone, for the prompt feedback. I'll get a new version submitted soon but will also wait to know what changes will be updated to the port. Stay safe everyone!

en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
3740–3741 ↗	(On Diff #78406)	Hmm, this was my understanding that, as long as h2 is being used, it's default. When using h2c, or http1.1, none of this is true. Maybe I should make this more clear.
3743 ↗	(On Diff #78406)	Hmm, I guess this could be worded better as well. Firefox and Chrome, from my reading of the documentation, will only support h2 over HTTPS and fall back to HTTP1.1 otherwise. I'm glad you mentioned something here.
3761 ↗	(On Diff #78406)	Should I leave it in for now? I can wait, this doesn't have to land ASAP, just let me know please!
3767–3774 ↗	(On Diff #78406)	Okay, we can also change this from a warning to a note and/or reword this to sound less dire. The port can also be updated, but I do want to point it out in the text.
3812 ↗	(On Diff #78406)	Yes, I know, this was my bad. I copied and pasted directly from my test system and never updated the address range. I'm going to fix this before submitting an updated patch. :)
3822 ↗	(On Diff #78406)	Oh true, I forgot to add information on using mod_proxy_http2. I'll work something up in the next revision. Between that and updates to the port, I think we will have this all nailed down soon. All in all, great comments and feedback. I probably should have given you and apache@ a notice about the incompatibility with mpm_prefork.

Good stuff! I'm going to check on the Apache defaults!

en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
3743 ↗	(On Diff #78406)	Correct on the HTTP/2 side, that requires SSL with browsers. h2c is rare, I have yet to seen it "in the wild". https://en.wikipedia.org/wiki/HTTP/2#Encryption "Browsers only support HTTP/2 in combination with HTTPS"
3761 ↗	(On Diff #78406)	Leave it in. We'll have to tread carefully. mpm_prefork seems to be default in the Linux world, we need to check Apache's default build config etc.
3767–3774 ↗	(On Diff #78406)	"A separate mod_http2 port exists, but you do not need it for HTTP/2 support. The separate port delivers bug- and security fixes earlier than the Apache bundled version."

Update with feedback from brnrd. I think everything has
been addressed with this update. Thanks team!

Updating D26850: Add a section on enabling HTTP2 in Apache, included in this

diff is the following:

Document the second mod_http2 port and why it should be used;
Document how to enable for single virtual hosts or globally;
Note incompatibility with mpm;
Show how...

Harbormaster completed remote builds in B34276: Diff 78482.Oct 20 2020, 12:36 AM

Mark things as done

Good to go!

This revision is now accepted and ready to land.Oct 24 2020, 11:48 AM

Closed by commit rD54630: Add a section on HTTP2 with Apache. (authored by trhodes). · Explain WhyOct 25 2020, 2:50 AM

This revision was automatically updated to reflect the committed changes.

trhodes added a commit: rD54630: Add a section on HTTP2 with Apache..