HTTP/2 support

For reference I’m using CentOS 7 with its default Apache 2.4.6, and have PHP 5.4, 5.5 and 5.6 installed all using FastCGI.

  1. Can Virtualmin be made to to support HTTP/2? It appears that it is now officially supported by Apache 2.4.17 and newer.
  2. Does Apache's HTTP/2 gracefully fallback to HTTP/1.1 by nature or does something else have to be done?


    Well, Virtualmin wouldn’t need to support HTTP/2 – it would just be a matter of making sure it’s enabled in Apache.

    I’m not actually familiar with the differences there though, do you know what kind of configuration is needed in Apache to make it work?


    So maybe I should ask… could there be any issues to using Apache 2.4.17 in the the Webmin/Virtualmin environment? I know that Virtualmin does some find/replace in httpd.conf and other things I’m probably not aware of. I’m not familiar with it either… just checking feasibility of utilizing http/2 as it’s a lot more efficient and we can do things the we natually think like like not concatenating all our resource files together, etc.

    Anyone else have comments?

    For one, almost none of the browsers support http/2 except through TLS – so you’d need to run https on a server in order to get the browser to use http/2 , and then only on quite recent browser builds.

    At the moment we’re only doing http/2 on our servers through Cloudflare which just rolled out http/2 support today. I’m mulling that over at the moment, but mostly just because it would be a nice “sales point” for hosting customers.

    The main thing that is special about the Virtualmin apache server build is that the home directory is in /home – if you don’t build apache that way it won’t work with Virtualmin.

    This is all fairly bleeding-edge. I don’t think there’s any reasonable way you’d get that to work without compiling your own Apache version.

    Yes, it would do http/1 on browsers that don’t support 2 —

    Any one have upgrade to this apache version?

    I haven’t poked at this, yet, but I doubt there would be any major issues with the new version, but there might be other challenges, depending on your experience level with this sort of thing. As cruiskeen noted, you’ll need suexec_docroot set to /home, if you do opt to build your own Apache (or, if you use a Debian/Ubuntu build with the suexec custom module, it is configurable at runtime). Webmin/Virtualmin are usually pretty graceful about new features in Apache: It won’t know about them or give a UI for them, but it also probably won’t break them when you configure them manually.

    Once this version of Apache starts showing up in distributions, we’ll definitely support it and (some of) its new features. Until then, I don’t think it’d be very high risk to try it, as long as you’re careful about it, and keep backups all of your old configs. That is, of course, assuming you’re comfortable rebuilding from source or from SRPM or deb source packages (I’d recommend starting from the source RPM or deb and updating it to the new version rather than doing a from-source build…there are huge differences in how things are configured out of the box in a package vs the from tarball source build, and telling Webmin/Virtualmin about all of those changes would be tedious and very error-prone).

    The benefits are still somewhat small and the cost to implement maybe higher than it warrants, unless you have a lot of sites with a lot of files. Applications have mostly been built to accommodate the old HTTP/1.1 protocol quirks, and so the benefits only begin to show in a marked way with applications that aren’t already optimized for HTTP/1.1. It does improve development and deployment processes…but, we aren’t quite to the point where we can ignore 1.1 yet.