Jump to content
Froxlor Forum
  • 0
nisamudeen97

Enabling HTTP/2 support in froxlor

Question

Hi,

We wish to enable HTTP/2 support in our forxlor server which is currently running apache server version "Server version: Apache/2.4.10 (Debian)".    Debian GNU/Linux 8 \n \l

https://http2.pro/doc/Apache

Has any one tried to enable the same in forxlor ?  We are running shared hosting.  Look forward to have detailed update.

 

Share this post


Link to post
Share on other sites

20 answers to this question

Recommended Posts

  • 0

Sure you have to update, how else would you be able to use a newer version? Yes, froxlor will tell you that a newer version has been installed and will guide you through a update process when logged in as admin.

Procedure:

- backup froxlor/lib/userdata.inc.php

- download https://github.com/Froxlor/Froxlor/archive/master.zip

- extract content of Froxlor-master/* to your current installation directory

- put back the backed up userdata.inc.php to froxlor/lib/userdata.inc.php

- chown either with webserver user (mod_php) or the used local user (e.g. froxlorlocal) when using fcgid/php-fpm

- open froxlor panel in browser and login as admin

Share this post


Link to post
Share on other sites
  • 0

Hi,

Thx for the update.  I have enabled  http2 in forxlor as updated in the above steps.  See the screen shots.   I can also see "OCSP stapling" and "HSTS" .  Cool.

But upon testing I could see the below error in apache.

AH00526: Syntax error on line 12 of /etc/apache2/sites-enabled/35_froxlor_ssl_vhost_dumdum.conf:
Invalid command 'Protocols', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.

 

https://www.shivering-isles.com/http-2-getting-ready-on-debian-with-apache2/

I have then followed the above doc and enabled http2 in apache.  As i was using "Apache 2.4.10",  I have to update it to "Apache/2.4.29"  which is still in latest test release of Debian..

But unfortunately I cannot still see http2 enabled On header testing.

 

curl --http2 -I domain.com


HTTP/1.1 200 OK
Date: Thu, 02 Nov 2017 04:44:53 GMT
Server: Apache/2.4.29 (Debian)
Last-Modified: Thu, 02 Nov 2017 03:32:23 GMT
ETag: "e-55cf7a2e85d40"
Accept-Ranges: bytes
Content-Length: 14
Content-Type: text/html

Can you please help me to fix this ?

 

froxlor update.png

new support.png

Share this post


Link to post
Share on other sites
  • 0

root@w03:/etc/apache2/sites-enabled# cat 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
# 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
# Created 06.11.2017 11:46
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 45 (SSL) - CustomerID: 13 - CustomerLogin: kaikaito
<VirtualHost 192.168.73.56:443>
  ServerName nisa.kaikaito.de
  ServerAlias *.nisa.kaikaito.de
  ServerAdmin np@kaikaito.it
  SSLEngine On
  SSLProtocol -ALL +TLSv1 +TLSv1.2
 Protocols h2 http/1.1
  SSLCompression Off
  SSLHonorCipherOrder On
  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.key
  SSLCertificateChainFile /etc/ssl/froxlor-custom/nisa.kaikaito.de_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=31535995"
  </IfModule>
  DocumentRoot "/var/customers/webs/kaikaito/nisa/"
  FcgidIdleTimeout 30
  SuexecUserGroup "kaikaito" "kaikaito"
  <Directory "/var/customers/webs/kaikaito/nisa/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/kaikaito/nisa.kaikaito.de/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/kaikaito/webalizer"
  ErrorLog "/var/customers/logs/kaikaito-error.log"
  CustomLog "/var/customers/logs/kaikaito-access.log" combined
</VirtualHost>

 

Share this post


Link to post
Share on other sites
  • 0
# openssl version
Quote

 If OpenSSL is the library you use, you need at least version 1.0.2.

 

Share this post


Link to post
Share on other sites
  • 0

Hi,

I have also rebooted the server to make sure updated things loads good.  Still it is not working.   What you think is the cause ?  Bugs ??

 

root@:~# uname -a
Linux  3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux
root@:~# cat /etc/issue
Debian GNU/Linux 9 \n \l

 

Share this post


Link to post
Share on other sites
  • 0

Same problem nisamudeen97.

I managed to install it on Ubuntu. I found it strange you have to activate http/2 on the vhost to be able to activate it on other domains.

I posted an issue in case it helps: https://github.com/Froxlor/Froxlor/issues/575

 

That said, I finally installed it. 

apache2ctl -M | grep "http2"
 http2_module (shared)

apachectl -V
Server version: Apache/2.4.34 (Ubuntu)

openssl version
OpenSSL 1.1.0h  27 Mar 2018

 

But curl --http2 -I https://xxxx.com
curl: (1) Unsupported protocol

(chrome inspector shows protocol http/1.1).

 

Did you solve it?

 

Thanks

Share this post


Link to post
Share on other sites
  • 0

Ok, I have this in the logs:

[Wed Sep 26 11:40:15.116715 2018] [http2:warn] [pid 30078] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.

I'm using FCGID.

Any ideas?

Share this post


Link to post
Share on other sites
  • 0

The error message literally tells you what the problem is. Mpm_prefork does not work together with http2

Share this post


Link to post
Share on other sites
  • 0
31 minutes ago, lanbo said:

Ok, I have this in the logs:


[Wed Sep 26 11:40:15.116715 2018] [http2:warn] [pid 30078] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.

I'm using FCGID.

Any ideas?

I have the same problem , until yesterday everything was ok. Any solution what to do ?

Share this post


Link to post
Share on other sites
  • 0
On 9/26/2018 at 12:08 PM, d00p said:

The error message literally tells you what the problem is. Mpm_prefork does not work together with http2

Yeah, it's tricky.

 

sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
service apache2 restart
 * Restarting Apache httpd web server apache2 [fail] *
      The apache2 configtest failed.
        Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe.  You need to recompile PHP.

I'm using FCGID. Is PHP-FPM thread-safe?

 

UPDATE:

 

I managed to make it work with php-fpm, extrausers and:

 

a2dismod mpm_prefork
a2enmod mpm_event
a2enmod proxy_fcgi
a2enmod http2
 

Remember to activate in the settings that you are using php-fpm, proxy_fcgi and http/2.

It's specially important to remember to activate you are uding php-fpm also for the froxlor vhost or otherwise you won't be able to access Froxlor again. I missed that step and it was a mess fixing it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By tmuecksch
      Guten Tag,
      ich habe einen Debian 9 Server mit Froxlor und Apache2 am laufen. Wenn ich mit dem Kunden FTP Zugang Dateien hochlade haben diese Ordnungsgemäß das ownership 10000:10000.
      Wenn jedoch in der PHP-Weboberfläche eine Datei hochgeladen wird, wird diese mit dem ownership www-data:www-data hochgeladen. Liegt hier ein Konfigurationsfehler vor oder ist das Verhalten sogar so gewünscht? Ich kann den Fehler leider nicht entdecken. Das Problem ist nur, dass das PHP-Script dann eine Permission Denied Fehlermeldung wirft, wenn versucht wird die Datei zu lesen.
       
      Liebe Grüße
      tmuecksch
    • By Andrew Stafford
      Good day, 
      First time posting here, I just got Froxlor setup on a hyperV, Debian 9 VM.
      It is up and running, got my customers/ domains added. I can't seem to get the domain to cooperate though. 
      I use Godaddy to buy and host my domains. What do I need to do on Godaddy and through Froxlor to get my website visible to the public?
      I currently tried setting an a record on godaddy with my servers ip.
      I changed the name servers in froxlor to those listed by godaddy for my domain.
      Am i on the right track or missing it entirely?
      Any help would be appreciated!
      Thanks, - Andrew 
    • By Christian Vogel
      Ich habe Froxlor installiert und alle Konfigurationen ausgeführt. Dennoch kann ich nicht über Outlook oder Mail auf mein Imap Konto zugreifen. 
      Im syslog sehe ich
      Sep 10 10:11:51 vserver3130 dovecot: imap-login: Aborted login (no auth attempts in 0 secs): user=<>, rip=87.191.51.26, lip=109.73.50.135, session=<uGoEloF1eIxXvzMa>
      postconf -d und dovecot -n hab ich als Textdatei angehängt.
      Habe auch schon etwas bei Google gesucht und hier im Forum die Suchfunktion bemüht - finde aber keine Lösung. Kann mir hier jemand helfen? Werden noch andere Infos benötigt für eine Lösung?
      Danke
      Christian
       
       
      dovecot.txt
      postconf.txt
    • By LostNIL
      Greetings,
      I have Froxlor installed with PHP7.2 and need to install/enable PHP7.2-fpm. I've reviewed the wiki, The Froxlor YouTube video on the subject, and reviewed/completed the instructions within the Panel > Configuration > DB Jessie > Other > FPM and am having difficulties getting the panel to work with FPM. 
      All available instructions are written for PHP5 and when I complete the instructions and substitute PHP7.2, when the panel generates configurations there are syntax errors and the websites go down. 
       
      Does anyone have any pointers or updated instructions on enabling FPM/PHP7+ with Froxlor. 
    • By LukasH
      Einen wunderschönen guten Tag, 
      ich habe eine kleine Frage zum Froxlor Mailserver in Verbindung mit Autokonfiguration bzw. Microsoft Outlook.
      Und zwar nutze ich für den IMAP Server die Adresse "mail.domainname.tld", hierfür gibt es ein SSL Zertifikat welches auch passt und alles ist gut wenn man Konten manuell damit einrichtet. Wenn ich nun das Konto bei Outlook hinzufüge ohne manuelle Konfiguration nimmt Outlook automatisch imap.domainname.tld, hier gibt es dann natürlich einen Zertifikatsfehler da das Zertifikat ja für mail. ausgestellt ist. 
      Ich habe allerdings nie eine Autokonfiguration oder sonst irgend etwas in die Richtung konfiguriert?! Ist das Standardmäßig an? Wenn ja wo finde ich die Config um das anzupassen?
      Vielen Dank schon einmal für eure Hilfe!


×