November 1, 20178 yr Hi, We wish to enable HTTP/2 support in our forxlor server which is currently running apache server version "Server version: Apache/2.4.10 (Debian)". Debian GNU/Linux 8 \n \l https://http2.pro/doc/Apache Has any one tried to enable the same in forxlor ? We are running shared hosting. Look forward to have detailed update.
November 1, 20178 yr http/2 support has been added already (https://github.com/Froxlor/Froxlor/commit/bab982a0e6d13f3a6671fb578a489f28f0615119) - you need to use the current development version (https://github.com/Froxlor/Froxlor/archive/master.zip)
November 1, 20178 yr Author Hi, Does it mean we have to update the current froxlor version ? it will automatically get updated? What is the procedure to get updated ?
November 1, 20178 yr Sure you have to update, how else would you be able to use a newer version? Yes, froxlor will tell you that a newer version has been installed and will guide you through a update process when logged in as admin. Procedure: - backup froxlor/lib/userdata.inc.php - download https://github.com/Froxlor/Froxlor/archive/master.zip - extract content of Froxlor-master/* to your current installation directory - put back the backed up userdata.inc.php to froxlor/lib/userdata.inc.php - chown either with webserver user (mod_php) or the used local user (e.g. froxlorlocal) when using fcgid/php-fpm - open froxlor panel in browser and login as admin
November 2, 20178 yr Author Hi, Thx for the update. I have enabled http2 in forxlor as updated in the above steps. See the screen shots. I can also see "OCSP stapling" and "HSTS" . Cool. But upon testing I could see the below error in apache. AH00526: Syntax error on line 12 of /etc/apache2/sites-enabled/35_froxlor_ssl_vhost_dumdum.conf: Invalid command 'Protocols', perhaps misspelled or defined by a module not included in the server configuration Action 'configtest' failed. https://www.shivering-isles.com/http-2-getting-ready-on-debian-with-apache2/ I have then followed the above doc and enabled http2 in apache. As i was using "Apache 2.4.10", I have to update it to "Apache/2.4.29" which is still in latest test release of Debian.. But unfortunately I cannot still see http2 enabled On header testing. curl --http2 -I domain.com HTTP/1.1 200 OK Date: Thu, 02 Nov 2017 04:44:53 GMT Server: Apache/2.4.29 (Debian) Last-Modified: Thu, 02 Nov 2017 03:32:23 GMT ETag: "e-55cf7a2e85d40" Accept-Ranges: bytes Content-Length: 14 Content-Type: text/html Can you please help me to fix this ?
November 6, 20178 yr Try to test here: https://tools.keycdn.com/http2-test Works for my domains on debian perfectly with the latest froxlor version.
November 6, 20178 yr Author root@w03:/etc/apache2/sites-enabled# cat 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf # 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf # Created 06.11.2017 11:46 # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel. # Domain ID: 45 (SSL) - CustomerID: 13 - CustomerLogin: kaikaito <VirtualHost 192.168.73.56:443> ServerName nisa.kaikaito.de ServerAlias *.nisa.kaikaito.de ServerAdmin np@kaikaito.it SSLEngine On SSLProtocol -ALL +TLSv1 +TLSv1.2 Protocols h2 http/1.1 SSLCompression Off SSLHonorCipherOrder On SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128 SSLVerifyDepth 10 SSLCertificateFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.crt SSLCertificateKeyFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.key SSLCertificateChainFile /etc/ssl/froxlor-custom/nisa.kaikaito.de_chain.pem <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=31535995" </IfModule> DocumentRoot "/var/customers/webs/kaikaito/nisa/" FcgidIdleTimeout 30 SuexecUserGroup "kaikaito" "kaikaito" <Directory "/var/customers/webs/kaikaito/nisa/"> <FilesMatch "\.(php)$"> SetHandler fcgid-script FcgidWrapper /var/www/php-fcgi-scripts/kaikaito/nisa.kaikaito.de/php-fcgi-starter .php Options +ExecCGI </FilesMatch> Require all granted AllowOverride All </Directory> Alias /webalizer "/var/customers/webs/kaikaito/webalizer" ErrorLog "/var/customers/logs/kaikaito-error.log" CustomLog "/var/customers/logs/kaikaito-access.log" combined </VirtualHost>
November 6, 20178 yr # openssl version Quote If OpenSSL is the library you use, you need at least version 1.0.2.
November 6, 20178 yr Author openssl version OpenSSL 1.0.1t 3 May 2016 (Library: OpenSSL 1.0.2l 25 May 2017)
November 6, 20178 yr Author updated Open ssl version to latest. Still it is like the same openssl version OpenSSL 1.1.0f 25 May 2017
November 6, 20178 yr Author Hi, I have also rebooted the server to make sure updated things loads good. Still it is not working. What you think is the cause ? Bugs ?? root@:~# uname -a Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux root@:~# cat /etc/issue Debian GNU/Linux 9 \n \l
September 26, 20187 yr Same problem nisamudeen97. I managed to install it on Ubuntu. I found it strange you have to activate http/2 on the vhost to be able to activate it on other domains. I posted an issue in case it helps: https://github.com/Froxlor/Froxlor/issues/575 That said, I finally installed it. apache2ctl -M | grep "http2" http2_module (shared) apachectl -V Server version: Apache/2.4.34 (Ubuntu) openssl version OpenSSL 1.1.0h 27 Mar 2018 But curl --http2 -I https://xxxx.com curl: (1) Unsupported protocol (chrome inspector shows protocol http/1.1). Did you solve it? Thanks
September 26, 20187 yr Ok, I have this in the logs: [Wed Sep 26 11:40:15.116715 2018] [http2:warn] [pid 30078] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive. I'm using FCGID. Any ideas?
September 26, 20187 yr The error message literally tells you what the problem is. Mpm_prefork does not work together with http2
September 26, 20187 yr 31 minutes ago, lanbo said: Ok, I have this in the logs: [Wed Sep 26 11:40:15.116715 2018] [http2:warn] [pid 30078] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive. I'm using FCGID. Any ideas? I have the same problem , until yesterday everything was ok. Any solution what to do ?
September 26, 20187 yr On 9/26/2018 at 12:08 PM, d00p said: The error message literally tells you what the problem is. Mpm_prefork does not work together with http2 Yeah, it's tricky. sudo a2dismod mpm_prefork sudo a2enmod mpm_event service apache2 restart * Restarting Apache httpd web server apache2 [fail] * The apache2 configtest failed. Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe. You need to recompile PHP. I'm using FCGID. Is PHP-FPM thread-safe? UPDATE: I managed to make it work with php-fpm, extrausers and: a2dismod mpm_prefork a2enmod mpm_event a2enmod proxy_fcgi a2enmod http2 Remember to activate in the settings that you are using php-fpm, proxy_fcgi and http/2. It's specially important to remember to activate you are uding php-fpm also for the froxlor vhost or otherwise you won't be able to access Froxlor again. I missed that step and it was a mess fixing it.
Archived
This topic is now archived and is closed to further replies.