Author Topic: [Tutorial] Apache HTTP2 Module  (Read 30642 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
[Tutorial] Apache HTTP2 Module
« on: October 12, 2017, 04:42:50 AM »
Hello.
First of all, we need to download & upgrade some apps:

1. OpenSSL (min. 1.0.2 is required to run ANPL)
We will use the latest 1.0.2l version.
Code: [Select]
cd ~
mkdir installers
cd installers
wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz
tar -zxvf openssl-1.0.2l.tar.gz
cd openssl-1.0.2l
./config shared zlib-dynamic --prefix=/usr/local/ssl
make
make install
mv /usr/bin/openssl /root/
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
cd ..

After this you need to add the /usr/local/lib and /usr/local/ssl/lib directories to the LD_LIBRARY_PATH.
Code: [Select]
nano /etc/ld.so.conf.d/http2.conf
/usr/local/lib
/usr/local/ssl/lib
After you save it (Ctrl+X -> Yes), you need to run ldconfig

2. NGHTTP2 (needed for mod_http2)
Code: [Select]
wget https://github.com/nghttp2/nghttp2/releases/download/v1.26.0/nghttp2-1.26.0.tar.gz
tar -zxvf nghttp2-1.26.0.tar.gz
cd nghttp2-1.26.0
export OPENSSL_CFLAGS="-I/usr/local/ssl/include"
export OPENSSL_LIBS="-L/usr/local/ssl/lib -lssl -lcrypto"
./configure
make
make install
cd ..

3. APR
Code: [Select]
wget http://mirrors.whoishostingthis.com/apache/apr/apr-1.6.2.tar.gz
tar -zxvf apr-1.6.2.tar.gz
cd apr-1.6.2
./configure
make
make install
cd ..

4. APR-Util
Code: [Select]
wget http://mirrors.whoishostingthis.com/apache/apr/apr-util-1.6.0.tar.gz
tar -zxvf apr-util-1.6.0.tar.gz
cd apr-util-1.6.0
./configure --with-apr=/usr/local/apr
make
make install
cd ..

5. Apache
Because of the existing vulnerabilities in anterior versions, we will use the latest one 2.4.28.
Code: [Select]
wget http://mirrors.whoishostingthis.com/apache/httpd/httpd-2.4.28.tar.gz
tar -zxvf httpd-2.4.28.tar.gz
cd httpd-2.4.28
cp -r ../apr-1.6.2 srclib/apr
cp -r ../apr-util-1.6.0 srclib/apr-util
./configure --enable-so --prefix=/usr/local/apache --with-ssl=/usr/local/ssl --enable-unique-id --enable-ssl=shared --enable-rewrite  --enable-deflate --enable-suexec --with-suexec-docroot="/home" --with-suexec-caller="nobody" --with-suexec-logfile="/usr/local/apache/logs/suexec_log" --enable-asis --enable-filter --with-pcre --with-included-apr  --enable-headers --enable-expires --enable-proxy --enable-rewrite --enable-userdir --enable-http2
make
make install
cd

6. Add and activate the http/2 module
You just have to open the apache config and add this line:
Code: [Select]
LoadModule http2_module modules/mod_http2.so
And finally turn on the http/2 protocol by adding this line to apache config (for all sites) or in ssl vhosts for the sites you want:
Code: [Select]
Protocols h2 http/1.1
Restart Apache with: service httpd restart

Possible Problems:
1. Apache will not start because of the mod_security
If you had mod_security, probably you will have this error when restarting:
Code: [Select]
Starting httpd: httpd: Syntax error on line 509 of /usr/local/apache/conf/httpd.conf: Syntax error on line 5 of /usr/local/apache/conf.d/mod_security.conf: Cannot load modules/mod_security2.so into server: /usr/local/apache/modules/mod_security2.so: undefined symbol: apr_crypto_block_cleanup

To repair it, you need to recompile and install the new mod_security:
Code: [Select]
cd ~/installers
wget https://www.modsecurity.org/tarball/2.9.2/modsecurity-2.9.2.tar.gz
tar -zxvf modsecurity-2.9.2.tar.gz
cd modsecurity-2.9.2
./configure --with-apxs=/usr/local/apache/bin/apxs
make
make install
cd

After this, you run service httpd restart and the server should start.

 :)
« Last Edit: October 18, 2017, 06:03:02 AM by Sandeep »

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #1 on: October 12, 2017, 12:05:29 PM »
Quic Reply, just to say man you are great and this works fine. Not a single problem was found within this simple tutorial and it works perfectly even on Production VPS using CWP.Pro ;)

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #2 on: October 16, 2017, 12:16:35 PM »
I have opened /usr/local/apache/conf/httpd.conf
and two lines:

LoadModule http2_module modules/mod_http2.so
Protocols h2 http/1.1

After that while restarting httpd getting below error:

Getting this error:
Stopping httpd:                                            [FAILED]
Starting httpd: httpd: Syntax error on line 501 of /usr/local/apache/conf/httpd.conf: Cannot load modules/mod_http2.so into server: libnghttp2.so.14: cannot open shared object file: No such file or directory
                                                           [FAILED]

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #3 on: October 16, 2017, 05:28:59 PM »
So, you would need to put this line

LoadModule http2_module modules/mod_http2.so

Right below last LoadModule line in config file so it should look something like this

LoadModule some_module modules/module.so
LoadModule http2_module modules/mod_http2.so

And

Protocols h2 http/1.1

needs to be put before closing of config file

Also did you compiled correctly everything because this kind of error for a first looks like a just minor config file bug, but on second hand it maybe look like a bad compile.
Just for a try do as said for  first thing, then if it fails again notify me so I can give some advices as Sys Admin for couple of medium-big sized hosts with all enabled (finally) HTTP2 with CWP without issue.

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #4 on: October 18, 2017, 01:05:10 AM »
Please correct ./configure make in step 3. Make, should be at new line.
Thanks for the great tutorial!!!

Offline
*****
Re: [Tutorial] Apache HTTP2 Module
« Reply #5 on: October 18, 2017, 06:03:26 AM »
Please correct ./configure make in step 3. Make, should be at new line.
Thanks for the great tutorial!!!
corrected

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #6 on: October 25, 2017, 03:50:18 PM »
Will http2 in CentOS web panel be configured on by default?

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #7 on: October 25, 2017, 03:56:42 PM »
And I have some problem with this tutorial. When I install and restarted httpd service I have this error: httpd: Could not open configuration file /usr/local/apache2/conf/httpd.conf: No such file or directory

Short fix in console:
Code: [Select]
ln -s /usr/local/apache/ /usr/local/apache2

Offline
*****
Re: [Tutorial] Apache HTTP2 Module
« Reply #8 on: October 27, 2017, 01:05:26 PM »
Will http2 in CentOS web panel be configured on by default?
yes soon it can be configured in nginx reverse proxy

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #9 on: October 27, 2017, 10:59:06 PM »
Will http2 in CentOS web panel be configured on by default?
yes soon it can be configured in nginx reverse proxy
Cool!

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #10 on: October 28, 2017, 08:06:30 PM »
Mihai
Pls, fix version APR, APR-Util and Apache

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #11 on: October 31, 2017, 01:54:57 PM »
Mihai
Pls, fix version APR, APR-Util and Apache

what kind of issue do you have with apr, apr-util and apache ?
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #12 on: October 31, 2017, 11:59:02 PM »
Thank you for this amazing Tutorial. You should Update your Tutorial to latest Versions.

greets

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #13 on: November 01, 2017, 09:59:10 PM »
Mihai
Pls, fix version APR, APR-Util and Apache

what kind of issue do you have with apr, apr-util and apache ?
Problem like this

Offline
*
Re: [Tutorial] Apache HTTP2 Module
« Reply #14 on: November 04, 2017, 12:02:43 AM »
Use the new versions for APR
Code: [Select]
http://mirrors.whoishostingthis.com/apache/apr/apr-1.6.3.tar.gz and APR-Util
Code: [Select]
http://mirrors.whoishostingthis.com/apache/apr/apr-util-1.6.1.tar.gz.