HTTP/2 enabled, site is still served http 1.1

vexx

• June 08, 2020 18:44

Hello, I've recently activated http2 on my server via EA and while everything installed correctly, the site is still served HTTP 1.1. I've tried all the HTTP2 checkers online, every site is telling me that HTTP2 is enabled with ALPN support. I've checked the Apache config files, everything is set-up correctly, including the vhost. If I check the site in Chrome devtools (and some additional Chrome plugins), it's served HTTP 1.1. The only things that are h2, are ads or other services. I've done a lot of reading on the matter, I know prefork isn't compatible, fortunately, I have mpm_event installed for a while. The site is served via https and everything seems to be in place. I have no clue where to look and how to debug this issue. Thanks a lot in advance for any tips or information.

• 

  kdean

  • June 09, 2020 03:25

  Did you make sure to use https and not http? h2 only works over https. Did you try emptying your browser cache just in case you're seeing the cached versions and the protocol they used originally?

  0
• 

  vexx

  • June 09, 2020 06:03

  Ya, the site is https only, everything HTTP is redirected. I also cleared the browser cache, site cache etc...same result. I will also leave the site URL here, hope it's not against the TOS. [Moderator note: removed hyperlink]

  0
• 

  kdean

  • June 09, 2020 06:14

  Everything loaded via h2 for me at your link.

  0
• 

  vexx

  • June 09, 2020 06:17

  how did you test it? I cannot get h2 to load with anything..curl, chrome devtools...anything [Moderator note: removed screenshot]

  0
• 

  kdean

  • June 09, 2020 06:39

  Google Chrome 83.0.4103.97 on MacOS [Moderator note: removed screenshot]

  0
• 

  vexx

  • June 09, 2020 07:32

  Found the issue, which is strange, I have Bitdefender Security installed, which scans SSL certs and I think, it replaces them when serving the content. However, for some sites that were h2 as well, this wasn't an issue so that's why I excluded everything from my computer. I still don't understand why it does that, but if I disable the feature, it works. Thanks a lot, I really appreciate the help.

  0
• 

  kdean

  • June 10, 2020 18:56

  Just did some quick research and Bitdefender Security and other similar SSL Scanning features seem like a bad idea since I saw reports of them slowing down connections, causing SSL key pair issues, increasing the chance of a man-in-the-middle hacks on the transmissions, etc... and now we see it may block the proper negotiation of h2 protocol connections for some servers. Seems the usual sometime too much security can just be bad or worse in other ways than the protection they supposedly provide.

  0
• 

  SamuelM

  • June 11, 2020 04:11

  Hello @vexx I'm glad to see you were able to identify the problem. I confirmed the site loads with HTTP/2 for me as well. Thanks to kdean for assisting you with this. I've removed the hyperlink you originally shared for your site as well as the screenshots posted in this thread which exposed your domain name. I will go ahead and mark this thread as Solved. Best regards

  0

Please sign in to leave a comment.