Alex

Alex

Live

NGINX mainline supports HTTP/3 now and it would be nice for a (newly deployed server) to enable this for vhosts and open the 443/UDP port. Possibly optional since it requires mainline NGINX but IMHO worth it.

Background info:

Dennis

Dennis

· · Edited
·

Before we'll do this implementation, we'll have to upgrade our NGINX installations.

We've released that this morning, 1.24 is being installed on fresh servers now. We'll be adding a documentation article & upgrade button to upgrade existing NGINX versions.

We'll have to wait until this seems stable and working, then we'll integrate the stable/mainline option inside the server builder, and also HTTP/3.

9 total votes
Kay van Aarssen

Kay van Aarssen

· · Edited
·

@Dennis Any news on this, and will it be an option on existing servers to switch to the Mainline version? Or do we need to deploy a new server for that?

1 total vote
dgillier
Simon

Simon

· · Edited
·

Any update on this? I am looking to get my sites QUIC/HTTPS3 ready.

1 total vote
dgillier
Jesser Horitani

Jesser Horitani

· · Edited
·

Please also update haproxy on load balancers to version 2.8. That version also supports HTTP/3.

2 total votes
dgillier Kay van Aarssen
dgillier

dgillier

·
·

Hello, Any news on this ?

no votes yet
Dennis

Dennis

· · Edited
·
2 total votes
Julius Kiekbusch Kay van Aarssen
Kay van Aarssen

Kay van Aarssen

·
·

For now if you want to use it add this to your NGINX Site config;

    # HTTP/3 QUIC
    listen 443 quic reuseport;
    listen [::]:443 quic reuseport;
    ssl_protocols TLSv1.3;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    add_header Alt-Svc 'h3-29=":443"; ma=86400'; # h3-29 is the version of HTTP/3
    add_header X-Content-Type-Options nosniff;

Make sure you also open port 443 UDP on both your VPS Provider if you have Firewall Enabled and also in the network tab on the server level in Ploi.

To see if HTTP/3 Works you can use this website: https://http3check.net/

no votes yet
Dennis

Dennis

·
·

Basically, in essence, this is it. I am still looking how to do this UI-wise properly.

The change isn't that hard, really. Just UI-wise a challenge to not overbloat it.

no votes yet
Julius Kiekbusch

Julius Kiekbusch

·
·

My approach would be:

  1. Enabled by default for all new servers.
  2. Automatic Changes after confirmation
  3. a list of manual steps, like settings allowing UDP ports on 443 or adding the nginx snippet. (for these who do not trust automation or have a complicated setup)
no votes yet
Dennis

Dennis

· · Edited
·

It would be beautiful if anyone here can test! Kay already did, and it was a success 🔥

2 total votes
Dennis Lizarzaburu Claes Boklund
Claes Boklund

Claes Boklund

· · Edited
·

Works!

no votes yet
Julius Kiekbusch

Julius Kiekbusch

· · Edited
·

Hey, I would also like to test this, but I am unsure what steps I need to follow.

First I checked on a Ubuntu 20.04 LTS the nginx version with nginx -v:
nginx version: nginx/1.18.0 (Ubuntu)

I probably need to upgrade my nginx, for HTTP/3 Support right? How would I do that?

Afterwards I would add the snippet from Kay to the site which should support HTTP/3:

    # HTTP/3 QUIC
    listen 443 quic reuseport;
    listen [::]:443 quic reuseport;
    ssl_protocols TLSv1.3;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    add_header Alt-Svc 'h3-29=":443"; ma=86400'; # h3-29 is the version of HTTP/3
    add_header X-Content-Type-Options nosniff;

Lastly I need to request a new Let's Encrypt certificate with HTTP/3 support right?

Or are there other constraints/requirements/steps to follow?

no votes yet
Dennis

Dennis

·
·

Ok so with Ploi, your server needs to be created after May 2024, if it's not, it wont automatically allow you.

This guide, shows you how you can do it manually: https://ploi.io/documentation/server/setting-up-http3-with-nginx-on-ubuntu

You do not need to request a fresh SSL certificate, this is unrelated.

no votes yet

HTTP/3 support

21 total votes
  • Dennis moved item to board Live

    1 month ago
  • Dennis moved item to board In code review

    2 months ago
  • Dennis moved item to board In progress

    1 year ago
  • Dennis moved item to board Planned

    1 year ago
  • Alex moved item to project Server Level Requests

    1 year ago
  • Alex created the item

    1 year ago