Jump to content

Recommended Posts

HELLO! Is anyone running a http/2 setup in production yet and have any strategies / experiences they can share?

I'm currently running on Ubuntu with DigitalOcean | nginx with serverpilot.io (and they now offer https/2 support)

Share this post


Link to post
Share on other sites

I also have an Ubuntu droplet on Digital Ocean. After setting up the free Let's Encrypt SSL certificates, I have activated http/2 and everything runs smoothly. I haven't tweaked my sites to take full advantage of http/2, or run benchmarks to measure improvements though. 

  • Like 2

Share this post


Link to post
Share on other sites

no before and after benchmarks with pingdom, google page speed or anything like that? I'm also wondering about how my css/jss asset work flow would work with http/2 as I've read it benfits most when assets are seperated and not concaternated (like using AIOM module). https://www.smashingmagazine.com/2016/02/getting-ready-for-http2/#concatenating-css-and-javascript

  • Like 1

Share this post


Link to post
Share on other sites

I'm also running it on Digital Ocean, using forge.laravel.com panel to config Let's Encrypt and everthing else #lazyweb :)

So far so good. 

Didn't fully tested it yet because the project is in alpha state but it looks great so far on a quick webpagetest run. 

And yes, you must avoid concatenation of all files as your request will be bigger than it needs to be depending on your page.

Basically, forget almost all you learned about http connection optimizations. :)

Read: https://www.smashingmagazine.com/2016/02/getting-ready-for-http2/

  • Like 2

Share this post


Link to post
Share on other sites

I have my company website running with http/2 on DO with nginx. I didn't use concatenation or any frontend asset post-processing, as the CSS is quite small and the gzipping is done by the server. 

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By anttila
      I have a new server and wanted to use nginx. However, I have two ProcessWire websites which does not let me do anything. I'll get this error every time when I try to change something and sometimes when logging in. Deleted all caches already from ProcessWire and browser. This also happens after installing new ProcessWire and all directories were owned by www-data.
      I also have two working websites without any problems and all these four uses same kind of setting on nginx config. I don't understand why some of those working fine and some not.
      Running Debian 10, MariaDB 10.3.22, PHP 7.4, nginx 1.14.2
      This request was aborted because it appears to be forged. #0 /sites/clients/clientname/wire/modules/Process/ProcessPageTrash.module(49): ProcessWire\SessionCSRF->validate() #1 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessPageTrash->___execute() #2 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #3 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #4 /sites/clients/clientname/wire/core/ProcessController.php(337): ProcessWire\Wire->__call() #5 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessController->___execute() #6 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #7 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #8 /sites/clients/clientname/wire/core/admin.php(150): ProcessWire\Wire->__call() #9 /sites/clients/clientname/wire/modules/AdminTheme/AdminThemeDefault/controller.php(13): require('/sites/clients/...') #10 /sites/clients/clientname/site/templates/admin.php(15): require('/sites/clients/...') #11 /sites/clients/clientname/wire/core/TemplateFile.php(318): require('/sites/clients/...') #12 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\TemplateFile->___render() #13 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #14 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #15 /sites/clients/clientname/wire/modules/PageRender.module(536): ProcessWire\Wire->__call() #16 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\PageRender->___renderPage() #17 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #18 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #19 /sites/clients/clientname/wire/core/WireHooks.php(924): ProcessWire\Wire->__call() #20 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #21 /sites/clients/clientname/wire/modules/Process/ProcessPageView.module(213): ProcessWire\Wire->__call() #22 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\ProcessPageView->___execute() #23 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #24 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #25 /sites/clients/clientname/index.php(55): ProcessWire\Wire->__call() #26 {main}  
    • By Peter Knight
      Hi all
      My .htaccess file is correctly redirecting all requests to
      https:// www. That's great until I want to work locally.
      I thought I had seen a blog post by Ryan where there was a new config setting to ignore both of these if working from localhost?
      I can't find it now so wondering if I was imagining 😕
       
       
    • By Sten
      Hell,
      Although I use a config on an other of my sites that works well. An error 500 is driving me nuts.
      Coul someone have a look on my config
      server { listen 80; server_name attente.xyz; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 ssl; server_name attente.xyz; ssl_certificate /etc/letsencrypt/live/krouus.company/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/krouus.company/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Activer le ciphers et mettre ceux autorisés (je vous laisse faire de plus amples recherches pour ça ;) ) ssl_prefer_server_ciphers on; ssl_ciphers 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256'; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # La fameuse clé générée en dernier ssl_dhparam /etc/nginx/dhparam.pem; # Ajout d'une règle http add_header Strict-Transport-Security "max-age=31536000;"; root /var/www/attente.xyz/html; index index.php index.html index.htm; location / { # try_files $uri $uri/ /index.php?it=$uri&$args; try_files $uri /index.php$is_args$args; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffers 4 256k; fastcgi_buffer_size 128k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~ \.php$ { #try_files $uri =404; include snippets/fastcgi-php.conf; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # .htaccess 10. fastcgi_param HTTP_MOD_REWRITE On; fastcgi_param X-Real-IP $remote_addr; fastcgi_param X-Forwarded-For $remote_addr; fastcgi_param Host $host; } location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf|svg|ttf|eot|woff|less|pdf)$ { #expires max; log_not_found off; ## No need to bleed constant updates. Send the all shebang in one ## fell swoop. tcp_nodelay off; ## Set the OS file cache. open_file_cache max=1000 inactive=120s; open_file_cache_valid 45s; open_file_cache_min_uses 2; open_file_cache_errors off; valid_referers attente.xyz; ##ajout ProcessWire expires 24h; #log_not_found off; access_log off; try_files $uri /index.php?it=$uri&$args; } # .htaccess 8.1 charset utf-8; # .htaccess 3. location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; } # .htaccess 4. # add_header X-Frame-Options SAMEORIGIN always; # Set by ProcessWire core add_header X-XSS-Protection "1; mode=block"; # add_header X-Content-Type-Options "nosniff"; # ----------------------------------------------------------------------------------------------- # .htaccess 5. # ----------------------------------------------------------------------------------------------- # Block access to ProcessWire system files location ~ \.(inc|info|info\.json|module|sh|sql)$ { deny all; } # Block access to composer files location ~ composer\.(json|lock)$ { deny all; } # Block access to any file or directory that begins with a period (except well-known) location ~ (^|/)\.(?!well-known)|^\..*$ { deny all; } # ----------------------------------------------------------------------------------------------- # .htaccess 15. # ----------------------------------------------------------------------------------------------- # Block access to protected assets directories location ~ ^/(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) { deny all; } # Block acceess to the /site/install/ directory location ~ ^/(site|site-[^/]+)/install($|/.*$) { deny all; } # Block dirs in /site/assets/ dirs that start with a hyphen location ~ ^/(site|site-[^/]+)/assets.*/-.+/.* { deny all; } # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php location ~ ^/(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ { deny all; } # Block access to any PHP-based files in /templates-admin/ location ~ ^/(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP or markup files in /site/templates/ location ~ ^/(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP files in /site/assets/ location ~ ^/(site|site-[^/]+)/assets($|/|/.*\.php)$ { deny all; } # Block access to any PHP files in core or core module directories location ~ ^/wire/(core|modules)/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any PHP files in /site/modules/ location ~ ^/(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any software identifying txt files location ~ ^/(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md)$ { deny all; } # Block all http access to the default/uninstalled site-default directory location ~ ^/site-default/ { deny all; } }
      Thank you for any hunch.
    • By cosmicsafari
      Hi all,
      Just a quick question, when using the multisite module is there anything different that needs to be done in order to setup HTTPS for each of the domains its serving?
      Would a single SSL certificate for the main domain be enough to cover the others aswell or would you need multiple ceritficates one for each domain the mutlisite setup uses?
       
    • By dweeda
      I installed an SSL Certificate, then edited my .htaccess file:
        # -----------------------------------------------------------------------------------------------
        # 9. If you only want to allow HTTPS, uncomment the RewriteCond and RewriteRule lines below.
        # -----------------------------------------------------------------------------------------------
        RewriteCond %{HTTPS} off
        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
      by uncommenting out the Rewrite lines.
      Now I get 404 error pages when I try go to any .../processwire-master/<pagename>/
      This includes my admin page at .../processwire-master/processwire/, so i can't get into my admin.
      What else do I need to do?
×
×
  • Create New...