2016-04-18_222721

Did you realize that HTTP/2 technology is introduced and has now end up being the standard that is new of protocol? The HTTP/2.0 is the new generation as well as replacement of HTTP/1.1 at a glance. Considered brand new yet not built through the ground up, the v2 of HTTP protocol is qualified to delivering a performance that is skyrocketing is still being compatible with its version-1’s HTTP methods, status codes and semantics. Fun fact: HTTP/1.1 was first introduced in 1997, so it is more than … years – you do the math – till the release of HTTP/2.0.

The main advantage of this new protocol is its high transfer speed especially for content-rich websites. All request is allowed by the technology become installed in synchronous, whereas HTTP/1.1 in queue. Additionally, web page transfers are actually done through cable as binary that is more effective. More over, HTTP headers are actually compressed and host is now able to “push” information also users don’t made demand. Consequently, users with a high latency may have enhanced transfer rate. Check out Wikipedia to find out more with this.

think about Nginx? Well, it’s an extremely web that is popular said having faster and lighter performance than Apache’s. Combining HTTP/2 and Nginx together will result an speed that is unbeatable delivering webpages to site visitors while maintaining server’s load low.

Basically, HTTP/2 it self doesn’t need SSL certification but two many web that is popular, Google Chrome and Mozilla Firefox, only support HTTP/2 only for HTTPS connections due to security reasons.

In this tutorial, I show you how to install Nginx, to setup SSL that is free certificate Let’s Encrypt, last but not least ensure it is provide HTTP/2.0 protocol on Ubuntu. As constantly, I’ll act as brief while making the concise that is tutorial instruction steps and screenshot pics.

Also read : How to install Let’s Encrypt SSL on Vestacp.

Prerequisites

  1. A SSH client like Bitvise or Putty and knowledge that is basic utilizing it.
  2. Basic information about typical Unix demand to SSH towards host.
  3. A host or VPS with at the very least 256MB of RAM (OpenVZ) but 512MB is preferred if you work with KVM or Xen.
  4. About 30 mins of your energy.
  5. a walk or tea.

Confused on selecting which VPS provider to set up VestaCP? Study my suggested VPS providers or top end that is low server providers. Quick recommendation: Digital Ocean, Atlantic.net or Ramnode.

In this guide I am using a 512MB RAM Cloud VPS from Atlantic running Ubuntu 15.10 x64.

Do not forget to always replace domain.tld with your own domain name.

Provision a cloud server

Step 1 – Login to Atlantic.net > click on Servers > Add Server.

2016-04-17_210817

Step 2 – Give your server a name and choose in which location you want it to be hosted at. Currently, Atlantic.net has 6 locations that are different: nyc, Dallas, Orlando, San Fransisco, Toronto (CA), and London (UK).

Create A Server on Atlantic

Step 3 – Select Ubuntu 15.10 while the os for the cloud vps.

Choose Ubuntu

Step 4 – Decide which prepare you need (while require).

Choose VPS Plan

Step 5 – Finally, click the Create Server key.

2016-04-17_211935

Step 6 – the procedure should simply take under 1 moment to perform.

building cloud server

Step 6 – as soon as done, the login details are emailed towards inbox.

Check Email

Step 7 – Login towards host via Putty.

Login Putty

Step 8 – Type this demand to improve standard Hostname. Utilize FQDN that is proper hostname:

hostname host.domain.tld
 
 ## example :
 hostname atlantic.servermom.org

Change Hotsname Ubuntu

Step 9 – Close Putty and re-login using session that is new you ought to now view it changed. Additionally it is a great training to improve provided root password with your personal.

relogin putty

Install Nginx

Step 1 – essentially you are able to merely make use of apt-get to set up Nginx however it is perhaps not the version that is latest. What we are going to do is installing newer version that is stable of. Now perform commands below :

wget -qO - http://nginx.org/keys/nginx_signing.key | sudo add that is apt-key13; echo -e "deb http://nginx.org/packages/mainline/ubuntu/ `lsb_release -cs` nginxndeb-src http://nginx.org/packages/mainline/ubuntu/ `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list

install nginx repo

Step 2 – Now do update that is apt

apt-get revision -y
 apt-get upgrade****************************) that are-y(***)update ubuntu apt

Step 3 – Finally, let’s install Nginx.

apt-get install nginx -y

Install Nginx Latest

Once done, you can use nginx -v to check which version is installed.

nginx version

In my example, it is nginx v1.9.14. Open your web access and browser your host via ip.

nginx default page

Setup Nginx Virtual Hosts File

Step 1 – Now nginx is set up therefore works completely. You can now begin incorporating an online site to nginx setup. But you must firstly determine that directory you shall store all your website files. Create that directory :

mkdir -p /var/www/domain.tld/html
 
 ## Other variants:
 mkdir/var/www/domain.tld/public_html&# that is-p(; Mkdir/var/www/domain.tld/htdocs that are-p13; mkdir -p /var/www/html/domain.tld
 
 ## Example of mine
 mkdir/var/www/servermom.xyz/html( that is-p****************************) 

Step 2 – Now make certain it offers permission that is proper and proper ownership.

chmod 755 /var/www
 chown -R $USER:$USER /var/www/domain.tld/html
 
 # example
 chown -R $USER:$USER /var/www/servermom.xyz/html

2016-04-17_220006

Step 3 – Next, you have to edit nginx .conf file and create hosts that are virtual. You can make use of Nano editor.

nano /etc/nginx/conf.d/default.conf

Step 4 – Now modify lines that are few that file accordingly (see below) :

## before you edit
 listen 80;
 server_name localhost;
 
 ## replace that with this
 listen 443 ssl http2;
 server_name domain.tld www.domain.tld;

Step 5 – Also, you need to define the location of your web root directory. Edit these relativ lines :

## before
     location / {
         root   /var/share/nginx/html;
         index  index.html index.htm;
     }
 
 ## after you edit
     location / {
         root   /var/www/servermom.xyz/html;
         index  index.html index.htm;
         try_files $uri $/index.php that is uri/args;
     }
 

Step 6 – Right after that, add following lines :

    ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers 'EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5';
     ssl_dhparam /etc/nginx/ssl/dhparams.pem;
     ssl_session_timeout &# that are 1d**********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************);     ssl_session_cache provided:SSL:50m;
     ssl_stapling on;
     ssl_stapling_verify on;
     add_header Strict-Transport-Security max-age=15768000;
 

On the complete, it'll appear to be this :

nginx virtual hosts file ssl

Now save yourself modifications by pushing Control+O and exit Nano editor by pushing Control+X.

Pointing Domain to Server

Simply edit / add the A and CNAME documents within DNS Management. Inside instance i personally use usually the one comes free with Namecheap.

Namecheap DNS

After that, you are able to simply wait till your domain is completely settled towards host.

Install Let’s Encrypt SSL

(it is important to firstly make sure your domain is pointing to your server***)Before you continue. Otherwise, it would not work.

Step 1 – Install Git and its dependencies :

apt-get -y install git bc
 git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

install git nginx ubuntu

Step 2 – Now let’s try to request the free SSL certificate for your domain. But first, we need to stop nginx service first.

service nginx stop

Step 3 – Now issue command that is following****)

cd /opt/letsencrypt
 ./letsencrypt-auto Certonly--email [email protected] that is--standalone -d domain.tld -d www.domain.tld

example :

2016-04-18_220645

Step 4 – Usually, the time that is first operate the demand it may need longer than typical as it downloads some necessary dependencies. When done, you’ll see something such as this :

ssl request success

Step 5 – create directory that is new store DH parameters :

mkdir /etc/nginx/ssl
 cd /etc/nginx/ssl

Step 6 -Next, generate Diffie Helman parameters:

openssl dhparam -out dhparams.pem 2048

The process usually takes long time:

Diffie Helman Parameters

Step 7 -Test Nginx configuration and start the service :

nginx -t
 systemctl start nginx.service

2016-04-18_221926

Step 8 – open your browser up then take to accessing your domain via https

https://domain.tld

ssl nginx success

Step 9 – Now you'll want to redirect from http to https. Get edit right back your nginx .conf file :

nano /etc/nginx/conf.d/default.conf

Step 10 – and place these lines in top component:

server {
        listen         80;
        server_name    domain.tld;
        return         301 https://$server_name$request_uri;
 }
 

so it will look similar to this

2016-04-18_222721

Testing SSL Quality

In your browser, go visit https://www.ssllabs.com/ssltest/ and try testing the quality of your ssl setup.

2016-04-18_222957

However, you will get A+ if you followed the steps above correctly. Select image below to see report that is detailed

2016-04-18_223236

Testing HTTP/2 Protocol

If you are using Mozilla Firefox, then simply press Control+Shift+Q to bring up tool that is networking. From then on merely refresh your web page plus in the

httpv2 test

Done. Many thanks for the attention in looking over this article. Never wait to go out of remark below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here