HTTP2 not working for pages

M

MooCow

New Member
#1
#1
New to LiteSpeed and still on trial version but will definitely purchase, as NginX drove me nuts!

According to Chrome developer and other tools, images, .js, .json etc. are loading under HTTP2, however, my pages are still loading under HTTP1.1

Would be great if I can get everything loading under HTTP2 or even better HTTP3
 
M

MooCow

New Member
#3
#3
Thanks for the reply.

1 - Website URL = https://www.disabled-world.com

2 - HTTP/3 Check:

https://http3check.net/?host=https://www.disabled-world.com/

HTTP/3 Check could not get establish a QUIC connection due to the error given below.

QUIC connection could not be established

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 13881
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 13 Feb 2020 14:04:37 GMT
edit: Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=strict
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'; payment 'none'
Expect-CT: max-age=300, enforce, report-uri=https://www.disabled-world.com/reports/expect-ct-report.php
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; report-uri https://www.disabled-world.com/reports/csp.php
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-24=":443"; ma=2592000, h3-25=":443"; ma=2592000


3 - Results from https://www.getpagespeed.com/check-website-speed?url=https://www.disabled-world.com/

HTTP/2.0 Protocol Support
Not supported.
 
M

MooCow

New Member
#5
#5
Command:

[root@host ~]# netstat -lupn | grep 443

Results in:

udp 0 0 0.0.0.0:443 0.0.0.0:* 3603/litespeed (lsh
udp 0 0 0.0.0.0:443 0.0.0.0:* 3603/litespeed (lsh
udp6 0 0 :::443 :::* 3603/litespeed (lsh
udp6 0 0 :::443 :::* 3603/litespeed (lsh

---------------------------------------------------------
So, in CSF Firewall

Enabled UDP 443 - both in and out
Turned LF_SPI off
UDPFLOOD was already off.

Checked netstat -lupn | grep 443 again:

[root@host ~]# netstat -lupn | grep 443
udp 0 0 0.0.0.0:443 0.0.0.0:* 3603/litespeed (lsh
udp 0 0 0.0.0.0:443 0.0.0.0:* 3603/litespeed (lsh
udp6 0 0 :::443 :::* 3603/litespeed (lsh
udp6 0 0 :::443 :::* 3603/litespeed (lsh

-------------------------------------------------------

Command:

[root@host ~]# alt-svc:quic=":443"; v="35,37", or "http/2+quic/37"

Outputs:

-bash: alt-svc:quic=:443: command not found
-bash: or: command not found

-------------------------------------------------------

https://http3check.net/ NOW shows:

QUIC is supported
HTTP/3 is supported

YET...

Chrome HTTP/2 and SPDY indicator, shows green lightning bolt only AFTER refreshing page

Firefox shows blue lightning bolt for pages without refreshing.

Redbot, securityheaders.com, and other header checkers still show HTTP/1.1 200 OK

Chrome developer lighthouse still shows HTTP1.1 for pages (php).

---------------------------------------------------

Any ideas?

Thanks, Ian.
 
You must log in or register to reply here.
Top