How to Enable HTTP/3
To enable HTTP/3 for all apps on a server, go to the server's Settings page in ServerPilot, select the option for "HTTP/3", and click "Update Settings".
About HTTP/3
HTTP/3 makes pages load faster by using QUIC, a communication protocol built on UDP. Additionally, HTTP/3 traffic is always encrypted.
Browsers do not make their initial request to a domain using HTTP/3.
Instead, the browser's first request to a domain will still use either
HTTP/2 (for https:// requests) or HTTP/1.1 (for http:// requests).
Servers that support HTTP/3 add an Alt-Svc header in
every response to tell clients such as browsers that HTTP/3 is available.
When a browser sees the Alt-Svc header in the response,
the browser creates an HTTP/3 connection to use for future requests.
Alt-Svc header.
HTTP/3 Requirements
For an app to be available over HTTP/3, the following requirements must be met:
- The server's "HTTP/3" setting must be enabled in ServerPilot.
- The app must have SSL enabled and the SSL certificate must be trusted for the requested domain.
- The server must be running Nginx 1.27.0 or greater.
You can check a server's Nginx version with the command
dpkg -l sp-nginx. - The server must be running Ubuntu 16.04 or greater.
You can check a server's Ubuntu version with the command
lsb_release -a. - Inbound port 443 UDP must not be blocked by a firewall. If you have a firewall configured at your server provider, you must open this port.
If any of the above requirements are not met, browsers will continue using HTTP/2 or HTTP/1.1 to communicate with your apps.
Verify HTTP/3 Is Working from the Command Line
Due to HTTP/3 being a new and complex protocol, standard builds of the curl
command do not yet include support for HTTP/3.
To test HTTP/3 by making requests from the command line,
you must download a custom build of the curl command.
These instructions are only for testing HTTP/3 from the command line.
The commands below will not replace your system's curl command.
Do not try to replace your server's existing curl command.
Download a build of curl that includes HTTP/3 support
On MacOS:
The commands below will place the curl executable in your home directory.
OS=macos ARCH=$(uname -m) VERSION=8.9.1 cd $HOME wget https://github.com/stunnel/static-curl/releases/download/$VERSION/curl-$OS-$ARCH-$VERSION.tar.xz tar xf curl-$OS-$ARCH-$VERSION.tar.xz
On Linux:
The commands below will place the curl executable in the home directory of
the user you are logged in as. You do not need to be logged in as "root".
OS=linux ARCH=$(uname -m) VERSION=8.9.1 cd $HOME wget https://github.com/stunnel/static-curl/releases/download/$VERSION/curl-$OS-$ARCH-musl-$VERSION.tar.xz tar xf curl-$OS-$ARCH-musl-$VERSION.tar.xz
On Windows:
Download the appropriate release for your system's architecture from
https://github.com/stunnel/static-curl/releases.
Extract the downloaded archive which contains a curl executable.
Use the downloaded curl command to make an HTTP/3 request
./curl --connect-timeout 2 -I --http3-only https://DOMAIN/
If the domain is available over HTTP/3, you will see output like the following:
HTTP/3 200 server: nginx date: Tue, 06 Aug 2024 22:51:41 GMT content-type: text/html; charset=UTF-8 vary: accept-encoding alt-svc: h3=":443"; ma=86400
If the domain is not available over HTTP/3, you will see the following error:
curl: (28) Failed to connect to DOMAIN port 443 after 2004 ms: Timeout was reached
Verify HTTP/3 Is Working from a Browser
To use your browser to verify requests are using HTTP/3, open the browser's developer tools, go to the network inspector tab, and look at the value of the "protocol" column. If the protocol is "h3", then HTTP/3 was used for the request.
Remember that the first request a browser makes to a domain will not use HTTP/3.
If the protocol is "h2" rather than "h3", then you should refresh the page.
If the protocol you see is "http/1.1", then you are not using SSL for your request and
you should make your request using https:// rather than http://.