CODEWITHSUNDEEP
apachenginxproxyreverse
Stef
Stef

Reputation: 13

NGINX Webserver with Apache Reverse Proxy http2

i have configued my Apache to act as a Reverse Proxy. Now i wanted to enabled http2 to speed it up.

Apache has the module enabled and Nginx also.

When i enter

Protocols h2 h2c http/1.1
ProtocolsHonorOrder Off

ProxyPass / h2://192.168.2.100/
ProxyPassReverse / https://192.168.2.100/

into the apache site configuration, Nginx throws a 400 Bad Request Error.

Using this code instead works:

Protocols h2 h2c http/1.1
ProtocolsHonorOrder Off
ProxyPass / https://192.168.2.100/
ProxyPassReverse / https://192.168.2.100/

Nginx Config:

listen 443 ssl http2;

How do i need to configure this section to work properly?#

Upvotes: 0

Views: 1432

Answers (2)

JimP
JimP

Reputation: 31

I realize that this post is over a year old, but I ran into a similar issue after upgrading nginx to 1.20.1. Turns out that nginx was receiving multiple Host headers from Apache when HTTP2 was used. Adding RequestHeader unset Host resolved the issue.

Upvotes: 3

adam-asdf
adam-asdf

Reputation: 656

This is more a comment than an answer but it looks like you're new so maybe I can help (at the risk of being totally wrong).

I'm working on configuring Nginx as a reverse proxy for Apache to run a Django application (By the way, I have never heard of anyone using Apache as a reverse proxy for Nginx).

But there's some discussion in the Nginx documentation that makes me think it might not even be possible:

Reading through the Nginx docs on proxy_pass they mention how using websockets for proxying requires a special configuration

In that document it talks about how websockets requires HTTP1.1 (and an Upgrade and Connection HTTP header) so you can either basically fabricate them proxy_set_header between your server and proxy or you can pass them along if the client request includes them.

Presumably in this case, if the client didn't send the Upgrade header, you'd proxy_pass the connection to a server using TCP, rather than websockets.

Well, HTTP2 is (I assume) another Upgrade and one likely to have even less user agent support. So at the least, you'd risk compatibility problems.

Again, I have never configured Apache as a (reverse) proxy but my guess from your configuration is that Apache would handle the encryption to the client, then probably have to re-encrypt for the connection to Nginx.

That's a lot of overhead just on encryption, and probable browser compatibility issues...and probably not a great set up.

Again, I'm not sure if it's possible, I came here looking for a similar answer but you might want to reconsider.

Upvotes: 0

Related Questions