Upgrade HTTP/2 on DirectAdmin's Nginx Webserver

Dr. McKay

Well-known member
Nov 26, 2016
DirectAdmin is a professional hosting management software, currently being used by many customers. By default DirectAdmin uses HTTP/1.1 protocol in the installation configuration (Custombuild 2.0).

This tutorial applies to the use case of two servers, Apache and Nginx, where Apache is the Application server and Nginx is the Proxy. If your DirectAdmin configuration is a standalone Nginx, you need to replace the file:

By file

Before we start, let's have a quick look at HTTP/2 and the benefits of upgrading.

What is HTTP/2?
HTTP/2 is a newly developed protocol to replace HTTP/1.x – which is currently the default installed on all webservers. HTTP/2 is a completely new version not a modified version of HTTP/1.x. It's faster, simpler, and more powerful than HTTP/1.x.

Design Framework of HTTP/2
HTTP/2 has a completely new binary framework and therefore does not apply back to HTTP/1.x. However, HTTP/2 still uses the key concepts and semantics of the old protocol, but only changes the format regulations of the data transmitted on the protocol, in addition to adding the concept of "priority" and "server". push“.

For details on HTTP/2, please see here:
Advantages of HTTP/2
Increase protocol performance through Reducing latency in response to end users (Clients) and Using network resources of the server (Server Push).


Instructions to upgrade HTTP/2 on Nginx Webserver

Step 1: Check the status of HTTP/2
To check if the server has been upgraded to HTTP/2 or not, we use the online tool: http2.pro

No HTTP/2 support
If the results appear as shown above, your site does not yet support HTTP/2, now we go to the next step.

Step 2: Download the OpenSSL 1.0.2 . library
HTTP/2 started to be supported on 1.0.2, and the popular DirectAdmin installation library on version 1.50 is 1.0.1e.

Execute the following three commands in turn:

cd /usr/local/src/
wget -O /usr/local/src/openssl-1.0.2g.tar.gz https://www.openssl.org/source/openssl-1.0.2g.tar.gz
tar -xvzf openssl-1.0.2g.tar.gzwget -O /usr/local/src/openssl-1.0.2g.tar.gz https://www.openssl.org/source/openssl-1.0.2g.tar. gz
Step 3: Create your own configuration for Nginx
The purpose of this step is to create your own set of configuration files, which should not be edited directly into DirectAdmin's default files.

Create your own configuration folder

mkdir -p /usr/local/directadmin/custombuild/custom/nginx/conf
mkdir -p /usr/local/directadmin/data/templates/custom/
The -p parameter means create directory by path, this will shorten the directory creation process

Copy Nginx configuration file
Copy the 3 configuration files of Nginx into the custom folder just created

Execute the copy file command in turn as follows:

cp /usr/local/directadmin/custombuild/configure/nginx/conf/nginx-vhosts.conf /usr/local/directadmin/custombuild/custom/nginx/conf/nginx-vhosts.conf
cp /usr/local/directadmin/data/templates/nginx_server_secure.conf /usr/local/directadmin/data/templates/custom/nginx_server_secure.conf
cp /usr/local/directadmin/data/templates/nginx_server_secure_sub.conf /usr/local/directadmin/data/templates/custom/nginx_server_secure_sub.conf
Edit file nginx-vhosts.conf

by command

nano /usr/local/directadmin/custombuild/custom/nginx/conf/nginx-vhosts.conf
Find the line

# HTTPS server
server {
listen |IP|:|PORT_443| ssl|SPACE_HTTP2|;
listen|PORT_443| ssl|SPACE_HTTP2|;
listen [::1]:|PORT_443| ssl|SPACE_HTTP2|;
Change the ssl|SPACE_HTTP2| to ssl http2

The result will be as follows:

server {
listen |IP|:|PORT_443| ssl http2;
listen|PORT_443| ssl http2;
listen [::1]:|PORT_443| ssl http2;
Save modifications: press Ctrl + O

Exit editing: press Ctrl + X

Edit file nginx_server_secure.conf

by command:

nano /usr/local/directadmin/data/templates/custom/nginx_server_secure.conf
Find the line:

listen |IP|:|PORT_443| ssl;

Edited into:

listen |IP|:|PORT_443| ssl http2;

Save modifications: press Ctrl + O

Exit editing: press Ctrl + X

Edit file nginx_server_secure_sub.conf

by command:

nano /usr/local/directadmin/data/templates/custom/nginx_server_secure_sub.conf
Find the line:

listen |IP|:|PORT_443| ssl;
Edited into:

listen |IP|:|PORT_443| ssl http2;
Save modifications: press Ctrl + O

Exit editing: press Ctrl + X

Step 4: Create Nginx recompile configuration
Edit the file configure.nginx

Before editing the file to ensure safety, you need to backup, execute the following commands:

cd /usr/local/directadmin/custombuild/configure/nginx_reverse/
tar -czf configure.nginx.default.tar.gz configure.nginx
After backup, edit the file with the command:

nano /usr/local/directadmin/custombuild/configure/nginx_reverse/configure.nginx
Find the paragraph that specifies http_v2_module as follows:

"--with-http_v2_module" \
"--with-cc-opt='-D FD_SETSIZE=32768'"
Add between the 2 lines above the path containing the OpenSSL 1.0.2 source code downloaded above:

"--with-openssl=/usr/local/src/openssl-1.0.2g" \
The result looks like this:

“–with-http_v2_module” \
“–with-openssl=/usr/local/src/openssl-1.0.2g” \
“–with-cc-opt=’-D FD_SETSIZE=32768′”
Save modifications: press Ctrl + O

Exit editing: press Ctrl + X

Step 5: Perform Nginx Rebuild

Write to Task queue

echo "action=rewrite&value=nginx" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq d
Run Update to have DiectAdmin rebuild the Nginx configuration

Execute the following commands one by one:

cd /usr/local/directadmin/custombuild
./build nginx_apache
./build rewrite_confs
service nginx restart
The installation process takes a few minutes, until Nginx restarts successfully, check again with the tool: http2.pro

HTTP/2 supported!

If the results appear as shown in the picture, the HTTP/2 upgrade has been successful!
Latest Threads
Recommended Threads


Latest Blog ArticlesMost Viewed Threads

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.