Opened 2 years ago

Closed 2 years ago

Last modified 18 months ago

#1623 closed defect (invalid)

HTTP/2 config applied globally

Reported by:… Owned by:
Priority: major Milestone:
Component: other Version: 1.15.x
Keywords: Cc:
uname -a: Linux xxx 4.17.17-x86_64-linode116 #1 SMP PREEMPT Mon Aug 20 16:07:40 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/ --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_auth_request_module --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --with-http_perl_module=dynamic --with-mail=dynamic --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream=dynamic --with-stream_ssl_module --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'


Hi there,

the issue is as following: a certaing .conf file for a specific service had http/2 defined wrongly on port 80. As a result, all other services defined in all other .conf files had requests treated as http/2. So visiting and (totally separate from the conf file with http/2 defined) resulted in a file being downloaded with the exact content
"0000 1204 0000 0000 0000 0300 0000 8000
0400 0100 0000 0500 ffff ff00 0004 0800
0000 0000 7fff 0000 0000 0807 0000 0000
0000 0000 0000 0000 01".

The websites could only be visited by typing http(s):(www.), with the protocol. So even though http/2 was defined for a specific server name, it got applied globally to all websites defined in Nginx and brought all of them down, since they had no http/2 implementations.

I've spent the entire day trying to figure out what was wrong. As soon as I removed http/2 from a specific conf file, everything started working again for all hosted websites.

Change History (2)

comment:1 by Maxim Dounin, 2 years ago

Resolution: invalid
Status: newclosed

This is expected behaviour. The "http2" parameter of the listen directive enables HTTP/2 on a listening socket, not in a particular virtual server, see docs.

comment:2 by Sergey Kandaurov, 18 months ago

See also #1827.

Note: See TracTickets for help on using tickets.