How To Enable HTTP2 (SPDY) on Heroku

What is HTTP2

Hyper Text Transfer Protocol (HTTP) is the series of steps that web browsers communicate with web servers.

Each version of HTTP defines different features that can be used in these communications, things like compression, encryption, does the connection stay open between requests, how much data can be sent at a time, etc.

HTTP2 is the latest version of HTTP and brings with it multiple benefits:

Multiplexed connections

This allows multiple files to be downloaded on a single connection to the server, skipping the need for reconnecting and tearing down the underlying connection for each file.

Security

From a practical standpoint HTTP/2 is only enable for HTTPS/TLS secured connections increasing data security.

Fallback compatibility

If a client can’t connect via HTTP2 it will seamlessly fall back to using HTTP1 making it very safe to switch.

Header Compression

Each request / response cycle from the browser to the server sends and receives a large number of headers. These headers specify everything from security options the browser should take to what language should be used.

Prior to HTTP2 these headers were not optimally compressed leading to bloated responses to even relatively small requests.

Prerequisites

What you need to get started:

  1. Expedited WAF add-on is setup in front of your application.

How To Enable HTTP2 on Heroku

Enable HTTP/2 (“SPDY”) from the Site Speed Up page of your Expedited WAF dashboard:

Notes

  • “SPDY” was a Google specific HTTP protocol which was an immediate precursor to HTTP2. Some additional features were added to it and it’s been ratified by the IETF as HTTP2
  • HTTP2 (and site speed generally) are considered to be a SEO ranking factor

Resources

Learn more about HTTP2

Try Expedited WAF.
Get a Free Tee.

Option 1: Install Expedited WAF (the Web Application Firewall service that shields your Heroku applications from attacks) from the Heroku Elements Marketplace..

Seven days later we'll ask for some feedback and your (US or Canada only) shipping details.

Option 2: Select a Date & Time below to talk to us about your existing web application security framework and see how Expedited WAF can help better secure your Heroku applications.