Enabling SPDY with Nginx

SPDY is this new, cool, fast protocol created by Google that “replaces” HTTP (the first draft of HTTP 2.0 is using SPDY as the working base). It is supported in all the major browsers – yes, even Internet Explorer – with the exception of Apple’s Safari.


UPDATE: September 22, 2015 Nginx 1.9.5 was released with support for HTTP/2. I recommend you enable HTTP/2 instead of SPDY.


First, you must have Nginx up and running with a SSL certificate. Even though it is theoretically possible to run SPDY without SSL, in practice we need SSL to make it work.

Now, make sure your version of Nginx is compiled with SPDY support:

$ nginx -V

Make sure you can find “–with-http_spdy_module” somewhere in that output. If you don’t, you need to grab a build with the SPDY module enabled. I recommend the latest version from the Nginx Ubuntu repo. Also make sure you are using version 1.5 or newer. 1.4 only supports SPDY/2 which the browsers have stopped supporting. 1.5–1.7 have support for SPDY/3.1 which is the current version.

Now it is as simple as adding a single word to your Nginx config. Open the server block config for your SSL site, and change this line:

listen 443 ssl;

to:

listen 443 ssl spdy;

and reload your config:

$ service nginx reload

Now all SPDY enabled visitors should get your site delivered over SPDY, while older browsers get regular SSL.

How can you check this? SPDYCheck.org is a nice online tool that checks if a website properly supports the SPDY protocol. If you use Google Chrome, you can also browse to your site, and then type “chrome://net-internals/#spdy” in your address bar. You should find your site there.

The only thing left, is that you probably want to route all visitors that comes through standard http on port 80 to your SPDY/SSL port 443. I replace my standard server block with this:

server {

    server_name _;

    rewrite ^ https://example.com$request_uri permanent;

}

Remember to reload your config:

$ service nginx reload

Now, that wasn’t even hard :-)
You are now ready to optimize HTTPS on Nginx.

2 Comments

    1. it is theoretically possible to run SPDY without SSL, in practice we need SSL to make it work.

      No client implementation supports SPDY or HTTP/2 without TLS (SSL).
      BTW: You should look into HTTP/2 instead of SPDY.

Comments are closed.