iCompaas Support

Profile Applicability:

• Level 1

Description:

This check ensures that the web app hosted in Azure App Service has HTTP/2 enabled. HTTP/2 is a major revision of the HTTP network protocol that provides improvements over HTTP/1.x, including better performance, multiplexing, and header compression. Enabling HTTP/2 ensures faster page loads and a more efficient transfer of web resources.

Rationale:

HTTP/2 offers several advantages over HTTP/1.x, such as multiplexing multiple requests over a single connection, which reduces latency and improves the overall speed of web applications. By enabling HTTP/2, applications benefit from faster load times, lower bandwidth usage, and enhanced performance, especially for complex web pages with many resources. This is important for both user experience and SEO.

Impact:

Pros:

• Improves the speed and efficiency of web applications.
  

• Reduces the number of connections required to transfer multiple resources, improving load times.
  

• Can improve SEO rankings due to faster page load times.
  

• Supports modern features like header compression and multiplexing.
  

Cons:

• Some older clients or browsers may not support HTTP/2, leading to compatibility issues.
  

• May require additional configuration and testing to ensure compatibility with legacy systems.
  

Default Value:

By default, Azure App Service enables HTTP/2 for SSL/TLS connections if the app uses a custom domain with an SSL certificate. For HTTP connections, it needs to be manually enabled.

Pre-requisites:

Ensure that the app uses HTTPS and has an SSL certificate properly configured, as HTTP/2 only works with secure connections.

Test Plan:

Using Azure Console:

1. Log in to the Azure portal at https://portal.azure.com.
   

2. Go to the App Services blade.
   

3. Select the app you want to review.
   

4. Under the Settings section, click on TLS/SSL settings.
   

5. Check if HTTP/2 is enabled by confirming that HTTP20enabled is set to true under the General Settings section.
   

Using Azure CLI:

To check if HTTP/2 is enabled, run the following command:

az webapp config show --resource-group <RESOURCE_GROUP_NAME> --name <APP_NAME> --query "http20Enabled"

1. The output should return true if HTTP/2 is enabled.
   

Implementation Plan:

Using Azure Console:

1. Log in to the Azure portal at https://portal.azure.com.
   

2. Go to App Services.
   

3. Select the app for which you want to enable HTTP/2.
   

4. Under the Settings section, click on TLS/SSL settings.
   

5. In the General Settings section, set HTTP20enabled to true.
   

6. Click Save to apply the changes.
   

Using Azure CLI:

To enable HTTP/2, run the following command:

az webapp config set --resource-group <RESOURCE_GROUP_NAME> --name <APP_NAME> --http20-enabled true

Backout Plan:

Using Azure Console:

1. Log in to the Azure portal at https://portal.azure.com.
   

2. Go to App Services.
   

3. Select the app for which you want to disable HTTP/2.
   

4. Under the Settings section, click on TLS/SSL settings.
   

5. In the General Settings section, set HTTP20enabled to false.
   

6. Click Save to apply the changes.
   

Using Azure CLI:

To disable HTTP/2, run the following command:

az webapp config set --resource-group <RESOURCE_GROUP_NAME> --name <APP_NAME> --http20-enabled false

References:

• Azure App Service: Enable HTTP/2
  

• https://developers.google.com/web/updates/2015/09/behind-the-scenes-http2