#StackBounty: #nginx #ssl #http2 #mod-pagespeed How to resolve ERR_HTTP2_PROTOCOL_ERROR for static files on a first page load (SSL + Pa…

Bounty: 100

I have a nginx HTTP2 + ngx_pagespeed + brotli + WordPress W3 Total Cache setup.
On a first page load some static files that were modified by the Pagespeed fail to load, giving a ERR_HTTP2_PROTOCOL_ERROR.

Initially I thought that it’s W3 Total Cache fault by after reloading cached page eveything seems to load fine. Is it Pagespeed messing something up or my SSL settings are wrong?

My site conf:

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name mywebsite.com www.mywebsite.com;

    root /srv/mywebsite.com/www/;
    index index.php index.html index.htm;
    error_log /srv/mywebsite.com/log/error.log;

    keepalive_timeout 60;

    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
    ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
    ssl_ecdh_curve secp384r1;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_stapling on;
    ssl_stapling_verify on;

    ssl_trusted_certificate /etc/letsencrypt/live/mywebsite.com/chain.pem;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    ssl_session_tickets off;
    ssl_prefer_server_ciphers on;
    ssl_buffer_size 4k;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";

    pagespeed on;
    pagespeed Domain http://mywebsite.com;
    pagespeed Domain https://mywebsite.com;
    pagespeed MapOriginDomain localhost https://mywebsite.com;
    pagespeed LoadFromFile https://mywebsite.com /srv/mywebsite.com/www/;
    pagespeed FileCachePath /var/cache/pagespeed;
    pagespeed EnableFilters prioritize_critical_css,extend_cache,rewrite_javascript,rewrite_css,convert_jpeg_to_progressive,convert_jpeg_to_webp,convert_png_to_jpeg,convert_to_webp_lossless,recompress_jpeg,recompress_png,recompress_webp,jpeg_subsampling,resize_images,strip_image_color_profile,strip_image_meta_data,inline_images;
    pagespeed PreserveUrlRelativity on;
    pagespeed XHeaderValue "Powered By ngx_pagespeed";
    pagespeed ImplicitCacheTtlMs 2592000000;
    pagespeed LoadFromFileCacheTtlMs 2592000000;

    # BEGIN W3TC Page Cache core
    set $w3tc_rewrite 1;
    if ($request_method = POST) {
        set $w3tc_rewrite 0;
    }
    if ($query_string != "") {
        set $w3tc_rewrite 0;
    }
    if ($request_uri !~ /$) {
        set $w3tc_rewrite 0;
    }
    if ($http_cookie ~* "(comment_author|wp-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") {
        set $w3tc_rewrite 0;
    }
    set $w3tc_preview "";
    if ($http_cookie ~* "(w3tc_preview)") {
        set $w3tc_preview _preview;
    }
    set $w3tc_ssl "";
    if ($scheme = https) {
        set $w3tc_ssl _ssl;
    }
    if ($http_x_forwarded_proto = 'https') {
        set $w3tc_ssl _ssl;
    }
    set $w3tc_enc "";
    #if ($http_accept_encoding ~ gzip) {
    #    set $w3tc_enc _gzip;
    #}
    set $w3tc_ext "";
    if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.html$w3tc_enc") {
      set $w3tc_ext .html;
    }
    if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.xml$w3tc_enc") {
        set $w3tc_ext .xml;
    }
    if ($w3tc_ext = "") {
        set $w3tc_rewrite 0;
    }
    if ($w3tc_rewrite = 1) {
        rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview$w3tc_ext$w3tc_enc" last;
    }
    # END W3TC Page Cache core

    # BEGIN W3TC Page Cache cache
    location ~ /wp-content/cache/page_enhanced.*html$ {
        expires modified 3600s;
        add_header Vary "Accept-Encoding, Cookie";
        add_header Pragma "public";
        add_header Cache-Control "public";
    }
    location ~ /wp-content/cache/page_enhanced.*gzip$ {
        brotli off;
        gzip off;
        types {
            text/xml xml_gzip;
        }
        default_type text/html;
        expires modified 3600s;
        add_header Vary "Accept-Encoding, Cookie";
        add_header Pragma "public";
        add_header Cache-Control "public";
        add_header Content-Encoding gzip;
    }
    # END W3TC Page Cache cache

    location ~ ".pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+" {
      add_header "" "";
    }
    location ~ "^/pagespeed_static/" { }
    location ~ "^/ngx_pagespeed_beacon$" { }

    # BEGIN W3TC Browser Cache
    pagespeed HttpCacheCompressionLevel 0;
    gzip on;
    gzip_vary on;
    gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access video/webm application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint image/svg+xml application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel;
    location ~ .(css|htc|less|js|js2|js3|js4)$ {
        expires 31536000s;
        etag off;
        if_modified_since exact;
        add_header Pragma "public";
        add_header Cache-Control "public";
        try_files $uri $uri/ $uri.html /index.php?$args;
    }
    location ~ .(html|htm|rtf|rtx|txt|xsd|xsl|xml)$ {
        expires 3600s;
        etag off;
        if_modified_since exact;
        add_header Pragma "public";
        add_header Cache-Control "public";
        try_files $uri $uri/ $uri.html /index.php?$args;
    }
    location ~ .(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|rss|atom|gif|tgz|gz|rar|gzip|bz2|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|webm|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip)$ {
        expires 31536000s;
        etag off;
        if_modified_since exact;
        add_header Pragma "public";
        add_header Cache-Control "public";
        try_files $uri $uri/ $uri.html /index.php?$args;
    }
    add_header Referrer-Policy "";
    # END W3TC Browser Cache

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ .php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param DOCUMENT_ROOT /srv/mywebsite.com/www/;
        fastcgi_param SCRIPT_FILENAME /srv/mywebsite.com/www$fastcgi_script_name;
        fastcgi_param PATH_TRANSLATED /srv/mywebsite.com/www$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_param QUERY_STRING $query_string;
        fastcgi_param REQUEST_METHOD $request_method;
        fastcgi_param CONTENT_TYPE $content_type;
        fastcgi_param CONTENT_LENGTH $content_length;
        fastcgi_param HTTPS on;
        fastcgi_intercept_errors on;
        fastcgi_ignore_client_abort off;
        fastcgi_connect_timeout 60;
        fastcgi_send_timeout 180;
        fastcgi_read_timeout 180;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 8 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }
}


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.