Nginx http3 and brotli/zstd

rdbf

Now that cPFence released an update to properly work with Nginx, I went to check a few things to make sure the Enhance implementation of Nginx is on par with the OLS implementation.

Obviously there's a few basic things different, like no .htaccess usage, the rewrite rule from / to index.php in order to make Wordpress work, FastCGI cache and redis with a different plugin, and some Vhost overrides as per this topic to get an A+ SSL score, but there's a few things that Enhance hasn't implemented yet:

HTTP3 / QUIC: The current version (nginx/1.26.3) supports HTTP3, and is built as such (--with-http_v3_module). However, the default Vhosts that Enhance generates are still for much older versions and contain deprecated arguments.
listen 443 ssl http2; listen [::]:443 ssl http2;.
Therefore, Nginx is not listening on UDP port 443, so HTTP3 won't work. These listen-directives have changed over the last couple of versions, and the add-header lines like add_header Alt-Svc 'h3=":443"; ma=86400'; should also be included then with the default Vhosts.
Brotli / ZSTD compression: The current version is not built with Brotli or ZSTD compression support, which isn't a very current approach to hosting websites. In fact, in the control panel interface there is an option to flip a switch for Brotli, but this won't work because there's no support built in. Quite confusing.
Broken rewrite rules for multi-wordpress installations: If a wordpress app is installed on a subdomain, and the root domain doesn't have a wordpress app installed, the rewrite rule can't be added. If you copy the index.php file to the public_html folder, it can be added, but doesn't work. If the vhost in /etc/nginx/sites-enabled/sub.domain.com is edited from
location / { try_files $uri $uri/ =404; }
to
location / { try_files $uri $uri/ /index.php?$args; }
it works, but doesn't persist. If you add it to the Vhost override, it errors out because of duplicate directives.

I'd very much appreciate it if Nginx could receive a bit of love for Enhance, so that it can work like it should in 2025.

Aliysa_Enhance

rdbf Thanks for sharing your thoughts and feedback. A couple of your suggestions will be tackled as part of the 'New packages for Nginx and Apache to enable additional modules.' approved feature (https://enhance.com/support/product-roadmap).

In terms of timescales, I can't share anything concrete with you. Nginx is not a widely adopted web server kind, so with this and other planned releases in mind, it's not likely this will tackled in 2025.

rdbf Brotli / ZSTD compression: The current version is not built with Brotli or ZSTD compression support, which isn't a very current approach to hosting websites. In fact, in the control panel interface there is an option to flip a switch for Brotli, but this won't work because there's no support built in. Quite confusing.

The Brotli toggle here doesn't touch the web server it enables the PHP module.

Kosta

dalet11

+100

bluelinq-computers

This.

mike

i forgot when i asked for this directive issue.

listen 443 ssl;
http2 on;

is it so hard to implement it even for newly created websites so the logs are not filled up with... we then can change our existing websites and we are done.

rdbf

@Aliysa_Enhance

Any near-term work on this planned?

bluelinq-computers

Aliysa_Enhance

Nginx is not a widely adopted web server kind

This is a wild statement.

Aliysa_Enhance

bluelinq-computers I should have been clearer, I'm talking specifically amongst the Enhance use base.

rdbf

Aliysa_Enhance I'm talking specifically amongst the Enhance use base

Could be due to a crippled or neglected implementation, as global statistics show the opposite trend. Not sure that's a datapoint Enhance would want to have.....

bluelinq-computers

Aliysa_Enhance This is better 🙂)

bluelinq-computers

rdbf I agree, nginx implementation could be WAY better. DirectAdmin/CloudPanel have great implemenation of nginx.conf and custom persistent conf files.

edumembe

Nowadays, most panels already allow enabling HTTP/3 in Nginx, including CloudPanel. Why is it not possible to do this with Enhance?

rdbf

edumembe Nowadays, most panels already allow enabling HTTP/3 in Nginx, including CloudPanel. Why is it not possible to do this with Enhance?

It is possible, but Enhance uses a custom build with modsecurity, so it's depending on them to do the work to release a new version with the proper config to make it work, instead of taking the mysql/mariadb (via apt) route for example.

I've made it work with a script that updates some nginx .conf files, so my Nginx is running full http3 now. Just need to check over time that it handles all the usual things that can go wrong without messing something up. But the current Enhance Nginx implementation can run full quic/http3 if the default config would be adjusted to allow it.

https://i.postimg.cc/yx0VPdmv/Screenshot-From-2025-08-10-21-46-32.webp

net

Looking forward to HTTP/3 in Nginx. Not an option for us to switch to another web server.

And hopefully, that // will be fixed soon in the next release 🙂

Andrei

Nginx should definitely be getting some love from the Enhance team.

marowi

I would also appreciate that.

Machiel92

In my opinion Nginx is the superior webserver, but well that is my opinion.

I do understand the development team chooses to support/improve the mostly used webservers for enhance (apache and maybe even litespeed)
but keep in mind, it took some time before nginx was adapted in enhance, and don't forget there are a couple of features that didn't work well in the beginning for nginx and that results in people choosing apache since it works better out of the box on enhance.
This way the amount of nginx users didn't grow, I think if these features were working instant for nginx the amount of users on nginx would've been bigger.

I still see a better performance on nginx than on apache when using enhance 🙂

So I hope the development team gives enough TLC to nginx 😉

webdig

I’m sorry if this is not the most appropriate topic for what I’m about to write, but I thought it could be a good place to ask.

I’m a big fan of LiteSpeed / OpenLiteSpeed, but I’d like to learn more about NGINX.
I even tried running a server with it — I was using a Flarum site (just like this community) — but it kept throwing errors, and almost every day I had to fix something in the .conf file.

With LiteSpeed, I learned to work with it on my own — I’ve always been very self-taught — but with NGINX I’m struggling to make progress.

Is the difference really that big?
Do you recommend any website or resource I should read to better understand NGINX? I’m willing to learn.

cPFence

webdig

Nginx is a great web server, if optimized properly, it can deliver performance on par with LiteSpeed, sometimes even slightly better. But in terms of learning curve and ease of management, LiteSpeed has the edge, especially with its built-in cache plugins for WordPress and other popular CMSs. That’s why it’s favored by many shared hosting providers. That said, I agree with @rdbf the Enhance team should keep improving Nginx support, as it’s a solid, popular choice that can help Enhance grow.