At RunCloud, we are committed to providing you with the tools to make your websites as fast and reliable as possible. One of the most significant advancements in web protocol technology is HTTP/3, and you can take advantage of its power directly from your RunCloud dashboard.

In this guide, we will explain the benefits of HTTP/3 and provide a walkthrough for enabling it for your web applications.

What is HTTP/3 & Why Should You Enable It?

HTTP/3 is the third and latest major version of the Hypertext Transfer Protocol. Unlike its predecessors, which relied on the TCP protocol, HTTP/3 is built on top of QUIC (Quick UDP Internet Connections), a new transport layer protocol developed by Google.

Cloudflare Radar says more than 30% of web traffic is already served over HTTP/3.

Enabling HTTP/3 can provide a substantial performance boost for your website, primarily through these key advantages:

  1. Elimination of Head-of-Line Blocking: In HTTP/2, if a single data packet is lost during transit, all other data streams must wait for that packet to be retransmitted, even if they are ready to be processed. This is known as head-of-line blocking. HTTP/3, using QUIC, allows data streams to be processed independently. If one packet is lost, it only affects its own stream, allowing the rest of your website’s assets (CSS, JavaScript, images) to continue loading without delay.
  2. Faster Connection Establishment: A traditional connection requires a TCP handshake followed by a TLS handshake to create a secure connection. This process requires multiple round trips between the client and server. HTTP/3 combines these steps into a single handshake, significantly reducing initial connection latency. For returning visitors, it can even achieve a zero round-trip time (0-RTT) connection and make your site feel almost instantaneous.
  3. Improved Performance on Unreliable Networks: Mobile users often switch between Wi-Fi and cellular data. With TCP, this network change would cause the connection to drop and need re-establishing. HTTP/3’s QUIC protocol uses a connection identifier that persists through IP address changes. This means users on mobile devices or unstable networks will experience a seamless and uninterrupted browsing session.

Step 1: Configure Your Firewall to Allow HTTP/3 Traffic

Before enabling HTTP/3 in RunCloud, you must configure your server’s firewall to accept the traffic. HTTP/3 does not use the traditional TCP port 443 – instead, it uses UDP port 443.

You will need to open this port in all active firewalls.

A. Configuring the RunCloud Firewall

  1. Log in to your RunCloud dashboard and navigate to the server where you wish to enable HTTP/3.
  2. From the server’s main menu, click on Security.
  1. Create a new firewall rule with the following specifications:
    • Type: Globally open port
    • Protocol: UDP
    • Port: 443
  2. Save the new rule. This will instruct RunCloud’s firewall to allow incoming HTTP/3 requests.

    Important Note for RunCloud Container Users:
    If you are using a containerized server managed by RunCloud, the process for managing network ports is different. Please refer to our documentation on managing networking and enabling HTTP/3 for containerized environments.

    B. Configuring External Firewalls (e.g., Cloud Providers)

    Many cloud providers (such as AWS, Google Cloud, Vultr, DigitalOcean, etc.) have a security firewall operating outside your server. You must open UDP port 443 on this external firewall as well. The exact steps to do this will vary depending on your cloud provider.

    Here are a few examples on how to do this on some popular cloud providers:

    • AWS: Go to your EC2 instance’s Security Group and add an inbound rule for Custom UDP, Port Range 443, from Source Anywhere (0.0.0.0/0, ::/0).
    • Google Cloud: Go to VPC Network > Firewall and create a new firewall rule to allow ingress traffic on UDP:443.
    • DigitalOcean: Go to Networking > Firewalls and edit your firewall rules to add a new inbound rule for UDP on port 443 from all sources.

    Step 2: Enable HTTP/3 in the RunCloud Dashboard

    With your firewalls correctly configured, you can now enable HTTP/3 for your web applications. In RunCloud, HTTP/3 support is tied directly to the SSL/TLS certificate deployment.

    For New Web Applications

    When setting up a new web application and reaching the SSL/TLS configuration stage, you will deploy a new certificate (either Let’s Encrypt or a Custom Certificate). During this process, you will see a checkbox to enable HTTP/3 support. Check this box before deploying the web application, and RunCloud will handle the rest.

    For Existing Web Applications

    If your web application is already running with an SSL certificate, you must edit its SSL settings to add HTTP/3 support.

    1. From your RunCloud dashboard, navigate to the desired Web Application.
    2. In the web application’s menu, click on SSL/TLS.
    3. You will see your current SSL certificate status. Click on the “Edit Settings” button to modify your SSL configuration.
    4. You will find a checkbox to Add HTTP/3 support in the settings page.
    5. Check this box and save your changes.

    RunCloud will automatically reconfigure NGINX on your server to begin serving your website’s content over HTTP/3 for compatible browsers and clients.