From eea473a7b346d305ef214f9d8ca2b626d0340500 Mon Sep 17 00:00:00 2001
From: Ben Word <ben@benword.com>
Date: Fri, 6 Mar 2026 23:02:23 -0600
Subject: [PATCH 1/2] Update Trellis docs for HTTP/3 support

Docs updates for https://github.com/roots/trellis/pull/1531

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 trellis/installation.md | 4 ++--
 trellis/ssl.md          | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/trellis/installation.md b/trellis/installation.md
index 59692e0c..9788edde 100644
--- a/trellis/installation.md
+++ b/trellis/installation.md
@@ -1,5 +1,5 @@
 ---
-date_modified: 2024-09-11 10:00
+date_modified: 2026-03-06 13:00
 date_published: 2015-10-15 12:20
 description: Install Trellis for WordPress projects. Complete setup instructions covering requirements, dependencies, project initialization, and initial configuration.
 title: Installing Trellis for WordPress
@@ -90,7 +90,7 @@ with a single command thanks to trellis-cli too.
 Trellis provisions a base Ubuntu 24.04 server by installing and configuring the following software:
 
 * PHP 8.3+
-* Nginx (including HTTP2/ and optional FastCGI micro-caching)
+* Nginx (including HTTP/2, HTTP/3, and optional FastCGI micro-caching)
 * MariaDB (a drop-in MySQL replacement)
 * SSL support (scores an A+ on the [Qualys SSL Server Test](https://www.ssllabs.com/ssltest/))
 * Let's Encrypt for free SSL certificates
diff --git a/trellis/ssl.md b/trellis/ssl.md
index 96508a59..30aa1e26 100644
--- a/trellis/ssl.md
+++ b/trellis/ssl.md
@@ -1,5 +1,5 @@
 ---
-date_modified: 2025-11-24 13:00
+date_modified: 2026-03-06 13:00
 date_published: 2015-09-06 07:42
 description: Enable HTTPS in Trellis with automatic Let's Encrypt certificates, manually provided SSL certificates, or self-signed certificates for local development.
 title: SSL Certificates in Trellis
@@ -367,7 +367,7 @@ example.com:
 
 Our HTTPS implementation uses all performance optimizations possible to ensure your sites remain fast despite the small overhead of SSL. This includes the following features:
 
-- HTTP/2 support (fallback to HTTP/1.1 for older browsers)
+- HTTP/3 support with QUIC (fallback to HTTP/2 and HTTP/1.1 for older browsers)
 - SSL session cache
 - OCSP stapling
 - 1400 byte TLS records

From d1d77e48eae5a216d11751345c530252db7982b2 Mon Sep 17 00:00:00 2001
From: Ben Word <ben@benword.com>
Date: Sat, 7 Mar 2026 11:45:33 -0600
Subject: [PATCH 2/2] Add HTTP/3 UDP port 443 firewall note

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 trellis/ssl.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/trellis/ssl.md b/trellis/ssl.md
index 30aa1e26..ef99ce22 100644
--- a/trellis/ssl.md
+++ b/trellis/ssl.md
@@ -373,6 +373,8 @@ Our HTTPS implementation uses all performance optimizations possible to ensure y
 - 1400 byte TLS records
 - Longer keepalives
 
+HTTP/3 requires UDP port 443 to be open. If you have a cloud or hardware firewall in front of your server (eg: AWS security groups, DigitalOcean cloud firewalls), ensure it allows UDP/443 inbound traffic.
+
 See [Is TLS Fast Yet?](https://istlsfastyet.com/) for more information on fast TLS/SSL.
 
 ## Browser support