Why do so many people use NGINX?

fmstrat , 11 minutes ago

Because modsec.

somenonewho , 1 hour ago

I think a large factor is because so many people use it. A lot of people come to self hosting without much knowledge and just copy configs etc. from a Tutorial. Those tutorials will 90% of the time use Apache or nginx. I remember back when I set up my first servers I mostly followed instructions and copied configs. Years later I understood I had set up Apache with virtual hosts and what that means/how it works but it might as well just have been nginx.

As for why so many people use these two I think it also has to do with “adoption” in another way. Back before nginx Apache was the standard everything else was “different”. Then nginx appeared to solve the Problems of Apache and then there were 2 … These days you can probably do anything you want/need with the 2 servers so no reason to use anything else.

Professionaly I usually use either HAProxy and Apache or Nginx (or sometimes HAProxy and Nginx) but if there are special requirements that might change.

tburkhol , 6 minutes ago

I came to MySQL and Apache because they were the backend for other services I wanted to start,. Later, when I wanted to build my own, I already had Apache running, so why would I add nginx? I did let other services add sqlite, but have (in most cases) figured out how to switch those to MySQL.

All of that has been running for 20 years. I’m sure it would be good for my dementia-risk to learn how to start ngnix and migrate all those services, but it’s far more attractive not to mess with what works.

thebardingreen , 30 minutes ago

As a security professional, what finally got me to move from Apache to NGINX was OpenResty.

I sometimes still put Apache behind it, depending on my goals.

0x0 , 1 hour ago

When NGINX showed up it beat the then dominant apache on resource utilzation hands-down.

It’s also very configurable and has a lot of modules, both in-house and third party.

The only downside for me: as of late the whole commercial part of the project has been gobbling up everything to shove the non-free version to the point where it’s hard to find info on the free version, e.g., the wiki page that lists all the third-party modules. The nginxtutorials site seems to be a good resource.

Btw one of the main devs forked it into freenginx:

Dounin writes in his announcement that “new non-technical management” at F5 “recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers’ position.” While it was “quite understandable,” given their ownership, Dounin wrote that it means he was “no longer able to control which changes are made in nginx,” hence his departure and fork.

Also, fun fact: this is probably the only instance of russian software muricans don’t cry Commie! all the time (maybe because the parent company was acquired).

tombond , 1 hour ago

Me personally, as a newb regarding proxy and homelab, I use nginx because it was super easy to set up (proxmox script) there were many tutorials available and it just works great. I had to debug some things and this also worked great, so just a perfect package.

lemann , 1 hour ago

I was coming from Lighttpd which at the time had a very similar config syntax to Nginx. It was pretty much a no brainer, considering I wanted to shift to an automated Letsencrypt renewal process at the same time.

Sadly I wrote some python web services for CGI (not django/flask) that cannot be run anymore, since NGINX only supports FCGI, rather than just CGI as far as I can tell

Max_P , 4 hours ago

NGINX can really do a lot of things out of the box while being pretty easy to configure. NGINX can serve static files, it can proxy emails, it can do FastCGI, it can do UWSGI, it can do HTTP proxying, you can run Lua code inside NGINX to do things, there’s a module for RTMP live streaming. You can also implement some stuff like external authentication to protect your services/authenticate them at the proxy level. It can also do caching. Not all that useful with all those Rust and Go apps with their own built-in web server but if you run large legacy apps at scale it’s great, you can offload a lot of stuff away from your slow ass PHP app.

Caddy’s simpler but the current battle tested popular option is NGINX.

HAproxy is good at what it does but it’s only good at proxying and simple rules. For the most part, it’s used as a load balancer and router and doesn’t really process the requests itself. It can alter some things in it but it’s limited, and it only does HTTP and TCP. So you can’t really run PHP or Python or Ruby or whatever applications directly behind HAproxy. That makes NGINX a better choice there because NGINX deals with HTTP and only passes the request details to the application which doesn’t have to do HTTP on its own. I usually see HAproxy load balancing to NGINX hosts with some PHP/Python/Ruby app behind them.

Apache is old. It’s gotten better but the way it works just doesn’t reflect most modern use cases. I remember when NGINX popped off like 15 years ago and just how much more resource efficient it was and how happy I was with the upgrade. So it exists and still works but not very popular anymore. It’s a bit easier to set up but also a bit weird with things like mod_php which runs directly inside Apache instead of a dedicated user that can be better sandboxed.

Traefik is getting traction in big part because it fits well with the Docker ecosystem and just sets itself up automatically.

There’s also Envoy if you want some serious proxying and meshing but setting that one up is truely headache inducing.

They’re all pretty good web servers regardless, it comes down to preference. There’s no right choice because everyone’s needs are different.

db0 , 3 hours ago

Not sure why you say haproxy can’t serve python. I do it all the time. You just use something like python waitress and then point haproxy to it’s port.

Max_P , 3 hours ago

It depends on what you use on the Python side. Classically that would have been uWSGI or one of the *SGI interfaces, and lately ASGI.

Sure, one can totally make Python apps that serve HTTP directly. The same can be done with PHP (and Ruby and others) as well, but most people still run their PHP through PHP-FPM over FastCGI because you can offload a lot of the work to the much faster NGINX side. A fair amount of apps make use of X-Accel-Redirect to serve private files, so you don’t tie up a PHP worker for an hour serving the user’s 2GB file.

But yes, as those languages all move to async computing and away from worker pools, it’s more common to see those serve HTTP directly, and there’s less and less need for a proxy that supports those other protocols. The async event loop is what made NGINX special when it came out, so naturally languages that moves to that model greatly reduce the need for that as well, they too can easily handle thousands of concurrent connections no problems. Plus these days people slap a CDN in front anyway so static file performance doesn’t matter quite as much.

db0 , 1 hour ago

Ye pretty much. I was just quite astounded at that statement as the AI Horde is basically just a lot of python processes behind a very low powered haproxy server.

Personally, I understand people like to stay with the familiar, which is perfectly fine for a non-demanding service, but when something becomes demanding, I find the haproxy specialization serves better. I wish lemmy deployment by default utilized haproxy myself.

d2k1 , 3 hours ago

HAproxy is good at what it does but it’s only good at proxying and simple rules. For the most part, it’s used as a load balancer and router and doesn’t really process the requests itself.

To add something here: HAProxy’s ACLs are more powerful than anything nginx, Apache or even Envoy can do. Of course HAProxy is not a web server but “just” a reverse proxy that speaks HTTP (and TCP) but what you can do with its ACLs is often extremely impressive in its simplicity and elegance. A single-line ACL in HAProxy would require loading additional modules in nginx and writing a screenful of configuration directives. Though the average self-hoster will probably never need any of the power HAProxy offers.

In the past 20 years I have professionally used all four of these as web servers and/or reverse proxies and I am pretty confident that HAProxy beats all others when it comes to request processing. Though Envoy might be getting there.

solberg , 5 hours ago

I think a lot of people just haven’t heard of Caddy. Since I’ve found it I haven’t used anything else.

onlinepersona , 1 hour ago

It might be worth looking more deeply into. From a cursory glance, it might be usable for my usecase, but many service have configuration examples for NGINX (or Apache if they’re old). I’ve never seen caddy examples. What has your experience been with adapting those examples to caddy?

Anti Commercial-AI license

jimmy90 , 4 hours ago

Because pingora doesn’t have a Nixos package yet

PortugalSpaceMoon , 2 hours ago

IIUC pingora is not standalone, but a set of rust crates? Should be already supported by nixpkgs through rust builders.

SexualPolytope , 2 hours ago

Some people are also building a reverse proxy using pingora called river.

hendrik , 2 hours ago

It's easy to use, reliable, and doubles as a webserver so I only need one software to host my websites and also do the reverse proxying to the other webservices.

pcouy , 2 hours ago (edited 2 hours ago)

I’ll probably look into newer fancier options such as Caddy one day, but as far as I remember Nginx has never failed me : it’s stable, battle tested, and extremely mature. I can’t remember a single time when I’ve been affected by a breaking change (I could not even find one by searching changelogs) and the feature set makes it very versatile. Newer alternatives seem really interesting, but it seems to me they have quite frequent breaking changes and are not as feature rich.

That being said, I’d love to see side-by-side comparison of Nginx and Caddy configs (if anyone wants to translate to Caddy the Nginx caching proxy for OSM I shared earlier this week, that would make a good and useful example), as well as examples of features missing from Nginx. This may give me enough motivation to actually try Caddy :)

(edit : ad->and)

best_username_ever , 5 hours ago

Back when Nginx started, Apache was the only alternative and a big pain in the ass. That’s how it became popular.

onlinepersona , 2 hours ago

Apache still is a pain in the ass. The only guide I found useful were from 20 years ago or so. All “modern” ones I found didn’t explain stuff, but were more like “copy paste this, now you’re done”. They never fit my usecase.

I honestly don’t know why people new to webhosting even bother with Apache when NGINX is around. It’s just so much easier.

Anti Commercial-AI license

aurelian , 3 hours ago

What about envoy proxy?

Nothing else on the market has as low latency implications to workloads that I am aware of.

kolorafa , 5 hours ago (edited 4 hours ago)

Because Nginx Proxy Manager exists.

And also because for me it started from web hosting where Apache and Nginx dominate and later because of many easy to understand example configs from the net including many “docker letsencrypt” examples.

Takahe , 4 hours ago

Very much became it exist. Its way simpler to do in the GUI.

Did not have to learn anything specific, and can work for things not in docker containers too, like the Nextcloud Snap.

lemmyvore , 3 hours ago

And it makes it very easy to get and maintain certificates.

DarkMetatron , 5 hours ago (edited 5 hours ago)

Because I have it in use as my main webserver, sure I could put that behind haproxy too but why? I like to keep my server setup small and easy, without unnecessary duplications. Nginx can everything that haproxy can, and more.