Main Nav

Message from ahockett@warnerpacific.edu

Hello All,

 

I’m doing an in depth comparison to Nginx vs. Apache2 as a case study for moving towards using Nginx for our web servers and in doing so, I’ve hit the part where I believe some input from the group would be appreciated. 

 

Security.

 

I’m fairly well versed in locking down vHosts, .htaccess files, redirects, rewrites, etc. on Apache2 and I’m just learning some of the techniques found in Nginx to do the configuration in their “VCL” files.  What I’m curious about is what the “buzz” is around if Nginx  and if it sacrifices any security for the speed?  The context of this is obviously important  so let me flesh that out.  This would be running on:  Ubuntu 12.04 64-bit VM, 100GB HD space, 1GB RAM, MySQL, PHP5 w/ php5-gd, php5-curl, php5-xcache, php5-fpm (for FastCGI which by most tutorials listed as the BKM, I’ve changed it from a :9000 port listening to an actual .socks listing) Varnish reverse proxy, PHPMyAdmin, Webmin,Shorewall FW (using IP Tables) and of course Nginx running a Wordpress site.  As mentioned I have everything setup and running right now and it is able to handle an absurd amount of web traffic compared to an Apache2 install; numbers wise we’re talking 100 users max concurrent @ 5000 requests w/ Apache2 vs. 750+concurrent @ 5000 requests w/ Nginx. 

 

Anyways, just curious what people’s thoughts were on it.

 

Thanks.

-Aaron Hockett

Warner Pacific College

Network & Web Services Engineer

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from ahockett@warnerpacific.edu

Hello All,

 

I’m doing an in depth comparison to Nginx vs. Apache2 as a case study for moving towards using Nginx for our web servers and in doing so, I’ve hit the part where I believe some input from the group would be appreciated. 

 

Security.

 

I’m fairly well versed in locking down vHosts, .htaccess files, redirects, rewrites, etc. on Apache2 and I’m just learning some of the techniques found in Nginx to do the configuration in their config files.  What I’m curious about is what the “buzz” is around if Nginx  and if it sacrifices any security for the speed?  The context of this is obviously important  so let me flesh that out.  This would be running on:  Ubuntu 12.04 64-bit VM, 100GB HD space, 1GB RAM, MySQL, PHP5 w/ php5-gd, php5-curl, php5-xcache, php5-fpm (for FastCGI which by most tutorials listed as the BKM, I’ve changed it from a :9000 port listening to an actual .socks listing) Varnish reverse proxy, PHPMyAdmin, Webmin,Shorewall FW (using IP Tables) and of course Nginx running a Wordpress site.  As mentioned I have everything setup and running right now and it is able to handle an absurd amount of web traffic compared to an Apache2 install; numbers wise we’re talking 100 users max concurrent @ 5000 requests w/ Apache2 vs. 750+concurrent @ 5000 requests w/ Nginx. 

 

Anyways, just curious what people’s thoughts were on it.

 

Thanks.

-Aaron Hockett

Warner Pacific College

Network & Web Services Engineer

 

Message from john.ladwig@so.mnscu.edu

I heard a recent interview with some of the OpenBSD principals that they’re considering nginx as a replacement for their forked version of Apache 1(.3?).

 

That suggests they think that the code is or can be made pretty secure, but doesn’t necessarily speak as much for configuration security and simplicity (though they do tend to make that a priority).  Also, the long pole in OpenBSD tends to be concerns over 2-term BSD-compatible licensing terms.

 

   -jml