Introduction
Web server software receives requests from remote clients and serves them on web pages and apps stored on hardware, such as dedicated servers. While application frameworks such as Django and PHP feature built-in server solutions for development, production environments require full-fledged web servers to ensure smooth operation.
In this comparison article, you will read about the differences between the two most popular open-source web servers today – Apache and Nginx.
What Is Apache?
The Apache HTTP Server is an open-source web server developed by the Apache Software Foundation. It was initially designed as a process-based web server. However, as of version 2.0 and the introduction of Multi-Processing Modules, Apache can be configured as a process-based and threaded server. Apache's modular architecture also allows for features such as modular protocol handling.
Another essential feature of Apache's architecture is filters, which allow modules to interact with the content created by other modules. This interaction includes encryption, virus scans, and static and dynamic content compression.
Note: The Apache HTTP Server works best on Linux. Learn how to install Apache on CentOS. For Ubuntu, read How to Install Apache Web Server on Ubuntu. For essential Apache web server management, learn how to start, stop, and restart Apache.
Apache primarily interprets requests as filesystem resources, using <Directory> and <File> blocks. The server starts with the DocumentRoot and tries to locate the file using the part of the request following the host and port number.
When the right match cannot be found by going through the filesystem, Apache offers alternative ways of serving the request:
- Alias maps URLs to filesystem locations. It allows the documents to be stored elsewhere than in DocumentRoot.
- Redirect maps an old URL into a new URL. The server tells the client to find the resource at a different location.
- Location blocks allow for working with URIs and complex URL patterns. The blocks enable URL rewriting and more complex configurations.
By utilizing a variety of supported Multi-Processing Modules, Apache can run in three modes that utilize server resources effectively for a particular use case:
- Process-based mode.
- Hybrid process and thread mode.
- Event-based mode.
Apache also features a set of optimizations for increasing its throughput and scalability. Some of these optimizations are part of the default server configuration, and server administrators can configure the rest depending on their system's specific needs. Performance tuning can solve many of Apache's runtime and compile-time configuration issues.
What Is Nginx?
Nginx (pronounced engine-x) is an open-source web server originally developed by Nginx founders, and is now a part of F5, Inc. As an HTTP server, Nginx utilizes a highly scalable event-driven (asynchronous) architecture, allowing for high performance and a small memory footprint.
Nginx can also function as a reverse proxy, load balancer, mail proxy, and HTTP cache. In some use cases, Nginx also serves as a web accelerator and an SSL/TLS terminator.
Note: Like Apache, Nginx also works best with Linux. To install Nginx on CentOS, refer to How to Install Nginx on CentOS. For installing it on Ubuntu, read How to Install Nginx on Ubuntu. For basic Nginx management instructions, learn how to start, stop, and restart Nginx.
Nginx is a web server explicitly created to outperform Apache. It succeeds in doing so in several categories, such as:
- Connection time.
- The number of received requests per second.
- Transfer rate.
- Time spent on processing a request.
Server administrators can further tune Nginx for performance by editing the server's configuration to fit the system specification. Adjusting worker processes and connections, enabling Gzip compression, and caching for static files significantly improves Nginx performance.
Contrary to Apache, whose design primarily reflects a web server's needs, Nginx architecture allows for the server to be used as a proxy. Therefore, Nginx mainly deals with URLs.
Nginx uses server and location blocks as primary configuration blocks:
- A server block is a subset of the configuration file which defines the virtual server for request handling. Since virtual servers can be assigned to handle specific connection types, server administrators can assign different blocks for different domain names, ports, and IP addresses.
- A location block is part of a server block that handles requests for various resources and URLs. It routes requests to the correct location in the file system.
Since multiple blocks can act as individual web server instances, Nginx has a system to find the best match for each request. It uses the listen directive, which finds possible block matches, and the server_name directive, which chooses the best match by considering the hostname or domain name.
When Nginx works with static files, it maps requests to the filesystem. However, the server performs this only after selecting the server and location blocks and connecting the document root and the URL.
Apache vs. Nginx: Practical Comparison
Apache and Nginx have fundamentally different approaches to serving web content. Below is a quick overview of the main points of comparison between Apache and Nginx, including the differences in architecture, connection handling, and configuration.
Architecture Overview
Apache features a multi-process, multi-threaded architecture, while Nginx utilizes an asynchronous, event-driven architecture. Read the sections below for a detailed overview of how Apache and Nginx work.
Apache
Apache features a small server core and several modules. The modules are either statically compiled or loaded dynamically.
At boot time, Apache starts multiple server processes. The purpose of those processes is to share the workload. The main process is the parent process, while others are child processes. Each child process can create or use server threads to handle incoming requests.
To optimize the server for the operating system, Apache uses the Multi-Processing Module (MPM). The purpose of this module is to bind to network ports, accept requests, and manage request handling by assigning child processes to perform these tasks. Apache installs the MPM automatically, best suited for the environment depending on the detected operating system and its capabilities. Alternatively, administrators can manually select and configure the MPM.
The Apache Portable Runtime libraries (APR) are another essential part of an Apache server. APRs provide a cross-platform OS layer. This layer serves as a universal API for developers, eliminating the need to code around platform-specific problems or features.
Nginx
Nginx's event-driven architecture allows for easy scaling on modern hardware.
Like Apache, Nginx has a primary master process. The purpose of this process is to control port binding and configuration reading. However, unlike Apache, the processes created by the master process are designed based on a predictable process model whose primary goal is to make the best use of hardware resources:
- The cache loader runs at start-up and loads the disk-based cache into memory.
- The cache manager ensures the disk cache entries are within the defined size limits.
- The worker processes perform read and write operations and handle network connections.
Worker processes start by listening and waiting for events. Whenever a new incoming connection is requested, an event is initiated to which the worker reacts.
Upon establishing the connection, Nginx creates a file descriptor that takes up only a small amount of worker process memory. This feature makes Nginx significantly more scalable than Apache, which uses the process-based approach, where each separate connection consumes a large amount of resources.
Modules
Both Apache and Nginx use module-based approaches. However, their implementation of modules is different.
Apache
Apache features dynamically loaded modules that can be utilized whenever there is a need for them. The server supports many different modules, both official and 3rd party. The modules make Apache a customizable platform that users can tailor to suit their needs.
Nginx
The modules in Nginx need to be integrated into the core and cannot be dynamically loaded. To include non-standard modules, users compile their server from the source. While this lack of flexibility seems limiting, it also means better security since allowing dynamic module integration poses security concerns.
Handling Connections
Apache and Nginx offer practical and economical methods of handling incoming connections. The sections below explain each web server's connection handling architecture.
Apache
Apache handles client requests by utilizing its multi-processing modules. The main benefit is that the user can replace connection handling architecture whenever needed. These modules are:
mpm_prefork_module
– The prefork module creates processes with a thread for each request. Every child process can support one connection. While the number of created processes is larger than the number of requests, this module performs well. The module's main issue is that large request volumes negatively affect performance and significantly increase RAM consumption.mpm_worker_module
– The worker module creates child processes. Each child process manages multiple threads, with each thread supporting a connection. Since threads are more efficient than processes, this module is more performance-friendly than the prefork module.mpm_event_module
– The event module features a mechanism similar to the mechanism of the worker module. However, it also attempts to solve the 'keep alive' problem – the fact that after completing the client's first request, Apache keeps the entire child process or thread waiting for further requests by the client. The event module deals with this problem by having a designated listener thread monitor the state of the sockets.
Nginx
Nginx handles connections with an asynchronous, non-blocking, event-driven algorithm. With a fast-looping function, the server's worker processes can handle many connections at the same time by continuously searching for and processing events.
When a worker establishes a connection, the connection joins the event loop, where it undergoes asynchronous processing. When the connection closes, it exits the loop. This type of connection handling enables Nginx to scale and economically utilize resources.
Distributed vs. Centralized Configuration
Apache's distributed configuration features multiple servers that handle requests together, while the centralized configuration of Nginx relies on a single server. The following sections explain the differences between the two configuration types.
Apache
The Apache server uses an .htaccess file to facilitate the distributed type of configuration. The .htaccess
file is a directory-level configuration file supported by several web servers. It deals with website-access issues, such as URL redirection, URL shortening, access control (for different web pages and files), and more.
The main benefit of this approach is that changes made in .htaccess
are immediately applied to the system. Altering the main configuration file requires a system restart to apply the changes. Furthermore, on servers that host multiple websites, .htaccess
allows each of the users to make changes to their website's configuration without altering the server's main configuration file.
Nginx
Given its centralized configuration, Nginx does not support .htaccess
. Nginx only deals with the filesystem once it is ready to serve the request, so it cannot read the configuration file.
Using .htaccess
also has two significant disadvantages:
- Performance loss. Every time a server receives an HTTP request, it must check all the parent directories that can host an
.htaccess
file to see if they contain it. - Security. Allowing non-privileged users to modify the server configuration can be unsafe if not implemented properly.
Since no directory-level configuration exists in Nginx, users perform all configuration changes by writing directives into the main configuration file, nginx.conf
. Nginx applies the changes after the user reloads the server.
Static vs. Dynamic Content
Both servers show similar performance in dynamic content loading. However, Nginx uses much less memory and handles around four times more requests per second for serving static files.
Apache
Apache serves static content directly from the filesystem without any server-side processing involved.
Dynamically loaded modules such as mod_php
and mod_python
process dynamic content. The server does not depend on external components to perform content processing.
Nginx
The interpreter for dynamic content is not an integral part of an Nginx server. Instead, the server passes all the dynamic web page requests to an external process, waits for the process to return the content, and then serves the content to the client. While this makes the dynamic page processing more complicated, it simplifies the process of serving static pages.
Caching
Caching involves temporarily storing frequently accessed content on the web server to improve response times and optimize the server load. The following sections explain how Apache and Nginx deal with caching.
Apache
Three types of caching improve the server's performance in Apache:
- Three-state RFC2616 HTTP caching offers intelligent, HTTP-aware caching when dealing with proxied content or dynamic content stored locally.
- Two-state key/value shared object caching offers key/value-based shared object cache.
- Specialized file caching enables preloading files on start-up, improving access times for frequently needed files.
Nginx
Nginx achieves faster load times and reduces server load by caching dynamic content for quick access. While caching helps speed up websites with high traffic and content volume, it is not recommended in other scenarios.
Basic caching in Nginx uses only two directives:
proxy_cache_path
to set the cache path and configuration.proxy_cache
to activate the cache.
A valuable feature of Nginx is the ability to configure the server to display cached website content when the server is down or busy.
Security
Apache and Nginx are both considered secure. Potential security risks stem primarily from the wrong configuration. Hence, follow web server security best practices to enhance security:
Apache:
- Adjust configuration to prevent DoS attacks. Some relevant directives for this are
RequestReadTimeout
,KeepAliveTimeout
, andTimeOut
. - Adjust permissions on
ServerRoot
directories. - Be careful with Server Side Includes (SSI).
- Be careful with CGI scripts.
- Protect system settings against
.htaccess
overrides by configuring the server configuration file. - Watch your logs.
- Keep the server up to date.
Nginx:
- Lower the risk of potential vulnerability exploits by turning off unwanted modules.
- Disable the
server_tokens
directive, which makes your Nginx version publicly visible. - Disable unnecessary HTTP methods.
- Control resources and limits to prevent potential DoS attacks.
- Set up, configure, and monitor access and error logs to understand the state of the server better.
- Include security headers.
- Keep the server up to date.
Note: Read how to secure Nginx with Let's Encrypt on Ubuntu to learn how to obtain SSL/TLS certificates on your Nginx server.
Support
Apache and Nginx have a large community offering free support and troubleshooting. Below is an overview of the specific ways the two projects support the user base.
Apache
The Apache HTTP Server Users Mailing List provides community support for Apache users. Support is also available on dedicated IRC channels, Stack Overflow, etc.
The Apache HTTP Server Documentation offers reference manuals, user guides, tutorials, and other documents.
Nginx
Nginx maintains a community-operated mailing list and a forum, as well as other support resources such as the Admin Guide and the Modules Reference Guide. Commercial support is available for the paid option, NGINX Plus.
Open-source Nginx documentation includes installation instructions, how-tos, development guides, module references, and other documents.
Apache vs. Nginx: Infographic
The infographic below provides a quick overview of the main points of comparison between Apache and Nginx.
How to Choose?
Both Apache and Nginx are robust, well-performing servers. When choosing the server to install on your hardware, you must consider what you will use it for.
Choose Apache over Nginx if:
- Your use case prefers non-privileged users to have control over their websites. One of those cases is managing a shared hosting environment in which Apache's
.htaccess
file becomes practically indispensable. - You need specific modules that Nginx does not support.
Choose Nginx over Apache if:
- Your use scenario includes primarily (or exclusively) serving static content.
- You expect high traffic volume on your website.
You can also use Apache and Nginx side by side to create a workload-optimized server. To do so, set up Nginx to act as a reverse proxy for Apache and leverage Nginx's processing speed and ability to handle large traffic volumes. Nginx processes and serves static content while forwarding dynamic content to Apache.
By letting Nginx sort requests and process the ones it can handle alone, Apache receives a smaller volume of requests. That pre-emptively resolves potential overloading issues. Since Nginx can communicate with a server pool in the backend, users can easily add more servers and scale out.
Conclusion
After reading this comparison article, you should better understand the similarities and differences between the Apache HTTP Server and Nginx. It will help you decide which solution fits your needs best.
Next, read how to configure the Nginx reverse proxy.