English English French French Spanish Spanish German German
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
Share on:

6 Open Source Web Servers for Small to Large Sites

open source web server
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

We’ve come a long way since the first web server was released. Now there are so many more exciting options.

Different projects have different needs, but the open source web server department was more or less a monopoly. For a long time, Apache was the only options, and handling high loads was a pain in the backside. Thankfully, times have changed, and new solutions have emerged for specialized needs.

So let’s have a look at some of the best and most popular open source web servers available today.

Apache

It’s almost synonymous to the World Wide Web, and still powers the majority of websites in the world.

The reason for Apache’s dominance is threefold: an open license, early entry (this thing was released way back in 1995!), and easy deployment of PHP. The last point was made possible through the mod_php module, which meant that installing Apache was all you needed to do for developing with PHP.

Here’s what makes Apache great:

  • Available on all platforms – Linux, Windows, MacOS, and other platforms.
  • It’s the default server for all CPanel shared hosting, making it effortless to set up and change sites.
  • Tons of functionality offered through a large collection of modules. No matter how obscure your needs be, there’s sure to be an existing module for Apache.
  • Per-directory configuration through .htaccess files.
  • Support for HTTP/2, compression, static files, and load balancing.
  • MPM and FastCGI modes for delivering high concurrency.
  • Easy scripting through Lua.

Is Apache for you?

In short, yes. There was a time when Nginx (which we’ll consider next) took off because of its high performance, but Apache caught up after its 2.2 release. That said, like all early entrants, Nginx took away a lot of attention so that you might come across some (invalid) criticism of its capabilities.

Nginx

If you like to drink from the “kool-aid” fountain (or to be politically correct, follow the “latest” developments), it’s likely that you’ve heard of Nginx (pronounced like “engine-x,” which was the idea behind the name). It was released as a project in 2002 by a Russian engineer who got fed up with the then-present solutions’ inability to beat the CK10 problem (basically, handling thousands of concurrent connections).

When Nginx came out, it made such a big splash that folks just moved away from Apache and never looked back. And the trend continues today. While Apache is arguably at par today, Nginx offered some stunning improvements that helped it win.

  • Asynchronous architecture for handling high loads
  • Best-in-the-class static file handling, load balancing, and reverse proxy capabilities.
  • FastCGI caching
  • Support for uwsgi, SCGI, and other server protocols, with caching.
  • Gzipping, image transformation, byte ranges, chunked responses, etc., with FLV and MKV streaming.
  • WebSockets, keepalive and pipelined connections
  • Access control, error redirection, etc.

All in all, Nginx is a powerhouse with a bunch of features that keep it ahead of the curve. Since the underlying company is a sustainable business, paid support and consulting are available for complex projects, which can be useful to some.

Is Nginx for you?

If you like to architect web applications to your liking, Nginx is a big plus. You can design complicated and distributed systems with powerful caching, proxying and load balancing, besides using Nginx to serve static files with several optimizations directly.

And, yes – Nginx is HTTP/2 ready.

Interested in learning Nginx? Check out this fundamental course.

Caddy

One of the hottest new frameworks making splashes in the open-source community recent is Caddy.

Think of Caddy as an Nginx-like web server (similar syntax and all) but everything is simplified to a pleasant extreme. For instance, Let’s Encrypt integration for SSL can be done in a mere three lines of config.

Here’s why Caddy is drawing a ton of attention:

  • HTTPS enabled by default. Yes, you don’t need to do anything for installing or renewing SSL certificates.
  • HTTP/2 gets primary focus.
  • Rotates TLS session ticket keys by default. This makes for a much more secure TLS connection management that is not vulnerable to the likes of Heartbleed.
  • No dependencies (it’s a Golang-compiled binary codebase that doesn’t depend on any underlying system libraries)
  • Serves static files in the current directory by default!
  • Embeddable — can be used as a library in other programs

Is Caddy for you?

If you crave simplicity and are put off by the obtuse configurations of the likes of Apache and Nginx, Caddy will feel like a breeze of fresh air. That said, it works best when you’re happy with the defaults. For instance, if you want to use your SSL provider, have a separate directory for static files (which is almost always the case), and so on, the advantages fade away.

You can get Caddy on Kamatera VM from as low as $4 per month.

Lighthttpd

The one area where most modern web servers fail is resource usage. Lighthttpd was designed to overcome these challenges in low-memory and low-CPU environments.

Lighthttpd is built on the asynchronous request handling model, and so essentially mirrors how Nginx works. But there’s one catch — Lighthttpd works in a single thread, so if you have a more capable machine, it’s going to ignore other CPU cores. It also lacks the fancier features of Nginx, such as SSL proxy, HTTP/2, and the like.

Is Lighthttpd for you?

Lighthttpd is a capable, single-threaded web server that can easily handle a few hundred requests per second and still go easy on system resources. Other than that, it doesn’t have much to offer when compared to the alternatives. So maybe if you don’t need all the bells and whistles — and are really, really sweating for machine resources — Lighthttpd is worth exploring.

OpenLiteSpeed

OpenLiteSpeed is the open source flavor of the enterprise web server offered by LiteSpeed Technologies.

There are many reasons to like OpenLiteSpeed:

  • Compatible with Apache’s mod_rewrite, which means if you have a ton of existing Apache files, migrating will be minimal pain.
  • Event-driven architecture in the vein of Nginx, resulting in high throughput.
  • GUI-based admin interface, offering a pleasant configuration experience.
  • Native SAPI for PHP, resulting in higher performance.
  • Caching and Google PageSpeedInsights optimizations are applied by default.

Is OpenLiteSpeed for you?

OpenLiteSpeed makes a lot of sense for WordPress-based content-driven websites, as page optimizations are already part of the server. Since it’s fine-tuned for PHP performance, PHP-based codebases and projects can benefit immensely.

Cherokee

The Cherokee project was a personal itch of a developer, which has grown into a decent web server platform. While it doesn’t have cutting-edge features like Nginx’s, it does provide an easy, fun and performant alternative to the mainstream web servers.

The biggest win for Cherokee is simplicity — there’s no need to break a sweat with the command line for configuring the server. A friendly web-based interface comes packaged and is a delight to use for those who prefer the point-and-click method of getting things done.

Source: Linode

Although Cherokee isn’t very actively developed, it’s still a good bet for most everyday projects. Do check it out!

Conclusion

Life would have no meaning without web servers, and thankfully, we have quite a few to choose from now. What is your favorite open source web server? If you think I missed an essential entry in the list, please do let me know in the comments and I’ll be more than happy to add it! 🙂

Thanks to our Sponsors
More great readings on Development
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Semrush is an all-in-one digital marketing solution with more than 50 tools in SEO, social media, and content marketing.
    Try Semrush
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder