For some time now we have been keeping our eyes on and following the development of Nginx. Nginx is an open source alternative to the ubiquitous Apache web server (the “A” in the LAMP acronym). Just like a lot of web development firms we have always used Apache because “that’s what everybody else does,” however, in recent years we have had more than one run-in with Apache’s taste for RAM, especially when running it with PHP integrated as a module. This issue becomes even more apparent when Drupal, which is a relatively big and heavy CMS, is added to the equation.
Undoubtedly there are advantages to using Apache:
- “Tried and true.” The shortcomings as well as the upsides are well known.
- Familiarity. Most developers and system administrators are very familiar with it (short set-up times, easy to modify and add to configurations).
- Most web applications are written with Apache in mind, which means instructions and example configurations are almost exclusively tailored for Apache installations.
So what would make anyone want to consider using an alternative piece of web server software? The Nginx wiki has a page dedicated to this very question. For us, it came down to these points:
- Cost. The more advanced Drupal becomes and the more modules are added to an installation, the slower the site will run and the more RAM and CPU resources it will want to consume. One possible remedy to this is to keep throwing hardware at the problem, but with costs involved that solution can become problematic fast if you are working with a budget.
- Performance. We ran a lot of tests internally at Forum One, measuring memory usage, speed, responsiveness, etc and compared with Apache. All these tests are specific to our use cases with Drupal in mind. We do not want to start an Apache vs. Nginx religious debate so we will not be publishing the test results. Suffice it to say, they were very impressive in Nginx’ favor. Due to Nginx’ event driven model vs. Apache’s process/thread driven model, it scales incredibly well. Memory and CPU usage is kept down while performance stays steady under very heavy traffic loads.
- Security. Feel free to compare Nginx’ list of published security advisories against Apache’s list of published security advisories (the Apache list is just for one popular series, 2.0.xx)
Security, but also ease of troubleshooting PHP code, is further enhanced by the way PHP is tied together with Nginx in the preferred way: PHP-FPM. The PHP-FPM implementation allows a finer grained level of privilege separation as well as tools for detailed logging and process management.
As with all software, there is a slight learning curve. In the grander scheme of things this learning curve is modest, however. The main “gotcha” anyone switching to Nginx from Apache is likely to encounter is translation of Apache rewrite rules into Nginx’ rewrite format. This can take a little work, especially for sites heavily dependent on them. Additionally, Nginx does not use htacess files for on-the-fly changes to configuration directives like Apache, but rather this is done in the main configuration files.
A few months have passed since we started deploying Nginx by default instead of Apache in our installations, and so far we are very pleased with the results. If you have not yet given Nginx a go, we suggest you try it out and you may end up very surprised at the positive impact it will have on your servers and websites!