I see so many posts and people who run NGINX as their reverse proxy. Why though? There’s HAProxy and Apache, with Caddy being a simpler option.
If you’re starting from scratch, why did you pick/are you picking NGINX over the others?
You must log in or register to comment.
Some good answers in here already. It boils down to a couple points for me:
- Back when I started selfhosting, it was either nginx or apache, and I found nginx better and easier to set up
- All the nginx knowledge I learned years ago still works just the same as it did back then, so why potentially mess things up by switching if it all still works
- Basically every project has an example nginx config for reference, that can’t be said about other proxies
- It is easier to find support online for edge cases that might pop up with nginx due to the ubiquity of its use and years of history
Because Nginx Proxy Manager exists.
And also because for me it started from web hosting where Apache and Nginx dominate and later because of many easy to understand example configs from the net including many “docker letsencrypt” examples.
Good question. I chose it initially because it was open source and way easier (in my eyes) than Apache. I don’t recall the others being an option at the time, or I was not aware of them. nginx does what I need without complaint, so I haven’t switched.
At $dayjob I switched from Apache to nginx 15+ years ago. It’s Callback/Event based process model ran circles around Apache’s pre-fork model at the time. It was very carefully developed to be secure, and even early on it had a good track record. Being able to have nginx handle static content without tying up a backend worker process was huge, and let us scale our app pretty well for the investment of time. Since then, Apache implemented threaded + Event based process models, Caddy, traefik, and a bunch of others have entered the scene.
TBH, I think the big thing nowadays is sane defaults, and better configuration, even automatically discovered configuration – traefik is my current favorite for discovering hosts in consul/Kubernetes/simple host definition files, but since traefik can’t directly serve files, I simply proxy from traefik to … nginx :)
It’s pretty good, innit?
Why is their question, so why is it pretty good?
Nah, their question is why do so many people use it. And the answer is because it’s pretty good.
Innit?
You want to play this game?
I can create new posts all night long
Very helpful
When NGINX showed up it beat the then dominant apache on resource utilzation hands-down.
It’s also very configurable and has a lot of modules, both in-house and third party.
The only downside for me: as of late the whole commercial part of the project has been gobbling up everything to shove the non-free version to the point where it’s hard to find info on the free version, e.g., the wiki page that lists all the third-party modules. The nginxtutorials site seems to be a good resource.
Btw one of the main devs forked it into freenginx:
Dounin writes in his announcement that “new non-technical management” at F5 “recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers’ position.” While it was “quite understandable,” given their ownership, Dounin wrote that it means he was “no longer able to control which changes are made in nginx,” hence his departure and fork.
Also, fun fact: this is probably the only instance of russian software muricans don’t cry Commie! all the time (maybe because the parent company was acquired).
Back when Nginx started, Apache was the only alternative and a big pain in the ass. That’s how it became popular.
Apache still is a pain in the ass. The only guide I found useful were from 20 years ago or so. All “modern” ones I found didn’t explain stuff, but were more like “copy paste this, now you’re done”. They never fit my usecase.
I honestly don’t know why people new to webhosting even bother with Apache when NGINX is around. It’s just so much easier.
Honest question: why not use nginx?
I have run it in so many different scenarios, both professionally and personally, its crazy. Nginx has never failed me, literally. My homeserver is quite limited but nginx has a very small footprint, it performs beautifully well and it satisfies all my hosting, proxying, redirecting and streaming needs.
It works for modern and legacy applications, custom code, webhosting, supports all the modern features and its configuration is very easy with literal thousandsof examples available online.
Apache probably can do all that but I hate how unintuitive its configuration is to me personally. HAproxy cant do half the stuff nginx does.
As for caddy Ive heard of it but never really used it. What does it offer that nginx doesnt?
What does it offer that nginx doesnt?
Automatic HTTPS, you don’t have to use certbot or something similar to get/renew certificates. Also, its configuration is really simple and straight forward.
Thank you for your reply!
Personally I am fine with nginx configuration, at least when using containers. The syntax is fine and all I need to do is map one file into the container
But I took a look at the automatic cert feature and wow, that is very, very nice. I may give caddy a try for this feature only - it would simplify my current setup.
I am also surprised it allows using HTTPS over port 443 for cert renewal. I didnt even know this was possible, so I was always stuck with DNS challanges.
So again, thanks for your reply!
Because everyone told me to
- simple config & setup
- good performance
- popular/packaged by every single distro
- just works
Traefik + CrowdSec + Authelia ftw
Traefik gang here 👊 !
But only because it works so easily with docker !! I remember a time where I though that you need a diploma and read/learn/understand a 10000 page dictionary to make nginx work properly.
Also hated the syntax of nginx… It can look so ugly and gibberish :/.
But I do believe Nginx is superior and more mature in many more aspects than Treafik. Still, Traefik is a breeze and is in IMO way easier to configure with docker than Nginx.
I use Traefik as my main reverse proxy as well for the same reason—container niceties. But then I actually also use nginx… inside container images, like for containers that just serve static files for example.
Use the right tool for the job!
Yeah it’s Traefik for me as well! Heavy docker user, of course - it’s nice just tossing some labels into my Portainer stacks and letting Traefik figure it out. If I wasn’t so invested with containers I’d be using nginx.
I used to use traefik back when it was new and less complex and the 2.0 complexity forced my hand to drop it for my homelab.
Security
Caddy is good but it tried to do to much. This means that security bugs could be way more common. It has been audited by outside people and the issues they found were fixed but I am will very doubtful that it is secure yet
I think a large factor is because so many people use it. A lot of people come to self hosting without much knowledge and just copy configs etc. from a Tutorial. Those tutorials will 90% of the time use Apache or nginx. I remember back when I set up my first servers I mostly followed instructions and copied configs. Years later I understood I had set up Apache with virtual hosts and what that means/how it works but it might as well just have been nginx.
As for why so many people use these two I think it also has to do with “adoption” in another way. Back before nginx Apache was the standard everything else was “different”. Then nginx appeared to solve the Problems of Apache and then there were 2 … These days you can probably do anything you want/need with the 2 servers so no reason to use anything else.
Professionaly I usually use either HAProxy and Apache or Nginx (or sometimes HAProxy and Nginx) but if there are special requirements that might change.
I came to MySQL and Apache because they were the backend for other services I wanted to start,. Later, when I wanted to build my own, I already had Apache running, so why would I add nginx? I did let other services add sqlite, but have (in most cases) figured out how to switch those to MySQL.
All of that has been running for 20 years. I’m sure it would be good for my dementia-risk to learn how to start ngnix and migrate all those services, but it’s far more attractive not to mess with what works.
Counter question: Why does everyone call it “engine X” and not “enjinx”, which would be the way cooler pronunciation?
I call it N Jinx. Always have and I’ll never be convinced otherwise that it’s not.
Huh. That is way cooler
oh I’ve only ever read it, never heard it pronounced, do people really pronounce it engine X?
That is the way it’s pronounced, yes.
I always said “in GIN icks” (gin like the alcohol) based on someone else’s pronunciation years ago. I never realized it was meant to have anything to do with “engine” as a result.
It’s actually n-jynx duh
Why not? Why should I use Apache instead of Nginx? I don’t know about Caddy, Nginx is simple enough not to care about simpler solutions. But in general, I know Nginx and it does the job.
nginx has more features and flexibility than haproxy, such as being a web server. If I wanted just a pure proxy, I’d use haproxy. Apache is primarily a web server, and a pain to configure.
Personally I use Traefik. Add it to docker-compose, set up LE certs, add a few lines to each container, and it Just Works. No extra config on Traefik itself.
