Jun 17, 2021
NGINX vs Apache – Choosing the Best Web Server in 2021
A web server is computer software that serves web content. It also creates a connection between a computing server and a user’s web browser, delivering files back and forth between them.
Choosing the correct web server is crucial when setting up a website or starting a VPS project since it can significantly affect a site’s performance and security.
If you’re unsure of which web server to use, consider Apache and NGINX – both are the most popular web servers and are responsible for serving over half of the traffic on the internet.
To help decide which one to start with, we will go over a detailed comparison of NGINX vs Apache.
NGINX vs Apache – General Overview
Before we start comparing Apache vs NGINX, let’s explore the differences between web servers and their general characteristics.
The Apache HTTP Server – commonly referred to as Apache or Apache HTTPD – is free, open-source web server software. It processes client requests and serves web content via Hypertext Transfer Protocol (HTTP).
Apache was released in 1995 and has been since maintained by the Apache Software Foundation. It was also the dominant web server on the early world wide web.
Apache HTTP Server currently powers around 33.9% of websites worldwide and holds the number one position in market share as one of the oldest web servers.
The Apache web server supports many operating systems (OS) such as Microsoft Windows, OpenVMS, and any Unix-like OS like Linux and macOS.
What’s more, the Apache web server is also part of the LAMP stack, one of the first open-source software stacks for web development. As a result, the web server also works well with many content management systems (CMS), programming languages, and web frameworks.
Apache is particularly popular due to the power and flexibility that come from its module system. With Apache’s modules, users can easily add or remove functions, modifying their server to meet their needs.
NGINX – pronounced as “Engine X” – is one of the most reliable servers for scalability and speed. It’s also one of the fastest-growing web servers in the industry, having reached the number two position in market share.
Much like Apache, NGINX is open-source and free to use.
Igor Sysoev, the creator of NGINX, started developing this software in 2002 to answer the C10K problem. Back then, many web servers were not able to handle more than 10,000 connections simultaneously.
NGINX was released with an asynchronous and event-driven architecture, allowing many requests to process simultaneously.
The web server is especially popular due to its ability to grow and increase traffic and be easy to scale on minimal hardware. Plus, it’s excellent at serving static files quickly.
Aside from being used as a web server, NGINX can also be utilized as a load balancer to improve a server’s resource efficiency and availability. Moreover, it can function as a reverse proxy, ensuring smooth traffic flow between servers and clients.
NGINX supports almost all Unix-like operating systems. However, installing NGINX on Windows might result in some performance limitations, like a lack of scalability and UDP authentication problems.
Now that we’ve gone over the basics of Apache and NGINX, it’s time to compare them using several critical aspects important to web servers.
Basic Architecture – Handling Connections
Web server architecture is the logical layout or mechanism determining how a web server handles web requests, connections, and traffic. It’s one of the essential criteria to consider when choosing a web server.
Let’s compare NGINX vs Apache in terms of basic architecture and how both software handle connections.
Apache follows a process-driven architecture by default, meaning it creates a single thread to handle each connection request.
The downside of process-driven architecture is that Apache needs to create many processes when dealing with a lot of requests. It can lead to heavy resource consumption, causing server issues like slow loading of web pages and site outages.
Fortunately, Apache provides various multi-processing modules (MPMs) that determine how this open-source web server accepts and handles HTTP requests, and users are free to choose which MPM suits their needs best.
There are three main MPMs:
- mpm_prefork – the prefork MPM is not threaded, which means each child process can only handle one request at a time. However, its performance degrades immediately after the requests exceed the number of processes, making it challenging for this MPM to scale effectively.
- mpm_worker – each process of the worker MPM can create multiple threads, and each thread can also handle a connection. This allows the system to serve multiple requests all at once. In addition, since threads need less resources than processes, this MPM can scale better and consume fewer resources than the prefork MPM.
- mpm_event – the event MPM is similar to the worker MPM, but it’s also optimized to handle keep-alive connections. It works by putting aside dedicated threads for managing keep-alive connections and allocating active requests to other threads. This process helps the event MPM from getting slowed down by all the keep-alive requests. As a result, the Apache web server has the lowest resource requirements when used with this MPM.
Keep in mind that you can only load one MPM into your server at any time. If your project requires stability and compatibility, use the prefork MPM. For websites that need more scalability and diversity, however, consider utilizing the worker or event MPMs.
While many web servers use a simple threaded or process‑driven architecture, NGINX goes for a different approach by utilizing asynchronous, non-blocking event-driven architecture. This enables the web server to handle multiple connections within a single process.
NGINX has a master process that performs privileged operations such as binding to ports, reading and evaluating configuration files, and creating several child processes.
Here are three types of NGINX child processes:
- Cache loader process – can load the disk‑based cache into the memory zone. This process has low resource demands since it runs only once, right after NGINX starts.
- Cache manager process – aims to keep the amount of cached data within the configured sizes by checking the cache periodically and removing the least recently accessed data.
- Worker process – can handle hundreds of thousands of HTTP connections simultaneously, meaning there is no need to create new processes or threads for each connection. Instead, each worker process runs independently and contains smaller units called worker connections, and every unit is responsible for handling request threads. Worker processes can also communicate with upstream servers, as well as read and write content to disk.
The event-driven architecture of NGINX can effectively distribute client requests among worker processes, making this web server perform better than Apache when it comes to scalability.
Since NGINX can process thousands of requests without difficulties – even on low power systems – this web server is suitable for websites with high traffic levels, such as search engines, eCommerce sites, and cloud storage services. In addition, many popular content delivery networks (CDN) like MaxCDN and Cloudflare also use NGINX for content delivery.
Performance Comparison – Static vs Dynamic Content
The performance of a web server is usually determined by its ability to handle static and dynamic content.
Dynamic content, however, is a web page or file that changes based on the user’s interests, characteristics, and preferences. This type of content won’t look the same for everyone since it’s generated when a user requests a page. Some examples of sites with this kind of content are online stores and social media platforms.
Since NGINX and Apache come with different ways of handling requests for static and dynamic content, let’s see which web server performs better in this Apache vs NGINX comparison.
Apache serves static content by using its traditional file-based approach – this operation’s performance is primarily a function of the MPMs mentioned earlier.
Apache can also execute dynamic content within the web server itself without needing to rely on external components. Instead, it processes dynamic content by integrating a processor of suitable languages into each of its worker instances, and users can activate this processor through Apache’s dynamically loadable modules.
When it comes to serving static content, NGINX performs faster than Apache since it caches the static files to make them available whenever they’re requested.
However, NGINX doesn’t come built-in with the capability of processing dynamic content. NGINX must pass the requests to an external processor like FastCGI Process Manager (PHP-FPM) for execution to handle and process dynamic content. Once this web server receives the content, it will transfer the results to the client.
Directory-Level Configuration for NGINX and Apache
If you want to give another user control over some components of your website, then it’s essential to pick a web server that permits directory-level configuration within its content directories.
In this NGINX vs Apache comparison, we’ll see which web server allows for directory-level configuration.
Apache supports additional configuration on a per-directory basis via .htaccess files.
The .htaccess files make it possible to let non-privileged users control specific aspects of your website without allowing them to edit the main configuration file.
That’s why many shared hosting providers use Apache to give their clients access over specific directories while still retaining control of the main configuration file.
Apache also interprets .htaccess files each time they are found along a request path, meaning they can be implemented immediately without reloading the web server.
However, there are a few downsides to using .htaccess files. One of them is that it can affect your site’s performance since Apache loads each .htaccess file for every document request. This can be a resource killer, especially for websites with a lot of traffic.
Another thing to consider before using .htaccess files is that allowing other users to modify server configuration might result in security missteps.
Thus, if you don’t need to give other parties access to your server configuration, make sure to disable .htaccess files.
Unlike Apache, NGINX doesn’t support directory-level configuration. Though this might seem like a downside, it does work in its users’ favor as this helps to increase site performance.
Since NGINX is designed to be efficient, it doesn’t need to search for .htaccess files and interpret them, making it able to serve a request faster than Apache.
NGINX keeps your server secure by not allowing additional configuration since only someone with root permission can alter your server and site’s settings.
Modules in Apache vs Modules in NGINX
Most web servers come with a standard configuration file out-of-the-box. Sometimes, however, web developers might wish to include modules to make programming more convenient or extend the web server functionality.
Although NGINX and Apache are both extensible through a module system, the way they work differs considerably.
Apache is a customizable web server that offers more than 50 official dynamically loadable modules, which can be utilized whenever users need them. Moreover, it’s easy to find other third-party modules on the internet.
While the core features of the Apache server are always available, modules can be loaded and unloaded to modify some of the main functions of this web server.
Apache’s dynamic modules can accomplish various tasks, such as processing dynamic content, setting environment variables, and rewriting URLs.
Here are some of Apache’s most commonly used modules:
- mod_headers – lets you control and customize HTTP request and response headers in Apache.
- mod_expires – allows users to define expiration intervals for different types of content on websites.
- mod_authz_host – enables access control and authorization based on the request’s hostname, IP address, or characteristics.
- mod_mime – helps to assign content meta-information with filename extensions.
- mod_alias – lets users inform clients that the requested URL is incorrect.
Keep in mind that Apache comes pre-built with modules and loads them into server memory. Thus, make sure to disable features that you don’t need to reduce resource consumption.
NGINX offers more than 100 third-party modules to integrate within the core software. Users with a good understanding of the C language can also create NGINX modules that suit their project’s needs.
However, NGINX modules are not dynamically loadable as they need to be compiled within the core software itself. To make the modules loaded dynamically, users need to opt for the NGINX Plus.
This makes NGINX less flexible than Apache, it results in better security since integrating many dynamic modules might pose some security risks.
Security With Apache and NGINX
It’s crucial to pick a secure and reliable web server that can keep your website data safe and is regularly updated with all the latest patches.
Apache Software Foundation is actively trying to eliminate any security issues regarding its software to keep the Apache HTTP server safe. Users can subscribe to the Apache Server Announcements mailing list to stay informed of the latest updates from the software development team.
Apache also includes some configurations settings that can help to handle denial-of-service (DoS) attacks, such as:
- TimeOut – defines the number of seconds Apache will wait for specific events before failing a request. Websites that are subject to DoS attacks should set this number as low as a few seconds.
- RequestReadTimeout – shuts down connections from clients that don’t send their requests quickly enough.
- KeepAliveTimeout – decides the amount of time the Apache server will wait and keep the connection open for a new request.
Keep in mind that although Apache is built to be secure and stable, your server security also depends on how you configure this server. Therefore, consider taking some additional security measures, such as installing a web application firewall (WAF).
NGINX also offers several security controls out-of-the-box. One of them is rate-limiting, which reduces the incoming request rate to a value typical for real clients, and helps protect your server from DDoS attacks.
NGINX rate-limiting is also used to protect upstream application servers from too many user requests at once.
Besides that, NGINX users can prevent DDoS attacks by allowing or denying access based on clients’ IP addresses. This access can also be limited by password, the result of subrequest, or bandwidth.
What’s more, NGINX supports the newest version of transport layer security (TLS), which offers reliable encryption for data sent over the internet.
To get more security features, consider using NGINX Plus. With this premium version, you’ll get access to the single sign-on (SSO) function, allowing you to securely authenticate with multiple websites and applications by using one set of credentials.
Besides that, NGINX users can go to this open-source server’s website to find more security advisories and news about the latest updates.
Those new to the web development world should ensure that the web server they choose will provide help and support. This allows for assistance when facing an issue regarding the software.
Apache offers extensive documentation that covers various topics about this software.
It also offers community support via email, allowing users to get help from people familiar with the Apache HTTPD.
Due to many NGINX users, it’s also easy to find other community forums where developers share how to fix technical issues.
NGINX also provides many learning resources to help beginners learn more about this software, such as blogs, glossaries, documentation, ebooks, webinars, and datasheets.
Other than that, users who use NGINX Plus can also get dedicated support from the team, ready to assist with installation and deployment.
Choosing a Web Server
Having gone through the comparisons between NGINX vs. Apache, it’s clear that each software has both advantages and drawbacks. Thus, it’s essential to know one’s needs before deciding between NGINX or Apache.
Apache is suitable for shared hosting environments. It offers root access to modify the main configuration file, letting non-privileged users control several server aspects.
The downside is that this software can consume a lot of server memory.
As for NGINX, it has better performance than Apache when handling static content requests. It can also serve many clients at once during a high load, making it an excellent choice for a site with a large traffic volume.
Additionally, NGINX is multi-functional – users can use it as a reverse proxy, load balancer, and caching solution.
However, this software can’t serve dynamic content by default, and it needs to proxy all dynamic content requests to a back-end application server.
Remember that there are many other popular web servers to choose from, which might have more than what Apache and NGINX can offer for you specifically. Some of them are Tornado, Node.js, and Tomcat.
Can Apache and NGINX Work Together?
It’s possible to run NGINX and Apache together and take advantage of each server’s strengths – NGINX for its fast processing speed and Apache for its powerful modules.
The common practice for using both software is to place NGINX as a reverse proxy in front of Apache since it can handle hundreds of connections concurrently.
As a front-end proxy for Apache, NGINX will handle all requests from clients. For example, if it receives a request for static content, NGINX will serve the files directly to the client.
As a reverse proxy server for dynamic content, NGINX will forward the request to Apache, which will then process it and transfer the final content to the client through NGINX.
Using Apache and NGINX can reduce some blocking that usually happens when an Apache thread or process is occupied, helping boost your server performance.
It can be challenging to decide between Apache vs NGINX since they are both powerful in their own way. For instance, Apache provides a wide range of modules, while NGINX offers scalability and speed.
Each software comes with its pros and cons, so deciding whether to use NGINX or Apache will depend entirely on user preferences.
Let’s recap each aspect we have compared:
- Basic architecture – Apache creates a single thread to handle each connection request, while a single NGINX process can simultaneously take care of multiple connections.
- Performance – NGINX performs faster than Apache in providing static content, but it needs help from another piece of software to process dynamic content requests. On the other hand, Apache can handle dynamic content internally.
- Directory-level configuration – Apache comes with .htaccess files, allowing users to make changes to their site’s configuration without editing the main server settings. Meanwhile, NGINX doesn’t support directory-level configuration.
- Modules – Apache’s modules can be loaded dynamically, while NGINX modules need to be compiled within the core software.
- Security – both Apache and NGINX are secure and reliable. They also have several security tools to protect a site against DDoS attacks.
- Support – Apache and NGINX offer community support and documentation to help beginners with any issues.
Instead of choosing either NGINX or Apache, it can be more efficient to utilize both software to improve your server performance – NGINX as a reverse proxy server for handling static content requests and Apache as the back-end to serve dynamic content.
We hope this article has helped you understand what NGINX and Apache are, the differences between the two, and when you should consider using them.
If you have any more questions regarding NGINX and Apache, please leave us a comment below.