I see a lot of people praising Nginx and its performance over Apache. Got interested in setting this up myself, however it isn’t officially supported by Nextcloud. Still, performance could persuade one to try, right?
From what I can gather, Nginx is much faster than Apache on static content. In other words if you serve lots of files then this is the server for you. However when it comes to dynamic content, Apache is just as fast. *
Since Nextcloud is serving all files dynamically through PHP, I see no real benefit with the hassle of Nginx. With recent security issues and the latest news about copyright infringement, I think the choice should be clear.
What are your opinions on this? Why do you choose Nginx in favour of Apache? I’d really like to know.
Basically
Apache for dynamic content.
Nginx for static content.
Is Nextcloud only serving static content?
Yes and no.
Web GUI = yes
Syncing files = no
What is Nextcloud for?
Syncing files
Which is then best for Nextcloud?
Apache.
Nginx is very good in serving static websites, Nextcloud is not a website, it’s a files syncing server. I think the common misunderstanding is that Nginx is better, just because it’s newer. That’s not the case here. Just saying.
True. There are some static files, but the bulk of everything is rendered through PHP because the files are user unique or requires access rights. At least from a performance point-of-view.
Common argument pro Nginx as well is that you usually set it up with php-fpm which allows concurrent connections with less memory usage, compared to Apache, commonly set up with mod-php, which spawns a new Apache instance for every single connection. However since Apache as well allows to use php-fpm with mpm_event, it is then very much the same as with Nginx.
As well mod-php in theory is even faster for a single connection for PHP content, due to no client-server overhead when using a dedicated PHP server. I saw benchmarks once, underlining that in practice, however not sure if still true with modern setup and up-to-date versions.
Finally it depends on size of the individual Nextcloud instance, whether mod-php or php-fpm suits better.
Have tried both apache and nginx implementations of Nextcloud (and previously ownCloud). Nginx is a number of degrees faster than apache. But, having used apache for years, I know configuration and deployment is much easier. The current situation is regrettable.
My two cents.
I always use Apache. In Nextcloud (and in every other app served by Apache) I avoid the use of .htaccess files, as they are read and processed by Apache in every request, so in the virtualhost I configure:
AllowOverride None
#include all .htaccess
Include /var/www/nextcloud/.htaccess
Include /var/www/nextcloud/config/.htaccess
Include /data/nextcloud_data/.htaccess
Thanks to that the apache configuration is loaded in memory once and not reread at each request
I changed from Apache mpm_prefork + mod_php over to nginx + fpm about 5 years ago because Apache would fork a new sometimes 120MB process just to load a static file (CSS, JS or image) whereas nginx would only load php-fpm when dealing with a PHP script. That alone justified the nginx learning curve. On top of that the prefork module would only run as a single user ID for all virtual hosts whereas nginx+fpm was easy to set up to run with a different uid for each vhost. Sold!
I realize that Apache + mod_event + mod_fpm could emulate what nginx + fpm can do but, in my case, now that I am comfortable with nginx configuration it would take a huge selling point for me to switch back to Apache. The recent exploit and the Russian takeover of nginx HQ are minor blips because it’s open source and so widely used.
Just my two cents, which may not actually be worth two cents since I know basically nothing about nginx and not an expert on Apache either… but I will say this. Several things indicate to me that Apache may have better security. We’ve had the recent Nextcloud + nginx vulnerability. The official docs also mention it’s safe to deploy Nextcloud at the web root in Apache but not nginx.
Maybe that’s not really the case, but that’s how it smells to me. And with all the turmoil over nginx, I don’t see any reason for me personally to move away from Apache. I have had no performance or memory issues with my server.
I am new to linux. Do you have any article how to disable/avoid htaccess in nextcloud docker installation? Are there any security concerns if we disable htaccess?
I think this was not the aim of @guerrero. He’s proposal is not to delete or disable .htaccess, but reduce reads amount and increase speed by proper(?) configuration of apache2. Please, do not disable or delete those files, it will be huge security hole.
I would prefer not to do this for security reasons. In the htaccess context the possibilities are limited for security. What you are doing is giving everyone who can write to your webroot the possibility to rewrite your whole server configuration. This approach is very risky as nobody should ever have a chance to change your apaches config!
What you can do manually is to copy the parts from the .htaccess to apache config after every update. This way you get the speedup without security concerns but have to keep the config up to date (watchman or similar tools may help).