Why Nginx instead of Apache?

I see a lot of people praising Nginx and its performance over Apache. Got interested in setting this up myself, however it isn’t officially supported by Nextcloud. Still, performance could persuade one to try, right?

From what I can gather, Nginx is much faster than Apache on static content. In other words if you serve lots of files then this is the server for you. However when it comes to dynamic content, Apache is just as fast. *

Since Nextcloud is serving all files dynamically through PHP, I see no real benefit with the hassle of Nginx. With recent security issues and the latest news about copyright infringement, I think the choice should be clear.

What are your opinions on this? Why do you choose Nginx in favour of Apache? I’d really like to know.

maybe not that what your question is, but anyway:

It’s not a good situation. Of course this is part of my reasoning in my firsr post.

I like nginx because of its way style/ syntax of configuration files. I find them much easier to read and to understand.
I read a few arguments against nginx by Nacho Parker in the near past:
https://ownyourbits.com/2017/06/12/why-nextcloudpi-uses-apache-and-not-nginx/

And this convinced me to move to apache in the next days - as soon as I have time.
Especially the part about easy implementation of modules got me.

Basically
Apache for dynamic content.
Nginx for static content.

Is Nextcloud only serving static content?
Yes and no.
Web GUI = yes
Syncing files = no

What is Nextcloud for?
Syncing files

Which is then best for Nextcloud?
Apache.

Nginx is very good in serving static websites, Nextcloud is not a website, it’s a files syncing server. I think the common misunderstanding is that Nginx is better, just because it’s newer. That’s not the case here. Just saying. :slight_smile:

5 Likes

True. There are some static files, but the bulk of everything is rendered through PHP because the files are user unique or requires access rights. At least from a performance point-of-view.

Common argument pro Nginx as well is that you usually set it up with php-fpm which allows concurrent connections with less memory usage, compared to Apache, commonly set up with mod-php, which spawns a new Apache instance for every single connection. However since Apache as well allows to use php-fpm with mpm_event, it is then very much the same as with Nginx.

As well mod-php in theory is even faster for a single connection for PHP content, due to no client-server overhead when using a dedicated PHP server. I saw benchmarks once, underlining that in practice, however not sure if still true with modern setup and up-to-date versions.
Finally it depends on size of the individual Nextcloud instance, whether mod-php or php-fpm suits better.

Have tried both apache and nginx implementations of Nextcloud (and previously ownCloud). Nginx is a number of degrees faster than apache. But, having used apache for years, I know configuration and deployment is much easier. The current situation is regrettable.

1 Like

since both are faster. and both are superior.

does anyone have any numbers?

if not. the playbook now can setup both for you:

so one could do some benchmarks. :wink: (and tell me if i should enhance/fine tune the settings in the playbook.)

1 Like

I always install nginx+apache. Nginx is a good accelerator to smooth away loading for apache.

My two cents.
I always use Apache. In Nextcloud (and in every other app served by Apache) I avoid the use of .htaccess files, as they are read and processed by Apache in every request, so in the virtualhost I configure:

AllowOverride None
#include all .htaccess 
Include /var/www/nextcloud/.htaccess
Include /var/www/nextcloud/config/.htaccess
Include /data/nextcloud_data/.htaccess

Thanks to that the apache configuration is loaded in memory once and not reread at each request

Edit: This was the source for my approach https://www.eschrade.com/page/why-is-fastcgi-w-nginx-so-much-faster-than-apache-w-mod_php/

6 Likes

That’s an interesting approach.

I changed from Apache mpm_prefork + mod_php over to nginx + fpm about 5 years ago because Apache would fork a new sometimes 120MB process just to load a static file (CSS, JS or image) whereas nginx would only load php-fpm when dealing with a PHP script. That alone justified the nginx learning curve. On top of that the prefork module would only run as a single user ID for all virtual hosts whereas nginx+fpm was easy to set up to run with a different uid for each vhost. Sold!

I realize that Apache + mod_event + mod_fpm could emulate what nginx + fpm can do but, in my case, now that I am comfortable with nginx configuration it would take a huge selling point for me to switch back to Apache. The recent exploit and the Russian takeover of nginx HQ are minor blips because it’s open source and so widely used.

1 Like

Thats neat! I have to read up on that option. Thanks!

Youre right though, I do use mod_event these days but I always thought it wasn’t right that every vhost would run as the same user.

FWIW this is the PHP FPM snippet I use…

~ cat /etc/php/7.4/fpm/pool.d/example.com.conf
[example.com]
user = 1001
group = 1001
include = /etc/php/7.4/fpm/common.conf

Then in the nginx location section for php I use this included from each vhost…

location      ~ ^(.+\.php)(.*)$ {
fastcgi_pass  unix:/home/u/$host/var/run/fpm.sock;
# etc
}

And obviously each vhost area has permissions like this so another vhost user can’t get into or read anything in each others web area…

UPATH=/home/u/example.com 
chown 1001:www-data -R $UPATH
find $UPATH -type d -exec chmod 02750 {} +
find $UPATH -type f -exec chmod 00640 {} +

Just my two cents, which may not actually be worth two cents since I know basically nothing about nginx and not an expert on Apache either… but I will say this. Several things indicate to me that Apache may have better security. We’ve had the recent Nextcloud + nginx vulnerability. The official docs also mention it’s safe to deploy Nextcloud at the web root in Apache but not nginx.

Maybe that’s not really the case, but that’s how it smells to me. And with all the turmoil over nginx, I don’t see any reason for me personally to move away from Apache. I have had no performance or memory issues with my server.

I am new to linux. Do you have any article how to disable/avoid htaccess in nextcloud docker installation? Are there any security concerns if we disable htaccess?

I think this was not the aim of @guerrero. He’s proposal is not to delete or disable .htaccess, but reduce reads amount and increase speed by proper(?) configuration of apache2. Please, do not disable or delete those files, it will be huge security hole.

I will try it and check the speed before and after. Thanks!!

I would prefer not to do this for security reasons. In the htaccess context the possibilities are limited for security. What you are doing is giving everyone who can write to your webroot the possibility to rewrite your whole server configuration. This approach is very risky as nobody should ever have a chance to change your apaches config!

What you can do manually is to copy the parts from the .htaccess to apache config after every update. This way you get the speedup without security concerns but have to keep the config up to date (watchman or similar tools may help).