# Your thoughts on using nginx and apache together?



## Belucci (Oct 16, 2014)

Well vestaCP automatically installs and sets them to work so that nginx handles all the static contetn and forwards the dynamic one to apache. That's supposed to give you the best of both worlds, right?

The speed of nginx and the rich ecosystem and support of apache.

Sounds pretty good on paper.

My question is to the people who have actually used this combination. Does it give significant imrovement in performance and load? Are there problems that pop-up because of the slightly unusual setup?

Is the security improved or actually decreased?

Are there othe control panels that auto setup that combination?


----------



## KuJoe (Oct 16, 2014)

I've used this setup in the past but then opted to just use nginx by itself instead. Now I've switched over to ServerPilot.io which uses this setup and it's awesome. Performance-wise I don't notice a difference really between the Apache + nginx versus just Apache or just nginx but for security it's definitely worth it. Just for fun, over the weekend I tried to DOS my sites that use ServerPilot using common layer 7 attacks and it stayed online whereas my dev server that runs only Apache was down with almost every attack I tried (I've since switched my dev server over to ServerPilot also).


----------



## HalfEatenPie (Oct 16, 2014)

KuJoe said:


> I've used this setup in the past but then opted to just use nginx by itself instead. Now I've switched over to ServerPilot.io which uses this setup and it's awesome. Performance-wise I don't notice a difference really between the Apache + nginx versus just Apache or just nginx but for security it's definitely worth it. Just for fun, over the weekend I tried to DOS my sites that use ServerPilot using common layer 7 attacks and it stayed online whereas my dev server that runs only Apache was down with almost every attack I tried (I've since switched my dev server over to ServerPilot also).


So... what is this...

Is this like a DDoS protection on top of your DigitalOcean VPS?  Or is this a platform to simply host your own PHP scripts.  What is it?


----------



## KuJoe (Oct 16, 2014)

ServerPilot is essentially an alternative to installing and running a control panel on your server. I don't use Digital Ocean but it doesn't work on OpenVZ and only works on Ubuntu 12.04 and 14.04 so you'll need KVM/Xen/Dedi for it to work. It does basic security stuff (firewalling, auto-updates, patching 0-day exploits, and such) but it's mostly just a very basic control panel. You point it to your server with a base install of Ubuntu and it configures all of the web services for you (Apache, nginx, MySQL, PHP 5.4, PHP 5.5, and PHP 5.6). You can create the domains and MySQL users/databases through their web GUI but I just like that they configured all of the web services for me since I was having a heck of a time with all of the hacks I had to do to get nginx working 100% with Wyvern, it works flawlessly now and the performance is noticeable on the backend.

In a nut shell, it's a very simple control panel for people who don't want a control panel (or if you're looking for a control panel that just handles the web services and not DNS, mail, etc...).


----------



## LimestoneNetworks (Oct 16, 2014)

KuJoe said:


> ServerPilot is essentially an alternative to installing and running a control panel on your server. I don't use Digital Ocean but it doesn't work on OpenVZ and only works on Ubuntu 12.04 and 14.04 so you'll need KVM/Xen/Dedi for it to work. It does basic security stuff (firewalling, auto-updates, patching 0-day exploits, and such) but it's mostly just a very basic control panel. You point it to your server with a base install of Ubuntu and it configures all of the web services for you (Apache, nginx, MySQL, PHP 5.4, PHP 5.5, and PHP 5.6). You can create the domains and MySQL users/databases through their web GUI but I just like that they configured all of the web services for me since I was having a heck of a time with all of the hacks I had to do to get nginx working 100% with Wyvern, it works flawlessly now and the performance is noticeable on the backend.
> 
> In a nut shell, it's a very simple control panel for people who don't want a control panel (or if you're looking for a control panel that just handles the web services and not DNS, mail, etc...).
> 
> That's very interesting. Thanks for the info. I'm passing this on to our IT and dev teams.


----------



## DomainBop (Oct 16, 2014)

> Does it give significant imrovement in performance and load?


I use the nginx /apache (mpm-event + php-fpm) combo.  There is a significant decrease in load for higher traffic sites but if you have a site that has relatively low traffic you probably won't notice much of a difference in performance,  load, or RAM usage.

The proxy server feature in Nginx also comes in handy if you're running different types of webservers on the same server, for example Apache and Tomcat...see example below from one of my servers.

Nginx front end: ports 80,443

Tomcat: ports 8166, 8443 (SSL)

Apache: ports 8080, 444 (SSL)


----------



## Belucci (Oct 16, 2014)

KuJoe said:


> ServerPilot is essentially an alternative to installing and running a control panel on your server. I don't use Digital Ocean but it doesn't work on OpenVZ and only works on Ubuntu 12.04 and 14.04 so you'll need KVM/Xen/Dedi for it to work. It does basic security stuff (firewalling, auto-updates, patching 0-day exploits, and such) but it's mostly just a very basic control panel. You point it to your server with a base install of Ubuntu and it configures all of the web services for you (Apache, nginx, MySQL, PHP 5.4, PHP 5.5, and PHP 5.6). You can create the domains and MySQL users/databases through their web GUI but I just like that they configured all of the web services for me since I was having a heck of a time with all of the hacks I had to do to get nginx working 100% with Wyvern, it works flawlessly now and the performance is noticeable on the backend.
> 
> In a nut shell, it's a very simple control panel for people who don't want a control panel (or if you're looking for a control panel that just handles the web services and not DNS, mail, etc...).


Is it a control panel that's hosted by a 3rd party and they have full access to your server?


----------



## KuJoe (Oct 16, 2014)

Belucci said:


> Is it a control panel that's hosted by a 3rd party and they have full access to your server?


Yes it's a "control panel" in a sense that's hosted on their website. No they do not have full access to my servers, I would never give somebody I don't 100% trust full access to a server of mine.

Read more here:


----------



## zzrok (Oct 16, 2014)

I've been running it with great success on a website that gets ~10k hits per day.  We were running regular Apache prefork, but now we run nginx as a reverse proxy in front of Apache prefork.  We can't do away with Apache entirely or change its multi-processing module because the site runs on mod_perl.  The nginx setup is considerably more robust.  Performance doesn't inherently increase using this method, but in our case it improved the consistency of our response time because we can make more effective use of caching.  I don't have the graphs anymore, but I believe we saved somewhere between 30% to 50% of memory, which we put toward caching in the application.  Not having to tie up Apache processes serving static files to slow clients saves a lot of memory.

Putting nginx into operation was easy.  It did not take long to configure and we didn't have to change anything about the Apache application.  It pretty much Just Works™.  I highly recommend it.


----------



## Dan (Oct 21, 2014)

I also run nginx front and apache at the back only for SVN though, runs great.


----------

