Squeezing the most out of a web server…
Ever thought of setting up a reverse proxy to serve your static content a lot faster than the lumbering giant Apache? Don’t get me wrong, Apache is still one of the best web servers going and used by over 60% of the Internet. The problem is, it is too good, and we wake this slumbering giant up for everything! Instead, we could be getting a smaller package to nip in and do the job without the excessive memory overhead.
The setup is simple!
Get Apache to work on the LO interface (127.0.0.1 – yes, even on port 80!) and set nginx up to serve on the public IP on the usual ports. All we need to include in the vhost for nginx is the proxy pass syntax to 127.0.0.1:80, etc., and think about forwarding headers, etc., and …. voila! We have a small process serving static content, and only looking to Apache when it is unsure what to do when dealing with things like PHP.
The best part for a sysadmin like me is security. Apache is protected against most 0 days, and in the event of a 0 day on nginx we can drop it from the line-up and within a nanosecond have Apache run the show direct (usually with no downtime either).
But what about Fast CGI?
You could use Fast CGI and get nginx to pass to it on to Apache, but I am not the biggest fan of this. I do not believe that Fast CGI has the necessary security that something like mod_php has and it will be a while before I happily put these 2 technologies together alone.
Problems
Sometimes this combo can give you a bit of a headache with redirects, so I’d be interested to hear what others have done to make the process better.