Nginx

Nginx is one of those things that many people want to try but don't. Why? Because it's scary. Well... Nginx itself isn't scary, but all of the poor guides out there make it a nightmare. The first step in making Nginx work for you is to not follow 95% of the guides found on Google. That sounds backward from what you usually hear and I do hate giving that advice. While many of the guides out there will get you going most of the time in most situations, they tend to be suboptimal. Many of these configurations tend to focus on reproducing how Apache does things.

Most anyone reading this already knows me. My name is Michael Lustfield. I'm running the servers of a starting web development company called Kalliki Software. We've been in business for a little while now. When we started we had an Apache Web server with less than one half a gigabyte of RAM. After three websites we were feeling the burn. The Apache web server was taking us down. We didn't have the resources to grow out. We needed to grow up. I turned to the two leaders, Nginx and Lighttpd. After investigating each I easily settled on Nginx.

Building a secure setup is extremely hard. There's an old saying that's basically "build an idiot-proof system and the world will build a better idiot." That works two ways. If you build a hacker-proof system then you'll
find better hackers. Loosely defined use of the term hacker of course.

So, how does one make a secure web server. The easiest would be to use something like Nginx and server only static content with hundreds of layers of strong security to get to altering those files with only one fully

warning: no proof reading and some rambling...

I recently made the change to Nginx from Apache. This change came with a severe lack of fun and enjoyment. The whole process was >150 hours. Painstaking. It should be pretty easy to move this to my production server, probably be much much easier. I have yet to even touch using it as a proxy.