I see so many posts and people who run NGINX as their reverse proxy. Why though? There’s HAProxy and Apache, with Caddy being a simpler option.

If you’re starting from scratch, why did you pick/are you picking NGINX over the others?

  • @____@infosec.pub
    link
    fedilink
    English
    115 months ago

    Right there with you on “just works,” as well as the simple fact that the config snippets you need are readily available - either in the repo of whatever you’re putting behind the proxy, or elsewhere on the internet.

    I consistently keep in mind that it’s ultimately an RU product, of course. But since it’s open source and changes relatively infrequently, that’s mitigated to a large degree from where I sit.

    Nothing against Caddy, though Apache gets heavy quickly from a maintenance standpoint, IMHO. But nginx has been my go to for many, many years per the above. It drops into oddball environments without having to rip and tear existing systems out by the roots, and it doesn’t care what’s behind it.

    Ages ago, I had a Tomcat app that happened to be supported indirectly by an embedded Jetty (?) app that didn’t properly support SSL certs in a sane way on its own.

    That was just fine to nginx and certbot, the little-but-important Jetty app just lived off to the side and functionally didn’t matter because with nginx and certbot, nothing else gave a crap - including the browser clients and the arcane build system that depended on that random Jetty app.