Apache, also known as Apache2, is essentially the standard in the PHP world. It is often installed automatically with many packages, making it nearly ubiquitous. Although it is widely used, and some IT veterans still swear by Apache, I have always found it somewhat cumbersome. The XML-structured approach for configuration seems a bit outdated to me now. Consequently, I've spent years exploring alternatives. In this article, I would like to introduce you to the web servers I've used during this time that represent a better choice than Apache for me.
Another example of Apache's well-known quirks is the ubiquitous .htaccess file, which ends up in WordPress, Joomla, Drupal, and almost every open-source web system automatically. It allows URL rewrites, access rules, and other settings to be overridden per directory – yet every .htaccess lookup slows down performance and complicates caching. Many modern web servers therefore forgo directory overrides, opting instead for centralized, clearly structured configuration files that can be reloaded without a performance penalty. These often sleeker approaches are precisely what I’m introducing in this article.
The Alternatives
1. Nginx (pronounced "Engine X")
After Apache2, Nginx is probably the second-best-known open-source web server and has made a name for itself in recent years, particularly as a powerful reverse proxy. Many hosts already deploy Nginx before Apache2 to deliver static assets like images or CSS/JS files especially quickly. Even the widely used hosting software Plesk employs Nginx as a proxy layer in front of Apache2 to optimize loading times and better handle load spikes.
Configuration in .conf format
The configuration files for Nginx are plain text files with the .conf extension. Within them, you define hierarchies of contexts and directives:
http {
server {
listen
- http/ – Global context for protocol settings
- server/ – Virtual host (domain level)
- location/ – Path-based request routing
- Directives like
listen,server_name,root, orfastcgi_passgovern the individual functions
This simple, declarative format is very well-suited for versioning and automation.
Scalability and Ecosystem
- Nginx's event-driven architecture handles thousands of simultaneous connections with minimal memory usage.
- In container orchestrations like Kubernetes, Nginx is often found as an ingress controller.
- A multitude of modules (e.g., for caching, compression, security headers) makes Nginx extremely flexible.
Site Caching
Nginx can cache entire web pages and thus respond to requests from the cache multiple times – exactly as is done with this blog post. With directives like proxy_cache, proxy_cache_valid, and finely granular location rules, we ensure that repeated accesses are served quickly without passing each request to the backend servers.
With Nginx, you get a solid, highly scalable web server that feels at home in modern cloud environments just as much as on classic VPS installations.
2. Caddy
Caddy is a relatively newer but extremely practical open-source web server based on Go, which stands out with a particularly simple configuration and some very practical features. A highlight is the built-in support for ACME (Let's Encrypt), which automatically and free of charge generates and renews SSL certificates – no need to manually apply for or configure a certificate.
Simple Configuration
Caddy uses a very simple and readable configuration file, typically called a "Caddyfile." Instead of writing complex .conf files, one defines the main server instructions in just a few lines:
example.com {
root *
In this example, a website running on "example.com" is configured. The web server serves files from the /var/www/html folder but also forwards requests to another server running on port 8080.
Integrated ACME Support A standout feature of Caddy is automatic SSL certificate management. When you start Caddy, it immediately ensures that your websites are accessible via HTTPS. Caddy takes care of everything, from certificate request to installation to automatic renewal, without requiring any external configuration, making it highly user-friendly.
Load Balancing Caddy also supports simple load balancing. You can specify multiple backend servers to which requests are distributed, better managing traffic and increasing fault tolerance. Here is a simple example:
example.com {
reverse_proxy backend1.example.com backend2.example.com
}
Caddy automatically manages load distribution and offers reliable load balancing even without additional tools.
Support for Nginx Configuration Files Another standout feature of Caddy is the ability to import Nginx configuration files, making the transition to Caddy extremely simple for users switching from Nginx, as many configurations can be directly adopted without starting from scratch.
CLI and Simple Use Cases Caddy can be started and configured effortlessly via the command line (CLI), making it ideal for simple use cases such as proxying, as a file server, or for smaller web applications. The server is ready to operate with a few commands, making it suitable for quick deployments.
I have frequently installed Caddy in the past when I needed a quick and simple solution for a web server or proxy – particularly in containerized environments. Caddy has often replaced Nginx, as it suffices for many of my requirements and offers a much simpler configuration.
Caddy convinces with a highly flexible and user-friendly approach and is particularly well-suited for projects requiring simple setup, SSL encryption, and load balancing.
3. HAProxy
HAProxy is not a traditional web server with PHP-FPM support but a high-performance load balancer and reverse proxy. It shines in environments focused on high availability, traffic distribution, and extensive health checks.
Usage Scenarios:
- Distribution of HTTP(S) requests to multiple backend servers
- SSL offloading and TLS termination
- TCP load balancing (database proxies, SMTP, etc.)
- Serves as a front door for microservices architectures
Configuration in haproxy.cfg format
The central configuration file /etc/haproxy/haproxy.cfg is divided into sections:
<span class="hljs-keyword">global</span>
- global: System-wide settings (log, maximum connections, SSL parameters)
- defaults: Base configuration for all frontends and backends
- frontend: Defines which ports HAProxy listens on and where incoming connections are forwarded
- backend: List of target servers with health checks and load-balancing algorithm
Important Features:
- Health Checks (HTTP, TCP) ensure only healthy instances receive traffic.
- SSL Offloading relieves backend servers from TLS processing.
- Sticky Sessions (e.g., via cookies) can be enabled for stateful applications.
- Rate Limiting and Connection Throttling protect against overload.
Why HAProxy? Even though HAProxy itself does not serve PHP-FPM processes, it perfectly complements any web server as a load distributor: You can run Nginx, Caddy, or Apache behind it and put HAProxy upfront to achieve maximum scalability and fault tolerance. We deploy HAProxy in demanding production environments where high availability and traffic management are required.
4. Traefik
Traefik is a modern, dynamically configurable reverse proxy and load balancer that stands out for its automatic service discovery and seamless integration in container and orchestration environments. Unlike traditional web servers or proxies, Traefik loads its configuration at runtime from external sources (Docker, Kubernetes, Consul, etc.) without requiring a restart.
Automatic Service Discovery and Dynamic Configuration Traefik "talks" to your container orchestrator or registry and automatically recognizes new services. For instance, a simple Docker run with labels is all it takes for Traefik to promptly set up the HTTP router:
<span class="hljs-comment"># Example: docker-compose.yml</span>
Traefik then automatically handles:
- Creation of the router (
webapp) - Connection to the service-load-balancer object
- Health checks and load balancing
Integrated ACME/Let’s Encrypt Support
Similar to Caddy, Traefik offers automatic TLS management. You simply specify your email and desired ACME provider in the static configuration, and Traefik handles request, issuance, and renewal:
#
Load Balancing and Middleware Traefik comes with numerous middleware functionalities (rate limiting, IP whitelist, header manipulation, circuit breaker), which can be easily activated through configuration. The integrated round-robin or weighted load balancing automatically distributes traffic to your backends.
Observability and Dashboard Traefik provides an integrated web dashboard and API, allowing you to view all active routers, services, and middlewares live. It also provides metrics (Prometheus, Datadog, etc.) and log data for your monitoring systems.
Usage Scenarios
- Container Environments: Docker Swarm, Kubernetes (Ingress Controller)
- Microservices Architectures: dynamic routing without restarts
- SSL/TLS Management: automatic certificate acquisition
- API Gateway: central routing rules and security layer
- Docker labels: Traefik integrates perfectly with Docker and can be dynamically configured with labels.
We prefer to use Traefik in projects where services change dynamically and zero-downtime configuration is desired. Thanks to its close integration with modern platforms, Traefik is often our first choice as an ingress or edge proxy in cloud environments.