IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
I haven't worked with NGINX for ages because every time I did it was slower than Apache. Have you worked with it with FreeBSD, and does it install OK?
FreeBSD 12.1 Setup Testing
- Thread starter factor
- Start date
they each have their strengths in general
nginx is faster
then nginx_apache
then apache is slowest
you can use htaccces with both apache and nginx_apache
I have nginx_apache installed with no issues.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
Have you actually tested this nginx_apach and just apache on an extremely busy site and checked speed and load differences or is that what is written? I used NGINX as a reverse proxy before and it was quite a bit slower than just Apache, but at that time I was using it with mod_php which also unlike what is often written, is faster than php-fpm. However, I've never done nginx_apache w/php-fpm. I don't use mod_php anymore because there is no http/2 and attackers play games to figure out your Apache parameters and adjust their attacks.
Thanks!
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
That has been my experience from the last time I tried something like this, which admittedly has been a long time ago, before php-fpm and custom build support. If mod_php could do http/2 I'd use that but mod_php is too vulnerable to denial of service attacks and Let's Encrypt is the only practical way to do certs in a shared hosting situation.
Thoughts:
With nginx on it's own you lose htaccess. The nginx site responds to that with:
That implies it is read from disk every time. That won't happen because even it was written so stupidly without microcaching the files would be in cache, and rules need to be applied every time whether it is an htaccess file or by their substitute. They go on to say:
When did this happen? They must be including parking pages and "Hello World!" sites. "Funky" is exactly how every serious site on the web works, and for CMS systems, it's how they work with the only difference being they use php to do it. If it is so funky, why did they add a rewrite module? They fail to mention to implement this requires requires privileged server access to the virtual hosts file. That's swell. Without some clever coding and manually maintaining this every time a web developer needed a change that doesn't work either. Ditto for htpasswd functionality.
Ya, and so does adding something like PHP and MySQL.
Nginx-Apache combination: We've both experienced, we got negative mileage out of this combination. One would think that if anyone could have gotten mileage out of this it would have been me running Apache with mod_php and Nginx as a reverse proxy. If Apache isn't doing the PHP as with PHP-FPM, it seems in most cases we've simply put a man in the middle. Separating requests across multiple servers can be done by both Nginx and Apache with rewrites and DNS. So it seems we're down to load balancing across multiple servers where HAProxy might be better.
Research: I found that someone wrote an htaccess add-on for nginx, htaccess-for-nginx. However, it relies on several operating system modules that need to be installed as well. I'd guess not many shared hosting companies have their control panels modified to include single-author dontations of code from github. Besides being unsupported under DirectAdmin, the question is, is it significantly faster than Apache after adding these?
Statistics: People cite statistics, but how can they know when there are sites running nginx for reverse proxy and load balancing? I'd also guess there aren't many large shared hosting companies that don't have htaccess capabilities.
Closing thoughts: I may be missing something. I may try it. My thoughts at the moment are with Nginx-Apache I have less chance of making it productive than I did with Apache and mod_php. If I install just Nginx, I would need to use the 3rd-party htaccess module and supporting files, and it would have to quite a bit faster than Apache to make sense to offset the complexity and manual maintenance.
I dont have an extremely busy site either. I did do some general testing before. Alot of my sites were Static at the time. So I will try this out and see.
this is what I have because of mod_php is old and unsafe.
I will try this out.
I definitely think nginx_apache is more maintenance. I too would prefer apache if its just as fast.
based on what you all have said no.
I might be going back to apache.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
DirectAdmin does not install for FreeBSD 12.2. It wants libmcrypt.h or something. I installed the package an ran again and it still wanted it.
Apache, PHP 5.6, 7.4, php-fpm, MySQL 5.7, Exim, Dovcot, Proftpd, RoundCube, no ioncube, no zen loader. If it can't do a bare-bones install it is unmaintainable also.
Apache, PHP 5.6, 7.4, php-fpm, MySQL 5.7, Exim, Dovcot, Proftpd, RoundCube, no ioncube, no zen loader. If it can't do a bare-bones install it is unmaintainable also.
Last edited:
My case is different, but... yes, it may be due to OpenSSL 1.1.1 in Freebsd 12.x. PHP 5.x requires OpenSSL 1.0.2. I read that DA support once stated in the forums that 5.6 is patched to work against newer OpenSSL's; however it may not be 100% error prone.
Do not use PHP 5 if you can.
Do not use PHP 5 if you can.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
This is for a VM designed to enable a single app to migrate from 5.3 to 7.4. When I tried to install PHP 5.3 I ran into the OpenSSL issue. The error states that I needed to move to 5.6, so I did. First it blows up and says I need libmcrypt which is not in the Common pre-install commands. Then when I add it before running setup, it runs until I get this:
Things start to fall apart at 3762 and 3764. There remainder are toward end.
pkg install libmcrypt
You said you installed the package but wanted to be sure.
for the
try
pkg install sqlite
That is the old wiki and unmaintained
Also in general the Preinstall commands are for supported vanilla installs. Which is not what you are doing. I will also say for FreeBSD its not really supported well. Like Debian or RH flavors.
I would blank the server and remove your requirement for php 5.6 completely. See if it installs then add 5.6 later if you must have it.
If not you may have to go back to FreeBSD11.
from the log you attached
Please select default PHP version you would like to use (5.3/5.4/5.5/5.6/7.0/7.1/7.2/7.3/7.4/8.0, default: 7.4):5.6
set this to 7.4
then
Would you like to have a second instance of PHP installed? (yes/no, default: no): no
dont install any other PHP and for sure not 8.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
Thank you for the reply. If what I'm doing isn't vanilla, then what are those selections doing in the script? I have an 11.2 VM I can copy over but I'm out of time. 5 hours of playing games is more than I can afford right now.
Last edited:
Yeah it took a month for me to actually get the FreeBSD working. The script is very outdated. It still has FreeBSD versions older than 10 in it.
Anything other than current supported Php would be custom. This is my findings in general you can always log a support request with DA.
Anything other than current supported Php would be custom. This is my findings in general you can always log a support request with DA.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
Thanks.
If this is where 12 is, I wonder when 13 binaries will be available? If you're going to be a guinea pig, it might as well be with 13 instead of 12, something that will give you the longest life. It was supposed to release today, but it looks like it has been set back a week. I'm guessing that was from their attempts to get Wireguard in as was the original intent, but now they pushed it to 13.1. I don't need it for this anyway.
For DA, and far and away most of the hosting providers, CENTOS was the standard. The announcement hit about like GM saying they are dropping Chevrolet. Stream doesn't make any sense and who knows where the corny RHEL developer program is going. Now 3 more pop up. It appears DA went for AlmaLinux by CloudLinux, which makes sense I guess. The only certainties with Linux are fragmentation and uncertainty. Maybe this will drive more traffic to FreeBSD.
If this is where 12 is, I wonder when 13 binaries will be available? If you're going to be a guinea pig, it might as well be with 13 instead of 12, something that will give you the longest life. It was supposed to release today, but it looks like it has been set back a week. I'm guessing that was from their attempts to get Wireguard in as was the original intent, but now they pushed it to 13.1. I don't need it for this anyway.
For DA, and far and away most of the hosting providers, CENTOS was the standard. The announcement hit about like GM saying they are dropping Chevrolet. Stream doesn't make any sense and who knows where the corny RHEL developer program is going. Now 3 more pop up. It appears DA went for AlmaLinux by CloudLinux, which makes sense I guess. The only certainties with Linux are fragmentation and uncertainty. Maybe this will drive more traffic to FreeBSD.
Last edited:
Not sure I guess when FreeBSD is finished.
13 is not supported by DA yet and might not ever be. No real excitement there on their part.
Maybe I wish it would. Most here a trying Alma Linux or Debian
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
There is actually only one choice when it's between the new guy on the block, AlmaLinux/Cloud/RHEL and the Ubuntu/Debian that almost faded into obscurity before FreeBSD went low priority. cPanel only supports the RHEL and Cloud family and Apple. For hosts that provide both cPanel and DirectAdmin, they will go with AlmaLinux/Cloud, so Ubuntu/Debian isn't going to be where it's at for DA either. I'm going to start experimenting with Windows server too. Pretty much anything that runs on ?nix runs on Windows, and Windows goes a lot more places and has a lot better tools to get there with. The trick there will be to find a decent shared hosting CP.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
Yeah, cPanel used to and installed from ports, but they did a poor job of it. They did with Windows as well, then named it something else, and now I think it's gone. I used HSphere also, but that was a nightmare to keep unbroken.
We started out on Linux but in time traffic drove it into the ground. The revenue wasn't there for lots of servers. Then we got kicked out of data centers for traffic reasons. (unlimited is unlimited until you start using a little bit of that bandwidth, then they call it abuse and tell you to leave). I called The Planet and they told me for throughput under load, nothing beats FreeBSD. For applications, use Linux. For Windows applications use Windows. I LOVED their infrastructure, but we were too small for them. I ran across a guy that had just bought servers because his loads were knocking him over, but he tried FreeBSD and now he didn't need the servers. The only DC at the time that would take us was SAVVIS, and we were desperate. (At least at that time they did most of the world banking and are/were guarded by the military as a strategic asset.) I explained to their tech support. He said you need FreeBSD, not Linux, and DirectAdmin, not cPanel. This was hard for me to accept, but I had nowhere to go and I needed something in a hurry. He said that he couldn't do it but pointed me to a vendor internally. I had no intention on staying on the platform but we were desperate. The newest FreeBSD DirectAdmin was in beta for. They said I can't recommend you run beta software on a server like that but the OS change was quite a monumental change in architecture so I took a chance. Instantly, both the traffic and processing crashing under load problems were solved. It was an incredible relief. If we got attacked, we could log in under loads of 90-170 and block. Under Linux, things would be checking out before you got out of the single digits. As the saying goes, "You don't know what you don't know." I got dragged kicking and screaming into FreeBSD and DirectAdmin. I slowly got the hang of FreeBSD and DirectAdmin here, mostly from a guy here known as Chris. With FreeBSD there was no DLL hell and dependencies handled well. With DA, when you delete a user or site, there is nothing to clean up as there used to be with cPanel. SAVVIS treated us very well and moved us around in the DC and they were interested in keeping us where the performance was best, so I can't kick about that. What was frustrating is the infrastructure. Some guys left The Planet and when they started SoftLayer, I realized they were replicating The Planet-type infrastructure and jumped on that instantly. They did an even much better job. I've been with them since and they've treated us phenomenally. IBM bought them out, so support has gone way down, but we are bare metal so really the only time we need them is for hardware failures and we've only had that happen twice.
I don't know anything anymore about the ever changing distros/operating systems. To me they make about as much sense as if Dell, HP, Lenovo, Asus, Acer, etc. all had their own version of Windows that stored OS and program files in different places with different registry layouts, had DLL hell like Windows 98, no common update system, no good dependency resolution, and released at different degrees of readiness. It's a kernel for a hobby OS where many that start out as being the future and next big thing turn out to be a flash in the pan. I really don't want to learn one of the designer operating systems when FreeBSD releases are rock solid and I know it can handle our loads, while I don't know if Linux can these days or not. I would think it would be easier to write for something that doesn't change where stuff is put. The only big changes that I know of with FreeBSD has been the compiler due to a licensing change. If I have change, I'd rather change to Windows even if I had to pay for it, provided I can find a Control Panel I like for it.