LightTPD - Webserver alternative.

F

FAF

Verified User
Joined
Apr 1, 2006
Messages
87
Location
CPH, Denmark
Just surfed around looking for a FastCGI/CentOS howto, and stumbled over this webserver: LightTPD

This is from their site:
What's with the name?

Light footprint + httpd = LightTPD

If you prefer, call it just "Lighty". We want to keep your tongue intact. :)
Features

Advanced Features:

* virtual hosts
* virtual directory listings
* URL-Rewriting, HTTP-Redirects
* automatic expiration of files
* Large File Support (64bit fileoffsets)
* Ranges (start-end, start-, -end, multiple ranges)
* on-the-fly output-compression with transparent caching
o deflate, gzip, bzip2
* authentication
o basic, digest
o backends: plain files, htpasswd, htdigest, ldap
* fast and secure application controlled downloads
* Server Side Includes
* User Tracking
* FastCGI, CGI, SSI

PHP-Support:

* same speed as or faster than apache + mod_php4
* includes a utility to spawn FastCGI processes (neccesary for PHP 4.3.x)
* via FastCGI and CGI interface
* support Code Caches like Turckmm, APC or eaccelarator
* load-balanced FastCGI
(one webserver distibutes request to multiple PHP-servers via FastCGI)

Security features:

* chroot(), set UID, set GID
* protecting docroot
* strict HTTP-header parsing

Platforms

Releases of lighttpd are built regulary for at least the following platforms

* Linux (binary packages for FC3, SuSE, Debian, Gentoo, PLD-Linux, OpenWRT)
* *BSD (FreeBSD, NetBSD, OpenBSD, MacOS X)
* SGI IRIX
* Windows (Cygwin)

while it is known to compile cleanly on

* Solaris
* AIX

and various other POSIX compatible OSes.
Click to expand...

These features sounds rather impressive.

... and yes, there is a nice FastCGI howto on the website: Setup FastCGI and PHP with individual user permissions, for LightTPD.

I have always enjoyed Apache, don't take me wrong, but why leave it to that?
 
FAF said:
I have always enjoyed Apache, don't take me wrong, but why leave it to that?
Click to expand...
I agree with you 100%.

Why abandon a working server used by more webhosts than any other to be one of the first hosts to use one with close to zero market share?

:D :D :D

On the outside chance you're being serious, please investigate the config file layout for us; since DA is a closed-source compiled program that reads from and writes to the httpd.conf file format there'd be an awful lot of changes required to make it work with any platform using a different configuration file format.

Jeff
 
Actually it is a good, fast server if you are not dependant on Apache.

Using it with DA would be a pain to manage though.
 
Yes.. I understand the difficulties in changing DAs structure to support other webservers than Apache, but LightTPD can actually reside on the same server, and serve through Apaches proxy module.

Found this article on Linux.com: Lighttpd can lighten Apache's load

Don’t know the limitations of DA and using Apache2 with FastCGI support, but that would be a major step towards securing the environment. As of now - the PHP Server API is Apache and open_basedir is empty, that’s a security risk in my book. To restrict open_basedir is ok, but the webserver is not really secure, a restrictive open_basedir setting is better than nothing, but hey, that’s not good enough for an admin who values a 6-hour good night sleep. One way to fix this is to run PHP as cgi and make scripts run under your user.

I know it will require manual setup of clients to use LightTPD through the proxy, but it might take a load of Apache, and even provide load-balanced FastCGI with PHP running under the user, and that is what’s it's all about, to secure PHP in the most reasonable way. If one wants to keep Apache 1.*.*, then this could be an alternative. Plz don't kill me, I'm not an expert, this is what I have come to after a few days of research. Why put all the load on Apache?

To secure PHP should be on the top of the list, so that hosts can provide, with minimum downtime, and not use days or weeks to secure the server, especially if they are no-brainers like me.

No offence plz… had too much coffee; maybe I lost my grip and am totally spaced out. It’s not easy to provide a control-panel; it requires a good amount of time. I’m grateful for your panel, your work, and your price, just hope that you planned for changes.

I will continue my research.

Thx for your time.
 
Last edited:
I don't think you are being offensive FAF though I am not sure that it will ever get integrated into DA. It would be cool though to have it as an option.

When I said it would be a pain to manage I was referring to doing the manual setup as you have referred to. Once you start manipulating the system so that it is customized things can get to be a pain. You are no longer running the system as it was made to be run so it can make a good bit of work.

You are not alone in wanting to secure PHP though and it would be nice if the DA team would look very closely at what they can do to have it more secure by default. Heck it would be a good selling point I would think.

If I had a server that did not use a CP I would probably not use Apache if it was not needed for some function.
 
Thx DamnSkippy, you are correct.

I apologize that I went OT, It was not meant to be a PHP security mumble, but a desire to see alternative options. I will take the PHP issue up in another thread.

/FAF
 
I have been using lighttpd for a few years now. For some sites/servers it is the right tool for the job and has far from a zero market share, especially for those who need fastcgi. It is big in the Ruby on Rails crowd for example.

Another interesting web server that has many of the same advantages as lighttpd but tries to be apache compat is litespeed. It can read apache config files, and .htaccess files unlike lighttpd.
 
Last edited:
Someone said that Sourceforge.net is running on LightTPD, if so then that's a major one to the list.

See some sites that are officially Powered By lighttpd

Was just going through the lighty forum and saw someone working on getting DA to work with LightTPD: Lighty Forum

From the forum:
Ivko Naivko wrote:
> can anybody recommend me an alternative to WHM(web host manager) that
> will
> work on lighttpd, far as I understand that WHM will not work on lighttpd
> (on windows surely not)..
>
> thx.


Posted by Michael Fuita on 20.04.2006 23:19

Directadmin, I've been using da with lighttpd for a while and I'm
starting to rewrite the templates, etc to make it work in lighttpd. Only
started about a week ago but things are looking bright so far :)
Click to expand...
Looks like there is "some" interest in using DA with Lighty, thats understandable because DA is a very nice CP.

/FAF
 
jbw,

I'm willing to post the exact market share, but I can't find it. The best numbers I've seen show other at about 4%, incluidng lighttpd, litspeed, and literally hundreds of other smaller projects.

To me, being included in 4.x% market share, shared by many webserers, is close enough to zero that I can stand by my statement.

My point remains that DA cannot be everything to everyone, and there really aren't enough resources behind it to jump on every possible option out there without seriously damaging it's potential to do what it does, best.

The rewrite to have DA work with lighttpd would be major, and it would take away a lot of resources that DA needs to continue to do the things we need.

Is it time for hosting companies to start advertising that they offer lighttpd as an option to apache? While I don't think that's going to increase anyone's hosting business, it might just be the time for a few hosting companies to start offering it, so we can see.

I'm convinced that advertising I don't use apache will do nothing to increase my market share.

Jeff
 
Thx all.

Well just to end this, here are some stats on how many runs Lighttpd: April 2006 - lighttpd from netcraft

[OT]
I'm about to make some changes to accommodate my desired setup. I will very soon install OpenVZ, and run each domain in a VPS. I know it will take some resources, and some administration, but I think it's worth the trouble. After some cleanup, we are only talking about 10 domains, and I don't think that will increase in the near future. I will invest in services and features instead, like streaming, collaboration and so on.

This has been my intention from the start, but I didn't have the courage to set it into motion before now; after weeks of research.

Let's see how it turns out, maybe I will use another VE server system, but virtualized it will be.

Another nice feature, is that I can test different setups, without compromising the environment. My server can run 20-25 VPS as it is, so there are room for experimenting.

That's it for now.

Have fun.

/FAF
 
Last edited:
My point remains that DA cannot be everything to everyone, and there really aren't enough resources behind it to jump on every possible option out there without seriously damaging it's potential to do what it does, best.
Click to expand...

I agree, but you should consider the possibility to utilize other solutions. Apache is developing, so let's hope that they can keep the marketshare, there is no doubt that it's a nice httpd server with potential.

I'm convinced that advertising I don't use apache will do nothing to increase my market share.
Click to expand...

No, but advetising that DA has the ability to admin Lighttpd through Apaches proxy would. There are about zero panels which can handle Lighttpd.

Everyone is screaming for a CP for Lighttpd, because they want to use it, but cannot, or don't have the time to admin it manually. Ruby on Rails are moving rapidly, so are other lightweight httpd servers, but my intuition says that Lighttpd are one of the major players and it will become a worthy competitor, maybe even a companion for Apache, which could take care of Rails and PHP. It might be wise to wait for some time, because of the rapid developement of Lighttpd, but it should be taken into consideration.

It's wise to stick with Apache for now, no doubt, but you should take care of the problem that PHP is running as a module. Make it run under CGI like Plesk, that would be a step in the right direction, even if that means to move to Apache2, if that would ease things up.? You could have two versions of DA, one very stable and one stable :)

Plz excuse my ignorance about how DA is build, but will it take alot of work to run PHP as CGI?

/FAF
 
Last edited:
FAF said:
I'm about to make some changes to accommodate my desired setup. I will very soon install OpenVZ, and run each domain in a VPS. I know it will take some resources, and some administration, but I think it's worth the trouble.
Click to expand...
Unless you're thinking of doing something I don't understand, it will also require multiple DA licenses as each VPS will run it's own instance of DA on it's own IP#.

Check with DA sales for VPS pricing.

Jeff
 
This is a pretty old thread, smtalk.

How come you just found it again now :) ?

Jeff
 
I was looking for threads about alternatives (for ProFTPD, Apache, webmails etc.) because I was interested in this and writing some testing scripts for DirectAdmin :) That's how I found it.
 
FAF said:
Someone said that Sourceforge.net is running on LightTPD, if so then that's a major one to the list.
Click to expand...

Yes but all those companies that are running that aweful Sourceforge forum they have going have to deal with SLOW access. At times its almost like dialup access. Anyone noticed? If its LightTPD then no thanks!
 
I've administered a few large Lighttpd installations. A few websites had to CRON a script to restart lighttpd every 5 minutes because of bugs causing memory leaks.

Apache is more tested, has more experienced developers and is more stable. In addition, Apache 2.2's speed is ALMOST up to par with lighttpd. I've been extremely impressed with this new version.
 
Paulius said:
I've administered a few large Lighttpd installations. A few websites had to CRON a script to restart lighttpd every 5 minutes because of bugs causing memory leaks.
Click to expand...

2M plus page views per day and running MUCH better than apache ever did.

We also use Lighttpd on another server to 'stream' flv files and it does that very well...
 
You must log in or register to reply here.
Back
Top