Lighttpd is a lightweight web server that has a minimalistic design and an efficient architecture. Unlike some of its “heavyweight” counterparts, Lighttpd is remarkably small in size, with the latest release requiring only a few MBs of memory.
In this article, we will explore the important aspects of Lighttpd, including its core features, architecture, installation, deployment, and configuration. We’ll also discuss ways to tune and monitor its performance.
Lighttpd, often referred to as Lighty, is an open-source, high-performance web server that has a small memory footprint. Like NGINX, Lighttpd was originally developed to solve the c10k problem — to efficiently process 10,000 concurrent connections on one server. Over time, it gained widespread popularity, not only for solving the c10k problem, but also for its nimbleness and speed.
As per the official website, the “typical scenario” for using Lighttpd is as an offload server for delivering static content. In such an architecture, the main server handles complex processing, whereas Lighttpd serves static files like images and videos. For example, YouTube uses a cluster of Lighttpd servers to serve static thumbnails to its users.
Lighttpd has an inherently efficient event-driven architecture that uses a single process and a limited number of threads. Unlike some other web servers, Lighttpd doesn’t create new threads or processes for each incoming connection.
This approach leads to many advantages. First, it optimizes CPU and memory utilization, making Lighttpd a top choice for resource-constrained and resource-intensive deployments. Whether your server has limited hardware resources or you are trying to maximize the efficiency of a more robust system, Lighttpd fits in perfectly.
Moreover, this design also enables Lighttpd to excel in high concurrency scenarios. It can handle a large number of concurrent clients without creating many short-lived threads (which would cause memory spikes or compromise performance).
Lighttpd is a versatile web server that can cater to a wide range of use cases. Here are a few examples:
Lighttpd and NGINX are two highly regarded web servers, each with unique characteristics.
In terms of architecture, both platforms share more similarities than differences. Lighttpd uses a single-process, event-driven design with a limited number of threads. NGINX also uses an event-driven architecture with a finite number of worker threads that handle connections in a non-blocking manner.
Both NGINX and Lighttpd are able to handle a large number of connections with small memory footprints. However, in most cases, Lighttpd typically consumes less memory and CPU than NGINX when dealing with similar workloads.
If we talk about configurability, both systems provide flexibility and ease of configuration. However, NGINX offers a much larger set of features and modules. To implement advanced proxying, caching, or load balancing features with Lighttpd, you may have to make changes to its source code.
Lighttpd and Apache are also often compared with each other. While there are areas of overlap in their functionalities, there are also some key distinctions to consider.
Apache has a per-request architecture, which means that a new thread or process is spawned for each request. This approach, while flexible, is much more resource-intensive compared to the single-process approach that Lighttpd takes.
While both Lighttpd and Apache offer dynamic content processing, Apache comes with a broader feature set and a richer module library. Apache also provides native support for directory-level configurations, a valuable feature that’s not present in Lighttpd.
In Apache, you can dynamically add or remove modules without having to recompile the entire server. Conversely, Lighttpd modules must be compiled at build time. While the static loading approach enhances security, it limits your ability to change the server’s functionality on the fly.
Lighttpd offers a host of features that cater to a wide range of web server requirements. Here are a few:
The mod_proxy module of Lighttpd allows you to deploy it as a reverse proxy. Even though this module currently doesn’t support SSL offloading, it offers basic load-balancing capabilities. For example, you can do prefix matching, update paths, and work with WebSockets.
The mod_wstunnel module can be used to process WebSockets traffic with Lighttpd. The module termiates WebSockets data from clients, forwards plain HTTP data to the backend, and then transforms the response from the backend back to WebSockets format before sending it to the client.
Lighttpd offers a powerful FastCGI interface (via the mod_fastcgi module), which enhances its ability to handle dynamic content generation. Its internal FastCGI load balancer allows you to distribute load across different FastCGI servers.
Unlike other web servers, Lighttpd allows you to configure the best event handling mechanism available on a server. You can select from a range of mechanisms based on your operating system, including select, poll, epoll, kqueue, and libev. This flexibility enables you to maximize the performance and throughput of the event-based architecture to best suit your needs.
Conditional URL rewriting is another powerful feature that allows you to manipulate URLs based on predefined conditions. This can be used to create SEO-friendly URLs, implement complex URL routing, or implement other custom logic.
If you want to encrypt sensitive data, secure online transactions, or provide secure access to web applications, you can configure Lighttpd to run with TLS/SSL. The available modules for this support are: mod_openssl, mod_nss, mod_gnutls, and mod_wolfssl.
Lighttpd's lightweight and space-efficient design are further complemented by its strong support for HTTP compression. This feature reduces the size of data exchanged between the server and clients, which not only accelerates load times but also improves the overall performance of the web stack. You can enable HTTP compression by loading the mod_deflate module.
Lighttpd offers a module, mod_rrdtool, to integrate with RRDtool, a data logging and graphing system that stores and displays in-depth statistics and insights related to server performance. The module also allows you to generate and view graphs for collected metrics on a webpage.
The simplest way to install Lighttpd is via the default package manager on your Linux system. Let’s look at the steps involved.
Start by updating the package repository so that you have access to all the latest packages and updates. For Debian/Ubuntu, run:
sudo apt update
For CentOS/RHEL, use:
sudo yum update
Use the relevant package manager to install the Lighttpd package.
For Debian/Ubuntu, use:
sudo apt install lighttpd
For CentOS/RHEL, run this command:
sudo yum install lighttpd
Before we start the Lighttpd service, it’s important to tweak a few configuration parameters. The default configuration file is usually present at /etc/lighttpd/lighttpd.conf. Open this file in a text editor to set the appropriate configuration values. Here are a few initial configurations to consider:
After you have successfully installed and configured Lighttpd, you can now start its service and enable it to run at startup automatically. Use these commands:
sudo systemctl start lighttpd
sudo systemctl enable lighttpd
To check if the service has started, use the following command:
(Note: It works on both Debian/Ubuntu and CentOS/RHEL systems)
sudo systemctl status lighttpd
You can also use the following command to check whether Lighttpd is indeed listening for connections on the configured port:
sudo netstat -anp | grep lighttpd
This command filters out the lighttpd process from a list of all processes that are listening on network ports. If Lighttpd is running, you will see a line in the output that looks like this:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 11615/lighttpd
This output shows that the server is listening on port 80.
Lighttpd is a highly configurable system that can be extended via modules. In this section, we will be looking at more configuration parameters at our disposal.
A recommended security practice is to deny access to source code files. Lighttpd makes this simple to implement by offering the static-file.exclude-extensions parameter. A sample value for this parameter can be:
static-file.exclude-extensions = ( ".py", ".pl", ".php", “.cgi”, ".fcgi" )
Consider enabling the HTTP compression module (mod_deflate) to increase performance and reduce the chances of bottlenecks. To do so, simply add mod_deflate to the value of the server.modules field.
server.modules = (
"mod_access",
"mod_alias",
….[other modules you need are here],
"mod_deflate"
)
Virtual hosts are typically used to manage multiple websites on a single server. They are important when you have to serve multiple domains or subdomains from a single node. You can use the mod_simple_vhost module to manage virtual hosts in Lighttpd.
The complete document root for a virtual host is determined by concatenating either the server root + hostname + document root values or the server root + default host + document root values. For example, the complete document root for the following values will be /var/www/test/test.org/testPages:
test-vhost.server-root = "/var/www/test/"
test-vhost.default-host = "test.org"
test-vhost.document-root = "testPages"
You can use the mod_openssl module to configure Lighttpd to use TLS for socket connections. It can be loaded and configured to run with client certificate validation, as follows:
setup {
module_load "mod_openssl";
openssl (
"listen" => "0.0.0.0:443",
"listen" => "[::]:443",
"pemfile" => "/etc/certs/samplePem.pem",
"client-ca-file" => "/etc/certs/sampleCA.pem",
"verify" => true,
"verify-require" => true
);
}
Once you have made all your desired configuration tweaks, you can validate that the modified configuration file is correct by running this command:
lighttpd -tt -f /etc/lighttpd/lighttpd.conf
If everything is okay, restart Lighttpd:
sudo systemctl restart lighttpd
Regular monitoring of Lighttpd is important to ensure that it’s operating and performing as expected. Here are a few steps you can take to monitor a Lighttpd instance:
Regularly monitor access and error logs for any anomalies. Access logs record client requests. They can help you analyze traffic patterns and identify potential security issues. Error logs capture server errors and warnings, which can assist in early detection of problems and bottlenecks.
Enable the mod_rrdtool module and configure it to start collecting the most important performance metrics, including total requests, total responses, total errors, total timeouts, and max response time. These metrics will enable you to track the performance of the server in real time and identify performance bottlenecks.
Additionally, you can also use the Site24x7 monitoring plugin for comprehensive monitoring of your Lighttpd instance. The plugin tracks several metrics by default, including accesses, traffic, busy servers, idle servers, and uptime.
Lighttpd offers several configuration parameters and modules to implement robust access control. For example, you can use the mod_evasive module to limit the number of requests from a single IP address. Or you can use the mod_access module to restrict access to specific directories or resources.
It’s important to audit server activity regularly to identify vulnerabilities and suspicious behavior. Security scanning tools can help you identify needlessly open ports, vulnerable third-party libraries, or outdated software.
If you are using TLS/SSL, ensure that you store sensitive data like private keys and certificates in a secure location with restricted access. It’s also crucial to:
Here are a few best practices that can help you scale your Lighttpd for optimal performance:
Lighttpd offers streaming features to control how it buffers request and response bodies with dynamic backends. By default, streaming is disabled for efficient offloading. To enable streaming, set the server.stream-request-body and server.stream-response-body options to non-zero values in the configuration file.
Other than for the basic configuration parameters like hostname, port, and log file locations, use default settings unless you have a specific reason to change them. Make one change at a time, test it, and then benchmark its impact in real-world scenarios. Revert changes that don't provide measurable benefits.
Test the performance of your instance with different values for the server.stat-cache-engine parameter, and settle on the option that gives the best results. Possible values for the parameter are: “simple”, “inotify”, and “kqueue”.
Adjust the values for the idle timeout and keep-alive parameters to free up connections efficiently. This will help you further optimize the memory footprint of the server.
If you are running a low-memory system, the Lighttpd documentation recommends setting the specified values for the following parameters:
server.max-fds = 128 (or lower)
server.max-connections = 16 (or lower)
server.listen-backlog = 16 (or lower)
ssl.read-ahead = "disable"
Lighttpd is a nimble yet powerful web server that suits different kinds of web applications. Despite being much smaller in size than its counterparts, it offers an array of valuable features that ensure optimized performance, high availability, and seamless scalability for your infrastructure.
If you want to get the most out of Lighttpd, you need to monitor its performance to reduce lags, downtime and troubleshoot issues. Get insightful visualizations and timely alerts to ensure optimal functioning of your Lighttpd web server through Site24x7 plugins.
Write for Site24x7 is a special writing program that supports writers who create content for Site24x7 “Learn” portal. Get paid for your writing.
Apply Now