httpd

I decided to change the webserver that hosts this site.

This site has been hosted on Apache, the nearest thing the internet has to a standard webserver, for quite some time now — since 1996, one way or another. But Apache, despite its many advantages, is known to be slow when serving static websites, and arts & ego is static. So I’ve been mulling a switch to something faster.

mutilated text

But switch to what? There are established alternatives, such as nginx & lighttpd, both reputéd to serve static sites better than Apache. However, I run my website on OpenBSD, and that OS has its own webserver, httpd, written to replace a bug fixed Apache 1, and it particularly suits static websites. That fits here very well, so I’ve been considering httpd for rather a long time now.

But I didn’t switch. OpenBSD is not a bad operating system. It’s emphasis is security, not speed, yet despite this, and despite Apache’s reputation for static site slowness, I was happy with the speed of my website. This probably reflects the slight lack of visitors.

However, earlier this week, a nasty zero day was published for Apache, and arts & ego is vulnerable to it, in theory. In practice, the zero day, as documented, requires php and prior access to the command line. Since only I have access to the command line, and php is not installed, the zero day should not affect arts & ego. However, the exploit hasn’t been fully published; the documentation describes one mechanism to use it, but I read it to say there will be others, that php was just a convenient step, that other package bugs could be applied instead. All this put me off Apache. I decided to make the switch.

The switch turned out to be much easier than I expected. It took a bit of time to create the new configuration file; httpd and Apache 2 are completely different. Httpd is much simpler; the task wasn’t as longwinded as I’d feared. It helps that the OpenBSD documentation is superb. I hardly had to touch the book (Michael Lucas’s httpd and relayd mastery) to get the site up, although it was useful for the more advanced stuff, such as OCSP stapling.

I hope, in the meantime, you’ve not spotted any difference at all to arts & ego, except, perhaps, to appreciate the better responsiveness. You? Who am I kidding!! :-)