NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more.
It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, It can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers.
It is an open source web server that is quickly gaining ground, and is expected to be the most widely installed web server software in the future.
NGINX as a Web Server
The goal behind this was to create the fastest web server around, and maintaining that excellence is still a central goal of the project.
It consistently beats Apache and other servers in benchmarks measuring web server performance. Since the original release of this server however, websites have expanded from simple HTML pages to dynamic, multifaceted content. It has grown along with it and now supports all the components of the modern Web, including WebSocket, HTTP/2, and streaming of multiple video formats (HDS, HLS, RTMP, and others).
NGINX Beyond Web Serving
Though NGINX became famous as the fastest web server, the scalable underlying architecture has proved ideal for many web tasks beyond serving content. Because it can handle a high volume of connections, It is commonly used as a reverse proxy and load balancer to manage incoming traffic and distribute it to slower upstream servers – anything from legacy database servers to microservices.
NGINX also is frequently placed between clients and a second web server, to serve as an SSL/TLS terminator or a web accelerator. Acting as an intermediary, It efficiently handles tasks that might slow down your web server, such as negotiating SSL/TLS or compressing and caching content to improve performance. Dynamic sites, built using anything from Node.js to PHP, commonly deploy it as a content cache and reverse proxy to reduce load on application servers and make the most effective use of the underlying hardware.
What NGINX and NGINX Plus Can Do for You?
These are the best-in-class web server and application delivery solutions used by high‑traffic websites such as CDN, Dropbox, Netflix, and Zynga. More than 367 million websites worldwide, including the majority of the 100,000 busiest websites, rely on it to deliver their content quickly, reliably, and securely.
- NGINX makes hardware load balancers obsolete. As a software-only open source load balancer, it is less expensive and more configurable than hardware load balancers, and is designed for modern cloud architectures. NGINX Plus supports on-the-fly reconfiguration and integrates with modern DevOps tools for easier monitoring.
- NGINX is a multifunction tool. With this, you can use the same tool as your load balancer, reverse proxy, content cache, and web server, minimizing the amount of tooling and configuration your organization needs to maintain.
What Is an SSL Load Balancer?
An SSL load balancer is a load balancer that also performs encryption and decryption of data transported via HTTPS, which uses the Secure Sockets Layer (SSL) protocol (or its successor, the Transport Layer Security [TLS] protocol) to secure HTTP data as it crosses the network. The load balancer intercepts incoming client requests and distributes them across a group of backend servers, which increases website performance, reliability, and scalability.
SSL and TLS are the standard protocols for encrypting HTTP data before it is sent across a network, which prevents it from being read by unauthorized third parties who intercept it. It is vital for protecting sensitive data such as credit card numbers and Social Security numbers transmitted over a public network like the Internet.
An SSL load balancer acts as the server-side SSL endpoint for connections with clients, meaning that it performs the decryption of requests and encryption of responses that the web or application server would otherwise have to do. The process varies somewhat depending on the security of the network between the load balancer and server:
- If the load balancer and server are on the same secured network (generally this means being behind a firewall), the SSL load balancer is usually configured to decrypt the request, extract the information needed for load balancing, and forward the request to the server in the clear (unencrypted). It encrypts the server’s response before returning it to the client.
- If the network between the load balancer and server is not secure, the SSL load balancer is usually configured to decrypt the request, extract the information needed for load balancing, and re-encrypt the request before forwarding it to the server. The process is reversed for the response from server to client.
Offloading the decryption and encryption process, which is computationally intensive, frees web and application servers to perform the work they are designed for, which speeds content delivery and improves the overall user experience. If the network between load balancer and servers is secure, you only need to install and manage the SSL certificates on the load balancer instead of every web and application server. This significantly reduces administrative overhead if the group of servers is large.
How Can NGINX Plus Help?
As a software load balancer and SSL termination solution, NGINX Plus is significantly less expensive than hardware solutions with similar capabilities. It uses OpenSSL and the power of standard processor chips to provide a cost-effective solution that covers most SSL requirements. For a complete discussion, see SSL Offloading, Encryption and Certificates with NGINX.