Every web server claims to be fast, so I wonder how they define that. As someone who has written their own supposedly fast web server I only want configuration simplicity. Most web servers are unnecessarily far too complicated.<p>In a web server here is what I am looking for:<p>* Fast. That is just a matter of streams and pipes. More on this later. That said the language the web server is written in largely irrelevant to its real world performance so long as it can execute low level streams and pipes.<p>* HTTP and WebSocket support. Ideally a web server will support both on the same port. It’s not challenging because you just have to examine the first incoming payload on the connection.<p>* Security. This does not have to be complicated. Let the server administrator define their own security rules and just execute those rules on incoming connections. For everything that fails just destroy the connection. Don’t send any response.<p>* Proxy/reverse proxy support. This is more simple than it sounds. It’s just a pipe to another local existing stream or piping to a new stream opened to a specified location. If authentication is required it can be the same authentication that sits behind the regular 403 HTTP response. The direction of the proxy is just a matter of who pipes to who.<p>* TLS with and without certificate trust. I HATE certificates with extreme anger, especially for localhost connections. A good web server will account for that anger.<p>* File system support. Reading from the file system for a specific resource by name should be a low level stream via file descriptor piped back to the response. If this specific file system resource is something internally required by the application, like a default homepage it should be read only once and then forever fetched from memory by variable name. Displaying file system resources, like a directory listing, doesn’t have to be slow or primitive or brittle.
<a href="https://github.com/errantmind/faf">https://github.com/errantmind/faf</a> is the fastest Rust static "web server" per the most recent TechEmpower Round 23 (Plaintext); it is purposely barebones (provide content via Rust callback!) The top 3 Composite scores are all Rust web frameworks, also not necessarily intended as general-purpose web servers.<p><a href="https://github.com/static-web-server/static-web-server">https://github.com/static-web-server/static-web-server</a> wins the SEO (and GitHub star) battle, though apparently it is old enough to have a couple unmaintained dependencies.<p>I use <a href="https://github.com/sigoden/dufs">https://github.com/sigoden/dufs</a> as my personal file transfer Swiss Army knife since it natively supports file uploads; I will check out Ferron as a lighter reverse proxy with automatic SSL certs vs. Caddy.
The author of Ferron web server here.
Thank you so much for submitting this, and thank you all for the support you have shown when I submitted the server on Hacker News.
This is a really good Caddy replacement. The configuration format Caddy uses sometimes feels oversimplified in that complex configurations are hard to read. My instincts tell me this could scale better without getting more verbose. I'm definitely considering a migration if this project matures.
Random thing I’ve been wondering: is there a point in including TLS support in web servers any more? Isn’t it always better to run a reverse proxy and terminate HTTPs at the edge?
Kudos. It would have been nice to see benchmarks compared to Nginx, since it's extremely popular.<p>I'm not using any of the other servers in the benchmark so it's meaningless to me.
The first thing on their main homepage is instructions to curl a shell script into Bash using Sudo. I find the argument that they prioritize security unconvincing.
Yikes, there is a musician named Ferron who has been around forever, and her web site was formerly ferronweb.com. So I did a double take when I saw this. The musician's web site is ferronsongs.com now. Shadows on a Dime (from 1984) is a great album.
Docs links lead to a 403 forbidden for me
<a href="https://www.ferronweb.org/docs/" rel="nofollow">https://www.ferronweb.org/docs/</a>
looks like caddy clone in rust ;) good luck. I think it is way better than caddy. Auto TLS renewal is a banger. I was thinking the same to build but had no time to do it.