The case for Nginx in front of application servers
As a rule of thumb, an application server should never face the Internet directly, unless of course Nginx (or OpenResty) is being used as such. This is not only for performance reasons, although this is not much of a concern anymore with modern runtimes such as Go or Node, but mostly for flexibility and security reasons. Here are some key points to consider: At this point, Nginx is a proven and battle-tested HTTP server This allows keeping the application as simple as possible: Nginx will handle logging, compression, SSL, and so on In case the application server goes down, Nginx will still serve a 50x page so visitors know that something is wrong Nginx has built-in load-balancing features, it also allows running several application servers on the same IP address Nginx has built-in caching features (with on-disk persistence) Nginx has rich rate-limiting features, which are especially useful for APIs Nginx helps protecting against some DoS attacks (such as low-bandwidth Application Layer attacks) Lastly, one aspect which tend to be forgotten these days is the importance of server logs....