chris blogs

February 2009

19feb2009 · Review: Lighttpd

by Andre Bogus.
Packt Publishing, Birmingham 2008.
223 pages.

[Full disclosure: I have received a copy of the book in exchange for this review.]

The web server Lighttpd has become rather popular in the last few years and thus it was just a matter of time someone wrote a book about it. Packt published Andre Bogus’ book in October 2008. I review the first edition.

After a short overview of what Lighttpd is, the book starts with a chapter about installing Lighttpd. It is fairly detailed and contains installation instructions for many Linux distributions as well as how to install from source. It explains which configure options there are and which dependencies one needs to take care of.

Chapter 2 deals with basic setup of Lighttpd. After a quick overview of how to run Lighttpd the book dives into the configuration files. This chapter includes a short tutorial into regular expressions (PCRE style) as well as they are essential for rewriting/redirecting URLs and configuring specific parts of your site.

Chapter 3 explains how to set up CGI and virtual hosts. It gives an overview of the three modules for virtual hosting and explains how to use each one (mod_simple_vhost, mod_evhost, mod_mysqlvhost). Then, it shows how to setup and configure CGI, FastCGI and SCGI backends. While the setup is explained pretty well, I missed a section on debugging CGI, especially since this can be quite tricky at times. While not really part of Lighttpd, I’d also have expected a quick explanation on how to setup virtual hosts in the domain name system.

Chapter 4 is about serving and streaming static files, a task which Lighttpd really was made for. Traffic shaping, securing downloads with tokens and FLV streaming are addressed here.

Chapter 5 explains logging and log formatting as well as user tracking. Again, it would have been nice to mention more tools: there is a whole section on click stream tracking but the reader wont learn about any tool he can use to make sense of this data.

The next chapters are about security: Chapter 6 shows how to setup SSL with self-signed keys, an own CA, or by buying a certificate. This chapter is a bit too short and doesn’t detail debugging SSL, either. Chapter 7 tells how to secure parts of the site with passwords and the various authentication backends as well as how to avoid DDOS attacks by using mod_evasive. Chapter 8 explains how to run Lighttpd in a chroot, possibly separated from the backends.

Chapter 9 is about optimizing Lighttpd. The author uses http_load to benchmark the web server and shows a few options that can be configured in Lighttpd and the underlying OS (Linux and BSD are addressed) to make it faster. Elementary caching is explained as well. This chapter ends with an rather useless section on how to profile Lighttpd with gprof but doesn’t explain how this would help you to speed up your web server.

Chapter 10 (available online) is about migration from Apache. The reader should have no problems moving simple to medium complex Apache setups to Lighttpd, given that he can workaround the lack of .htaccess in Lighttpd. This section also tells how to use Lighttpd as a reverse proxy to forward requests it cannot (yet) take care of to different web servers.

Chapter 11 shows how to setup a few common web applications: Ruby on Rails with mod_fastcgi, Wordpress, phpMyAdmin, MediaWiki, Trac, AWStats and AjaxTerm. Apart from the last, they all use mod_fastcgi, which makes this chapter not very exciting.

Chapter 12 and 13 contain really original content that is not found easily on the net: Extending Lighttpd with Lua scripts (Chapter 12) and with C modules (Chapter 13). The author gives a short introduction to Lua and provides a few examples of using it to script Lua with mod_magnet: a random file server and a shoutbox are implemented. Chapter 13 introduces the Lighttpd API and shows how to write the random file server as a Lighttpd module. There also is an example of a module that adds proper doctypes to HTML pages.

The book concludes with an overview of HTTP status codes and a list of all Lighttpd configuration options.

Conclusion: The book is pretty compact and therefore occasionally too shallow. But it is well researched (I found no serious technical errors and just the few typographical goofs that are especially annoying in source code but seem to be unavoidable in modern technical books) and documents all aspects of the actual Lighttpd configuration. It includes many well-commented examples and code snippets. I would have wished it provided more detail on debugging configurations, setting up web servers beyond the actual Lighttpd configuration and modern application deployment (reverse proxying, load balancing…). Also, I found the index of the book rather lacking (for example, there is no mention of “Content type” in it). The stressed administrator may rather straight turn to Google or the Lighttpd wiki (which explains all options as well) than trying to find them in the book. Last but not least, I’d like to remark that the book is part of the “Packt Open Source Project Royalties” and the Lighttpd project gets “some of the money” Packt makes from each sale.

I can recommend the book to administrators and web developers that are new to Lighttpd but already have some experience in setting up web servers/web applications and who would like to get a good overview of the possibilities Lighttpd provides. Due to the last two chapters, the book also can be interesting for people that want to extend Lighttpd.

Rating: 4 of 5 points.

NP: Crash Worship—Bajo la Piel

Copyright © 2004–2013