Menu
In a typical python server setup it is recommended to have Nginx web server serve the static content and proxy the dynamic requests to Gunicorn app server. Now if I am not serving any static content through my python application do I still need Nginx in front of Gunicorn ? What would be the advantages ? Detailed explanation would be really appreciated.
All the static content is served through CDN and the backend server will only need to serve the APIs(REST). So when I will only server dynamic content, will I need to have Nginx ? Does it have any advantage in case of high load etc.
826
Although there are many HTTP proxies available, we strongly advise that you use Nginx. If you choose another proxy server you need to make sure that it buffers slow clients when you use default Gunicorn workers. Without this buffering Gunicorn will be easily susceptible to denial-of-service attacks.
Nginx is a web server and reverse-proxy responsible for serving static content, gzip compression, ssl, proxy_buffers and other HTTP stuff while gunicorn is a Python HTTP server that interfaces with both nginx and your actual python web-app code to serve dynamic content.
Your application will now serve static assets directly from Gunicorn in production. This will be perfectly adequate for most applications, but top-tier applications may want to explore using a CDN with Django-Storages.
NGINX makes the website faster and helps them to get a better Google ranking. It shows compatibility with commonly-used web applications like ruby, python, Joomla, etc. It helps in transforming the dynamic content to static content. It helps in handling thousands of concurrent connections at the same time.
It is recommended in Gunicorn docs to run it behind a proxy server.
Technically, you don't really need Nginx.
BUT it's the Internet: your server will receive plenty of malformed HTTP requests which are made by bots and vulnerability scanner scripts. Now, your Gunicorn process will be busy parsing and dealing with these requests instead of serving genuine clients.
With Nginx in front, it will terminate these requests without forwarding to your Gunicorn backend.
Most of these bots make requests to your IP address, instead of your domain name. So it's really easy to configure Nginx to ignore requests made to IP address and only serve requests made to your domain. This is far more secure and faster than relying on Django's ALLOWED_HOSTS settings.
Also, it's much easier to find resources for Nginx about protecting your server, like blacklisting rogue IP addresses or user agents, etc. Compare these two google searches: nginx ban ip vs gunicorn ban ip. You can see Nginx search has more resources.
If you're worried about performance, then rest assured Nginx will not be the bottleneck. If you really want to optimise performance, database querying will be the first place to start.
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
