Setting up Web Servers

Installing and configuring NGINX, httpd (the default web server on OpenBSD), and Caddy involves distinct steps tailored to each server's unique features and configuration mechanisms. Each server offers a lightweight, high-performance alternative to Apache, with NGINX and Caddy also providing easy configuration for reverse proxy and automatic HTTPS.



  • FreeBSD: Use the package manager to install NGINX:

    pkg install nginx

    Enable NGINX to start at boot by adding nginx_enable="YES" to /etc/rc.conf.

  • Rocky Linux/Debian Linux: Install NGINX using the package manager:

    • Rocky Linux:
      dnf install nginx
    • Debian Linux:
      apt install nginx

    Enable NGINX to start on boot with systemctl enable nginx.


The main configuration file for NGINX is typically located at /usr/local/etc/nginx/nginx.conf on FreeBSD, and /etc/nginx/nginx.conf on both Debian Linux and Rocky Linux. Key points to configure include:

  • server block: Defines server and site-specific configuration. Adjust server_name (your domain name), and the location block to specify how to process requests for different resources.
  • listen: Specifies the IP address and port (usually listen 80; for HTTP and listen 443 ssl; for HTTPS).
  • root: The directory from which NGINX serves files.

After making changes, test the configuration with nginx -t and reload NGINX with service nginx reload on FreeBSD or systemctl reload nginx on Linux.

OpenBSD's httpd


httpd is included by default in OpenBSD; no installation is necessary.


httpd uses /etc/httpd.conf for its configuration. A simple configuration to serve static content might look like:

server "" {
    listen on * port 80
    root "/htdocs/"

Replace "" with your domain and /htdocs/ with the path to your web content. After editing, restart httpd with rcctl restart httpd.



Caddy is known for its simplicity and automatic HTTPS via Let's Encrypt.

  • Generic Installation: Download Caddy from the official website or use a package manager if available for your system. Caddy provides a convenient script for Linux:

    curl -s | bash


Caddy uses a Caddyfile for configuration, typically located in /etc/caddy/Caddyfile or directly in the directory from which you run Caddy. A basic configuration to serve a site with automatic HTTPS might be as simple as: {
    root * /var/www/html

Replace with your domain and /var/www/html with the path to your web content. Start Caddy with caddy run if running manually, or set it up as a service for automatic startup.

Securing Web Servers

Regardless of the web server, follow best practices for security:

  • Update often: Keep your web server and system software up-to-date.
  • Minimize permissions: Ensure that the web server process has only the necessary permissions on files and directories it serves or writes to.
  • Configure HTTPS: Use TLS for secure connections. NGINX and Caddy support HTTPS configuration directly. For httpd on OpenBSD, use acme-client for automatic Let's Encrypt certificates.

NGINX, OpenBSD's httpd, and Caddy offer robust, efficient alternatives for serving web content and applications. Each has its configuration style and strengths, from the simplicity and automatic HTTPS of Caddy to the performance and flexibility of NGINX and the security focus of OpenBSD's httpd. Proper installation and configuration ensure that your web services are efficient, secure, and reliable.