In the September 2020 survey we received responses from 1,196,298,727 sites, across 264,284,761 unique domains and 10,338,585 web-facing computers. Compared with last month, this is a loss of 34,277,859 sites and 10,901 web-facing computers, but a gain of 2,463,474 unique domains.
Approximately 15 million domains have switched from Microsoft web server software to OpenResty, a web server which adds LuaJIT support to nginx. This represents a 5.97 percentage point drop in Microsoft’s market share of domains, and, accordingly, a 6.71 percentage point increase for OpenResty. OpenResty now powers 34.5 million domains, giving it a 13% market share and gaining it third place behind nginx and Apache. This huge swing is driven by GoDaddy migrating its customers’ parked domains from GoDaddy’s own hosting infrastructure to Google Cloud.
Microsoft also experienced a large loss of 49,600 web-facing computers (-3.1%), unrelated to the GoDaddy OpenResty migration. The largest increase in web-facing computers was seen for Apache (+19,100), though this was not enough to re-take the lead from nginx, which became the largest web server vendor by this metric last month.
Most of the large vendors saw drops in terms of the number of active sites hosted this month. Cloudflare and LiteSpeed are among the vendors who saw growth in this area despite the overall negative trend. Pepyaka (used by Wix) and Squarespace also both gained active sites (+3.0% and +2.6% respectively), reflecting the growing popularity of website builders.
New vendor releases
This month LiteSpeed released version 5.4.9 of the LiteSpeed Web Server. A small number of new features have been added in this update, including automatic CloudFlare CDN IP detection and support for bcrypt password hashes when using HTTP authentication.
Apache have released three new versions of Tomcat this month – 8.5.58, 9.0.38 and 10.0.0-M8. These releases each add a number of new features and security patches. Notable changes include adding support for the Expect HTTP header, and adding support for setting read and write idle timeouts on websocket connections.
Apache also released version 8.1.0 of Apache Traffic Server. This release focused on improving the stability, reliability and performance of the server’s HTTP/2 support.
|Developer||August 2020||Percent||September 2020||Percent||Change|
Posted in Web Server Survey
|8||CWCS Managed Hosting||Linux||0:00:00||0.014||0.324||0.078||0.159||0.159|
|9||New York Internet (NYI)||FreeBSD||0:00:00||0.019||0.577||0.056||0.112||0.112|
The most reliable hosting company site in August 2020 belonged to Choopa.com, with no failed requests and the fastest average connection time. Choopa.com has now had the most reliable hosting company site three times in 2020. The company provides a range of services including cloud hosting, dedicated servers, colocation and managed services from four locations across the US, Europe and Asia.
Swishmail appeared in second place, also responding to all of Netcraft's requests in August. Swishmail provides business email services alongside hosting solutions.
Rackspace, Bigstep and EveryCity appear in third, fourth and fifth places. Rackspace had the second fastest average connection time and has appeared in the top 10 six times in 2020. Bigstep offers "bare metal" cloud hosting to provide the flexibility of cloud hosting but without the associated overhead and performance reductions of virtualization. EveryCity has appeared in the top 10 seven times in 2020 and is the only site that uses SmartOS.
The Netcraft Browser Extension now offers credential leak detection for extra protection against shopping site skimmers.
With brick-and-mortar shops around the world closed due to COVID-19, consumers turned to online businesses to fulfil their shopping needs. According to Adobe’s Digital Economy Index report, US online spending in June was $73 billion, up 76% from $42 billion last year. Even with restrictions lifted, research commissioned by Visa suggests that 74% of Britons who shopped online more often during the lockdown will continue to do so.
Netcraft currently blocks over 6,000 shopping sites which contain skimmers, and even large companies such as British Airways, Ticketmaster and Puma have fallen prey to these attacks in the past.
When you visit a shopping site, the Netcraft extension will evaluate all requests made by the web page. If a request is found to be sending credentials to a different domain, the extension will block the request to prevent your data from being stolen. A block screen will notify you about the request and provide information about the malicious behaviour that was detected. Only card number leaks are currently blocked, but other types of credentials may be enabled in future updates.
For example, if you check out using your credit card on exampleshoppingsite.com but your card details are sent to examplebadsite.com, the extension will block the request. This checking is done locally and securely in your browser – no sensitive information is sent to Netcraft.
If you already have the Netcraft Extension installed, your browser will update it automatically.
In the August 2020 survey we received responses from 1,230,576,586 sites across 261,821,287 unique domains and 10,349,486 web-facing computers. This represents a loss of 3.65 million sites, but a gain of 1.16 million domains and 128,000 computers.
The number of web-facing computers using nginx increased by 83,000 this month, which means that - for the first time - nginx is in use by more web-facing computers than any other web server, including Apache. This is another milestone for nginx, and reflects its impressive growth in recent years.
Apache still serves more active sites than nginx, and a greater proportion of the top million busiest sites, but this month its decline in these metrics continued. One year ago, among the top million busiest sites, nginx trailed Apache’s market share by 6 percentage points. nginx has since halved this gap, and is now less than 3 percentage points behind. If the current trend continues, it won’t be long before nginx overtakes Apache in this area too.
As well as a marked decrease in total sites this month of 22.14 million (-15.8%), Microsoft also suffered in other metrics this month. The number of domains served using Microsoft software dropped by 8.27 million (-18.4%), and 19,000 fewer web-facing computers (-1.2%) are running Microsoft web servers. Microsoft also lost 633,000 active sites (-7.3%).
New vendor releases
Apache released three new versions of httpd this month. Version 2.4.44 fixed several bugs, version 2.4.45 dropped support for the abandoned HTTP2 Cache Digests proposal, and version 2.4.46 fixed three security vulnerabilities.
This month nginx released updates for three of its products. nginx 19.1.2 mainline was released on 11 August with a few minor optimizations and several bugfixes. On the same day, njs 0.4.3 was released, adding support for the querystring module. On 13 August nginx Unit 1.19.0 was released, which introduced several new features, improved performance, and fixed a number of bugs.
|Developer||July 2020||Percent||August 2020||Percent||Change|
Posted in Web Server Survey
|5||New York Internet (NYI)||FreeBSD||0:00:00||0.005||0.566||0.056||0.110||0.110|
|6||Hyve Managed Hosting||Linux||0:00:00||0.005||0.186||0.075||0.149||0.149|
|7||CWCS Managed Hosting||Linux||0:00:00||0.005||0.326||0.079||0.160||0.160|
Webair had the most reliable hosting company site in July 2020. The top four hosting company sites each responded to all of Netcraft's requests in July and were separated by average connection time. Webair provides a range of services including managed hosting solutions and high performance cloud environments, with colocation available in North America, Europe and Singapore.
Swishmail appeared in second place and provides business email services alongside hosting solutions. ServerStack and Multacom complete the top four in third and fourth place respectively. ServerStack has now appeared in the top 10 for the last six consecutive months and offers managed and dedicated hosting solutions from its three data centres across the US and Europe. Multacom operates in Los Angeles, and focuses on providing custom dedicated servers, colocation services and cloud solutions.
Our iOS app protects against online threats, with new attacks blocked within 15 minutes of being identified as fraudulent by Netcraft. It offers a 28-day free trial of all features, after which a monthly or annual subscription can be purchased for $1.99 or $9.99 (£1.99 or £9.99).
You can use the app without a subscription to report suspicious sites to Netcraft with just a few taps, and automatically report URLs in SMS and iMessages from unknown senders.
Posted by Will Dollman in Netcraft Services
Your link here? Advertising on the Netcraft Blog