In the September 2020 survey we received responses from 1,196,298,727 sites, across 264,284,761 unique domains and 10,338,585 web-facing computers. Compared with last month, this is a loss of 34,277,859 sites and 10,901 web-facing computers, but a gain of 2,463,474 unique domains.
Approximately 15 million domains have switched from Microsoft web server software to OpenResty, a web server which adds LuaJIT support to nginx. This represents a 5.97 percentage point drop in Microsoft’s market share of domains, and, accordingly, a 6.71 percentage point increase for OpenResty. OpenResty now powers 34.5 million domains, giving it a 13% market share and gaining it third place behind nginx and Apache. This huge swing is driven by GoDaddy migrating its customers’ parked domains from GoDaddy’s own hosting infrastructure to Google Cloud.
Microsoft also experienced a large loss of 49,600 web-facing computers (-3.1%), unrelated to the GoDaddy OpenResty migration. The largest increase in web-facing computers was seen for Apache (+19,100), though this was not enough to re-take the lead from nginx, which became the largest web server vendor by this metric last month.
Most of the large vendors saw drops in terms of the number of active sites hosted this month. Cloudflare and LiteSpeed are among the vendors who saw growth in this area despite the overall negative trend. Pepyaka (used by Wix) and Squarespace also both gained active sites (+3.0% and +2.6% respectively), reflecting the growing popularity of website builders.
New vendor releases
This month LiteSpeed released version 5.4.9 of the LiteSpeed Web Server. A small number of new features have been added in this update, including automatic CloudFlare CDN IP detection and support for bcrypt password hashes when using HTTP authentication.
Apache have released three new versions of Tomcat this month – 8.5.58, 9.0.38 and 10.0.0-M8. These releases each add a number of new features and security patches. Notable changes include adding support for the Expect HTTP header, and adding support for setting read and write idle timeouts on websocket connections.
Apache also released version 8.1.0 of Apache Traffic Server. This release focused on improving the stability, reliability and performance of the server’s HTTP/2 support.
|Developer||August 2020||Percent||September 2020||Percent||Change|
In the August 2020 survey we received responses from 1,230,576,586 sites across 261,821,287 unique domains and 10,349,486 web-facing computers. This represents a loss of 3.65 million sites, but a gain of 1.16 million domains and 128,000 computers.
The number of web-facing computers using nginx increased by 83,000 this month, which means that - for the first time - nginx is in use by more web-facing computers than any other web server, including Apache. This is another milestone for nginx, and reflects its impressive growth in recent years.
Apache still serves more active sites than nginx, and a greater proportion of the top million busiest sites, but this month its decline in these metrics continued. One year ago, among the top million busiest sites, nginx trailed Apache’s market share by 6 percentage points. nginx has since halved this gap, and is now less than 3 percentage points behind. If the current trend continues, it won’t be long before nginx overtakes Apache in this area too.
As well as a marked decrease in total sites this month of 22.14 million (-15.8%), Microsoft also suffered in other metrics this month. The number of domains served using Microsoft software dropped by 8.27 million (-18.4%), and 19,000 fewer web-facing computers (-1.2%) are running Microsoft web servers. Microsoft also lost 633,000 active sites (-7.3%).
New vendor releases
Apache released three new versions of httpd this month. Version 2.4.44 fixed several bugs, version 2.4.45 dropped support for the abandoned HTTP2 Cache Digests proposal, and version 2.4.46 fixed three security vulnerabilities.
This month nginx released updates for three of its products. nginx 19.1.2 mainline was released on 11 August with a few minor optimizations and several bugfixes. On the same day, njs 0.4.3 was released, adding support for the querystring module. On 13 August nginx Unit 1.19.0 was released, which introduced several new features, improved performance, and fixed a number of bugs.
|Developer||July 2020||Percent||August 2020||Percent||Change|
In the July 2020 survey we received responses from 1,234,228,567 sites across 260,658,118 unique domains and 10,221,919 web-facing computers. This represents a gain of 9.47 million sites and 180,000 computers, but a loss of 1.75 million domains.
Most of the major server vendors saw gains in total sites this month: Apache gained 9.8 million sites after a loss of roughly the same size last month, while Microsoft and nginx gained 5.4 million and 2.5 million sites respectively. LiteSpeed continued to see strong growth, gaining 1.95 million new sites this month. Although it makes up 2.17% of the market, this represents strong growth from 1.62% at the start of the year.
nginx showed the highest growth in terms of domains, gaining 200,000. Losses of 1.1 million domains for Microsoft and 998,000 for Apache have further boosted nginx’s lead in this metric, and it now stands around 30 million domains ahead with a 29.8% (+0.27 pp) market share.
nginx also showed the highest growth in web-facing computers, with an increase of 97,000 taking its total to 3.5 million and leaving it just 9,000 computers (0.09 pp of market share) shy of Apache, the current leader. Apache has consistently had the highest number of web-facing computers since Netcraft began tracking the metric in 2007, but has slowly been losing market share – primarily to nginx. Microsoft trails in third position with a total of 1.6 million web-facing computers, around half that of nginx and Apache.
New vendor releases
LiteSpeed announced the first release candidate of LiteSpeed Web Server 6.0 on 17 July. This release brings several major new features such as support for conditionals in Apache configuration files, asynchronous execution of the mod_security Web Application Firewall, and sandboxed execution environments for PHP and CGI scripts. It also adds support for the latest HTTP/3 specification, draft 29. LiteSpeed has historically been fast to adopt new draft versions of HTTP/2 and HTTP/3, often implementing support within a month of a new draft’s release.
|Developer||June 2020||Percent||July 2020||Percent||Change|
In the June 2020 survey we received responses from 1,224,760,416 sites across 262,406,750 unique domains and 10,042,047 web-facing computers. This reflects a gain of 1.21 million domains and 149,000 computers, but a loss of 13.3 million sites.
Microsoft lost the largest number of sites – more than 20 million – taking its total down by 13% to 135 million. This has decreased its market share by 1.51 percentage points to 11.0%. Apache also suffered a sizable loss of 10.7 million sites, decreasing its total to 304 million and taking its share down by 0.60 points to 24.8%.
nginx continues to lead with a total of 449 million sites, an increase of 2.95 million since last month. Coupled with the other major vendors' losses, this has increased nginx's market share by 0.63 points to 36.6%.
nginx also showed the largest computer growth, with 115,000 more computers taking its total up to 3.35 million and putting it only 76,000 computers away from Apache's leading total.
While nginx looks set to soon become the largest vendor in terms of computers – possibly even by next month – celebrations by F5 Networks are likely to be marred by the latest developments in the dispute over the ownership of the nginx web server source code: it is now being sued by Lynwood Investments, who claim it owns the software.
The latest move comes after police raids on the offices of nginx and the home of one of its co-founders, Igor Sysoev, in December 2019. Russian search engine and e-commerce service provider, Rambler, alleged the webserver was developed while Igor Sysoev was a Rambler employee. Rambler transferred the rights to pursue the dispute to Lynwood Investments.
Meanwhile, nginx has also extended its recent new lead in the domains metric, with it now being used to host sites across 1.82 million more domains than last month.
Google was the only major vendor to gain active sites this month – a 2.12% increase to 19.3 million – and LiteSpeed was the only one to increase its presence among the top million websites, where it now has a share of 1.92%.
New vendor releases
nginx 1.19.0 mainline was announced on 26 May. This first release in the 1.19.* stream adds client certificate validation with OCSP, as well as a few bug fixes. The latest stable version is still 1.18.0, which was released in April. The difference between these two release streams is that the mainline branch is where new features are added, while the stable branches receive only security and bug fixes. This gives the stable releases a fixed feature set, which increases compatibility with third-party modules.
|Developer||May 2020||Percent||June 2020||Percent||Change|
In the May 2020 survey we received responses from 1,238,024,212 sites across 261,192,350 unique domains and 9,892,834 web-facing computers. This reflects a gain of 224,000 computers and 1.10 million domains, but a loss of 8.10 million sites.
nginx lost the greatest number of sites, with 14.2 million fewer than in April, but conversely had by far the greatest increases in unique domain names (+1.50 million, +2.02%), and web-facing computers (+137,000, +4.43%) this month. OpenResty, which is based on nginx, also saw a large 237,000 domain count increase to reach 7.15 million – the second largest increase in domains for any vendor this month.
Apache had losses in most metrics, dropping 244,000 domains. It did, however, come away with 6.88 million more sites and 45,000 more computers this month than last. Apache still leads in the active sites, computers, and top one million sites metrics.
Microsoft lost out on all metrics this month, dropping by 5.08 million sites and 175,000 unique domains. Both Apache and Microsoft have been on slow long-term downward trends in most metrics. Although they have both increased their count of web-facing computers over time, nginx has seen much stronger growth in comparison. Despite running on a 17.9% share of domain names and 16.4% share of computers, Microsoft holds a much smaller 4.72% share of active sites.
LiteSpeed currently serves 4.20 million domains, giving it a 1.61% market share. It has a slightly higher 1.88% share amongst the top one million sites. LiteSpeed has seen consistent growth, and has had a 23.3% domain count growth over the last 12 months.
Nginx released a new stable version of the nginx web server. nginx version 1.18.0 incorporates additional features which have been introduced in the mainline 1.17.x nginx versions over time. Nginx also released version 1.17.0 of the Nginx Unit application server.
LiteSpeed released new 1.6.13 and 1.7.1 versions of their OpenLiteSpeed web server, introducing bug fixes, security features, updates from their LSQUIC library, CentOS 8 support, and more.
|Developer||April 2020||Percent||May 2020||Percent||Change|
In the April 2020 survey we received responses from 1,246,121,153 sites across 260,089,947 unique domains and 9,669,267 web-facing computers. This reflects a gain of 10,000 computers and 2.90 million domains, but a loss of 16.9 million sites.
nginx and Microsoft lost the most sites this month — 13.4 million and 10.4 million each — but like all other major vendors, they both gained domains.
Since attaining the largest share of domains last month, nginx has extended its lead with net growth of 1.84 million domains and now has a 28.5% share of this market, compared with Apache's 27.8%.
Although Apache gained the largest number of sites this month — more than 2 million — it lost 598,000 active sites and its presence amongst the top million websites decreased by 4,230 sites, which took its top-sites count down by 1.43%. Nonetheless, Apache still has the largest share of the top million sites for now (29.1% compared with nginx's 25.5%), and also continues to lead in terms of active sites and web-facing computers.
Vendors respond to COVID-19
As the coronavirus pandemic continues to affect many people's lives in an unprecedented fashion, some web server vendors have offered to help in a variety of direct and indirect ways.
Microsoft has made an initial $1 billion donation to Puget Sound's COVID-19 Response Fund; published a map that tracks active, recovered and fatal cases; and has offered its Healthcare Bot service powered by Microsoft Azure to help frontline organisations screen patients for potential infection and care.
NGINX and F5 are offering free resources for websites impacted by the crisis. This includes free access to its core training for NGINX Open Source; providing additional help and one free year of NGINX Plus to the education, public government and non-profit sectors; and encouraging its employees to respond to NGINX related matters on Stack Overflow and Twitter.
Google has made its COVID-19 datasets free to access and query. Researchers can also use Google's BigQuery ML language to create and execute machine learning models for free. Google's COVID-19 public dataset program is to remain in effect until 15 September.
Google has already had a number of measures in place to ensure that its systems stay up and running during the coronavirus crisis. For more than ten years it has carried out regular disaster recovery testing to identify and address potential problems before they happen, and its engineers operate from multiple locations. With some businesses experiencing increased online sales while consumers stay at home, Google has also activated its enhanced support structure which was developed for peak demand situations like Black Friday.
Last month, Google announced availability of Game Servers beta, which is a managed service offering the Kubernetes-based, open source Agones game server hosting project cofounded by Google and Ubisoft. Agones automatically scales Kubernetes to meet unpredictable player demand, and so its launch is conveniently timed to help cope with the increased amount of online multiplayer gaming taking place while many people are either self-isolating or on lockdown during the global coronavirus crisis.
Online gaming is helping some companies to weather the pandemic, such as Chinese technology group Tencent, which expects revenues from its games business to hold up better than that of its main rival, Alibaba, whose Taobao Tengine web server currently powers 13.7 million websites. Alibaba's co-founder, Jack Ma, has donated coronavirus test kits and masks to Europe and the US despite the effect the pandemic has had on its Tmall and Taobao retail businesses.
Finally, Netcraft has been protecting consumers and businesses from the despicable — yet inevitable — influx of coronavirus-themed cybercrime, which has recently scaled up a notch. The types of fraudulent activity that are purposely exploiting the pandemic include tax refund scams and other phishing attacks that have been modified to make use of coronavirus-themed emails, as well as smishing, password-stealing malware, advance fee scams, and masses of fake online stores purportedly selling COVID-19 vaccines, cures and related protective equipment.
|Developer||March 2020||Percent||April 2020||Percent||Change|
Your link here? Advertising on the Netcraft Blog