In the May 2020 survey we received responses from 1,238,024,212 sites across 261,192,350 unique domains and 9,892,834 web-facing computers. This reflects a gain of 224,000 computers and 1.10 million domains, but a loss of 8.10 million sites.
nginx lost the greatest number of sites, with 14.2 million fewer than in April, but conversely had by far the greatest increases in unique domain names (+1.50 million, +2.02%), and web-facing computers (+137,000, +4.43%) this month. OpenResty, which is based on nginx, also saw a large 237,000 domain count increase to reach 7.15 million – the second largest increase in domains for any vendor this month.
Apache had losses in most metrics, dropping 244,000 domains. It did, however, come away with 6.88 million more sites and 45,000 more computers this month than last. Apache still leads in the active sites, computers, and top one million sites metrics.
Microsoft lost out on all metrics this month, dropping by 5.08 million sites and 175,000 unique domains. Both Apache and Microsoft have been on slow long-term downward trends in most metrics. Although they have both increased their count of web-facing computers over time, nginx has seen much stronger growth in comparison. Despite running on a 17.9% share of domain names and 16.4% share of computers, Microsoft holds a much smaller 4.72% share of active sites.
LiteSpeed currently serves 4.20 million domains, giving it a 1.61% market share. It has a slightly higher 1.88% share amongst the top one million sites. LiteSpeed has seen consistent growth, and has had a 23.3% domain count growth over the last 12 months.
Nginx released a new stable version of the nginx web server. nginx version 1.18.0 incorporates additional features which have been introduced in the mainline 1.17.x nginx versions over time. Nginx also released version 1.17.0 of the Nginx Unit application server.
LiteSpeed released new 1.6.13 and 1.7.1 versions of their OpenLiteSpeed web server, introducing bug fixes, security features, updates from their LSQUIC library, CentOS 8 support, and more.
|Developer||April 2020||Percent||May 2020||Percent||Change|
In the April 2020 survey we received responses from 1,246,121,153 sites across 260,089,947 unique domains and 9,669,267 web-facing computers. This reflects a gain of 10,000 computers and 2.90 million domains, but a loss of 16.9 million sites.
nginx and Microsoft lost the most sites this month — 13.4 million and 10.4 million each — but like all other major vendors, they both gained domains.
Since attaining the largest share of domains last month, nginx has extended its lead with net growth of 1.84 million domains and now has a 28.5% share of this market, compared with Apache's 27.8%.
Although Apache gained the largest number of sites this month — more than 2 million — it lost 598,000 active sites and its presence amongst the top million websites decreased by 4,230 sites, which took its top-sites count down by 1.43%. Nonetheless, Apache still has the largest share of the top million sites for now (29.1% compared with nginx's 25.5%), and also continues to lead in terms of active sites and web-facing computers.
Vendors respond to COVID-19
As the coronavirus pandemic continues to affect many people's lives in an unprecedented fashion, some web server vendors have offered to help in a variety of direct and indirect ways.
Microsoft has made an initial $1 billion donation to Puget Sound's COVID-19 Response Fund; published a map that tracks active, recovered and fatal cases; and has offered its Healthcare Bot service powered by Microsoft Azure to help frontline organisations screen patients for potential infection and care.
NGINX and F5 are offering free resources for websites impacted by the crisis. This includes free access to its core training for NGINX Open Source; providing additional help and one free year of NGINX Plus to the education, public government and non-profit sectors; and encouraging its employees to respond to NGINX related matters on Stack Overflow and Twitter.
Google has made its COVID-19 datasets free to access and query. Researchers can also use Google's BigQuery ML language to create and execute machine learning models for free. Google's COVID-19 public dataset program is to remain in effect until 15 September.
Google has already had a number of measures in place to ensure that its systems stay up and running during the coronavirus crisis. For more than ten years it has carried out regular disaster recovery testing to identify and address potential problems before they happen, and its engineers operate from multiple locations. With some businesses experiencing increased online sales while consumers stay at home, Google has also activated its enhanced support structure which was developed for peak demand situations like Black Friday.
Last month, Google announced availability of Game Servers beta, which is a managed service offering the Kubernetes-based, open source Agones game server hosting project cofounded by Google and Ubisoft. Agones automatically scales Kubernetes to meet unpredictable player demand, and so its launch is conveniently timed to help cope with the increased amount of online multiplayer gaming taking place while many people are either self-isolating or on lockdown during the global coronavirus crisis.
Online gaming is helping some companies to weather the pandemic, such as Chinese technology group Tencent, which expects revenues from its games business to hold up better than that of its main rival, Alibaba, whose Taobao Tengine web server currently powers 13.7 million websites. Alibaba's co-founder, Jack Ma, has donated coronavirus test kits and masks to Europe and the US despite the effect the pandemic has had on its Tmall and Taobao retail businesses.
Finally, Netcraft has been protecting consumers and businesses from the despicable — yet inevitable — influx of coronavirus-themed cybercrime, which has recently scaled up a notch. The types of fraudulent activity that are purposely exploiting the pandemic include tax refund scams and other phishing attacks that have been modified to make use of coronavirus-themed emails, as well as smishing, password-stealing malware, advance fee scams, and masses of fake online stores purportedly selling COVID-19 vaccines, cures and related protective equipment.
|Developer||March 2020||Percent||April 2020||Percent||Change|
In the March 2020 survey we received responses from 1,263,025,546 sites across 257,194,796 unique domains and 9,659,223 web-facing computers. This reflects a gain of 94,300 computers, 2.12 million sites and 3.00 million domains.
Microsoft and nginx both saw increases in the total number of domains in March 2020, with nginx gaining 4.84 million domains (+7.2%) and increasing its market share by 1.6 percentage points to 28.1%. Microsoft gained 215,000 domains, though this was not substantial enough to avoid losing market share to nginx.
nginx’s sharp increase saw it overtake Apache in terms of domain market share for the first time, with a marginal lead of 136,000 domains. However Apache continues to lead nginx by a considerable amount in terms of active sites —despite losing 225,000 active sites this month, Apache maintains an 8.21 percentage point lead in market share over nginx. Apache also leads in terms of web-facing computers, though with only 3.17 percentage points separating them from nginx.
Several server vendors which hold a lower market share saw mixed results this month. Google lost 115,000 domains but gained 510,000 active sites, while Oracle lost 27,800 domains and 22,200 active sites. Both hold less than one percent of domain market share, with Google claiming 0.87% (-0.06 percentage points), and Oracle holding 0.22% (-0.01 percentage points).
After having gained almost 2 million domains every month since December, Cloudflare’s rapid growth slowed this month with a gain of only 714,929 domains. Cloudflare power their content delivery network with their own server software, originally based on nginx , which accounted for 9.31% of observed domains.
NGINX released several new versions of its products this month. The nginx web server was updated to 1.17.9 with several small changes and bug fixes, one of which is related to HTTP/2 support. The company’s dynamic application server NGINX Unit was updated to 1.16.0, adding functionality which allows more configurable round-robin load balancing.
LiteSpeed Technologies released version 5.4.6 of their LiteSpeed Web Server . This release adds support for the latest draft specification of HTTP/3, which itself was published in mid-February. The release also hardens the server’s default TLS configuration by disabling support for TLS 1.1 unless enabled by the user.
Apache also released versions 8.5.53, 9.0.33, and 10.0.0-M3 of Apache Tomcat, which include several small feature updates and bug fixes.
|Developer||February 2020||Percent||March 2020||Percent||Change|
In the February 2020 survey we received responses from 1,260,909,305 sites across 254,192,929 unique domains and 9,564,965 web-facing computers. This reflects a loss of 35.1 million sites and 11,900 computers, but a gain of 4.57 million domains.
The largest swings this month were seen for nginx. Despite losing 28.7 million sites and 64,500 web-facing computers, nginx excelled in other metrics this month, including a 3.06 million increase in unique domain count and a 675,000 increase in active sites count, building upon its rapid growth from last month.
Apache increased its share of the sites market this month by 0.53 percentage points, owed largely to the aforementioned drop in sites for nginx. This comes despite a drop of 1.77 million sites for Apache. Apache also lost 187,000 domains and 97,500 active sites this month. Apache did, however, gain an extra 6,400 web-facing computers. Apache is presently the most commonly used web server in terms of domains, active sites, and computers, and also has the greatest portion of the top one million busiest sites. The only metric in which it is currently beaten is the relatively unstable total count of sites (hostnames), for which nginx currently holds first place.
Microsoft saw modest growth in its counts of active sites (+193,000), web-facing computers (+9,890), and domains (+536,000). Microsoft saw a reduction of 2.65 million sites, but, like Apache, was left with an increase in its market share overall.
Apache released versions 7.0.100, 8.5.51, and 9.0.31 of its Tomcat Java Servlet software. The updates, which are largely the same across the major versions, include fixes, improvements, and some refactoring. Coyote, the HTTP connector component of Apache Tomcat, was found serving around 325,000 domains this month.
NGINX released an update for NGINX Unit , their open source dynamic application server, adding support for Ruby 2.7 and addressing a number of bugs.
|Developer||January 2020||Percent||February 2020||Percent||Change|
In the January 2020 survey we received responses from 1,295,973,827 sites across 249,618,033 unique domain names and 9,576,845 web-facing computers. This reflects a gain of 27.7 million sites, 5.86 million domains, and 146,000 computers.
Apache, nginx, and Microsoft all saw increases in their totals for number of domains in January 2020, although nginx demonstrated substantially the largest growth (+2.53 million), bringing its market share up to 25.8% and its total to 64,391,621 domains. The growths this month for Apache (+80,900) and Microsoft (+66,300) were much smaller in comparison. An additional 2.18 million domains identified themselves as Cloudflare servers, an 11.3% increase since December, bringing the Cloudflare-exclusive server platform up to 21.4 million domains. LiteSpeed usage grew by 96,500 domains — a fairly consistent and strong 2.5% growth — giving it a new total of 3.97 million.
Looking instead over the span of the past year, Microsoft's domain count decreased by 12.1 million (-20.8%), whilst nginx grew by 12.5 million (+24.0%), partly due to a swing from Microsoft to nginx at GoDaddy seen in March . Apache's count of domains is largely the same as it was a year ago, only having shrunk slightly by 1.79 million domains (-2.4%).
The gains and losses in domains were also met with similar trends in active sites . The number of active sites seen by Netcraft in January 2020 increased to 189 million, up from 183 million since the previous month. Around 1.99 million of the increase came from nginx, and 1.12 million from Cloudflare, increasing their respective totals by +5.7% and +6.6%. Apache and Microsoft, on the other hand, remained fairly stable this month, but overall lost out over the course of a year. LiteSpeed's active site count also continues to grow steadily, increasing by 149,000 (+3.1%) this month to reach 4.95 million.
By count of web-facing computers, Apache, nginx, and Microsoft all demonstrated gains, with nginx showing the most significant gain of 83,700 additional computers since December. Over the past year, nginx has grown by 771,000 computers (+33.2%), far in excess of Apache's 192,000 (+6.1%) and Microsoft's 105,000 (+6.8%) growths.
Windows Server 2008 End-of-life
On January 14, 2020 Microsoft ended support for Windows Server 2008 and Server 2008 R2 . As a component of the operating system, versions of Microsoft's IIS (Internet Information Services) are tightly bound to the Windows versions they run on, with IIS/7.5 being the version integrated into Windows Server 2008 R2. As such, IIS/7.5 is similarly end-of-life, receiving no further security fixes. Despite forward notice, and the availability of more modern versions, there is often a great deal of inertia preventing companies from upgrading operating system software before it falls out of support. As of January 2020, Netcraft counted 887,000 web-facing computers running Windows Server 2008 and 2008 R2, making them the most popular versions of Windows employed in the webserver market. Furthermore, over half of all counted Windows computers ran some end-of-life version of the Windows family of operating systems.
Turning to the use of IIS specifically, Netcraft found almost 2.85 million active sites running on IIS/7.5 - 32.5% of all active sites running on some version of IIS. Approximately 940,000 active sites run on even older versions of IIS. Within the top one million sites, 25,700 of the 77,800 sites running on IIS use an outdated version.
LiteSpeed Technologies released versions 1.6.5 and 1.5.11 of their open source OpenLiteSpeed web server. The updates introduce improvements to caching performance, security, and stability. The updates also see OpenLiteSpeed move to version 2.8.3 of lsquic , LiteSpeed's C implementation of the experimental QUIC and HTTP/3 transport protocols.
Nginx released version 1.14.0 of their Nginx Unit dynamic application server, providing additional features and bug fixes . Nginx also released a minor bugfix update for the open source edition of the main nginx web server product.
The Apache Tomcat project has released updated versions for each supported release of its Java HTTP server and Servlet container software. Versions 9.0.30 , 8.5.50 and 7.0.99 include various fixes and updates.
|Developer||December 2019||Percent||January 2020||Percent||Change|
In the December 2019 survey we received responses from 1,268,289,402 sites across 243,753,534 unique domain names and 9,430,985 web-facing computers. This reflects a loss of 40.1 million sites, but a gain of 19,200 domains and 156,000 computers.
nginx gained the largest number of sites (+41.2 million), while Apache lost 50.1 million and Microsoft lost 17.5 million; but in terms of unique domains, all major vendors suffered losses. Microsoft lost the most domains (-2.67 million), followed by Apache (-572,000); and, despite gaining so many sites, nginx lost 422,000 domains.
nginx has continued its strong and steady growth in web-facing computers, this month gaining 58,500 computers compared with Apache's gain of 42,900. nginx is edging ever-closer to Apache's leading market share, which fell by 0.13 percentage points to 35.3%, leaving it only 3.4 points ahead of nginx.
If current trends continue, nginx looks set to overtake Apache at some point in late 2020, which would make it the largest vendor in terms of web-facing computers. nginx has already been in the lead by sites since April 2019, and is also closing in on domains, but is still some way behind Apache in active sites and the top million sites.
OpenLiteSpeed 1.6.4 was released on 18 November. This is the open source version of the LiteSpeed web server, which was first to ship HTTP/3 support in July, and boldly claims to outperform nginx when handling HTTP/3 traffic. More than 20 million sites across 3.9 million domains are running either LiteSpeed or OpenLiteSpeed - both variants exhibit the same "LiteSpeed" server header.
QUIC and HTTP/3 have been supported by Cloudflare's partly nginx-based edge network since September; and in October, Cloudflare released a patch that allows its savoury implementation of these protocols (quiche) to be integrated into the upstream nginx codebase. LiteSpeed's HTTP/3 benchmarks were carried out against this patch.
On 19 November, Microsoft announced the availability of Microsoft Azure from its new cloud datacenter regions in Norway. Norway's largest financial services group, DNB Group, has already chosen the new region to migrate services into the cloud in accordance with Norwegian data handling regulations.
Finally, NGINX Plus Release 20 (R20) was released on 3 December. Based on the open source nginx web server, NGINX Plus is a commercial offering, and R20 includes real-time monitoring and logging of rate-limited traffic, enhancements to connection limiting, and some security improvements for HTTP/2.
|Developer||November 2019||Percent||December 2019||Percent||Change|
Your link here? Advertising on the Netcraft Blog