Security, speed, compliance, and flexibility -- all of these describe lighttpd (pron. lighty) which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments. With a small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, SCGI, Auth, Output-Compression, URL-Rewriting and many more) lighttpd is the perfect solution for every server that is suffering load problems. And best of all it's Open Source licensed under the revised BSD license.

Web 2.0

lighttpd powers several popular Web 2.0 sites. Its high speed io-infrastructure allows them to scale several times better with the same hardware than with alternative web-servers.

This fast web server and its development team create a web-server with the needs of the future web in mind:

Its event-driven architecture is optimized for a large number of parallel connections (keep-alive) which is important for high performance AJAX applications.



October 03, 2021

Important changes

  • improve performance, reduce memory use, bugfixes



  • HTTP/2 smoother and lower memory use (in general)
  • HTTP/2 tuning to better handle aggressive client initial requests
  • reduce memory footprint; workaround poor glibc behavior; jemalloc is better
  • mod_magnet lua performance improvements
  • mod_dirlisting performance improvements and new caching option
  • memory constraints for extreme edge cases in mod_dirlisting, mod_ssi, mod_webdav
  • connect(), write(), read() time limits on backends (separate from client timeouts)
  • lighttpd restarts if large discontinuity in time occurs (embedded systems)
  • RFC7233 Range support for all non-streaming responses, not only static files

Behavior Changes

  • connect() to backend now has default 8 second timeout (configurable)

Future Scheduled Behavior Changes (estimated early 2022)

  • graceful restart/shutdown default timeout will change from
    0 (infinite/no timeout) to 5 seconds (or some similar non-zero period)
    configure an alternative with:
    server.feature-flags += (“server.graceful-shutdown-timeout” => 5)
  • lighttpd (optional) dependencies on libev and on FAM are deprecated.
    lighttpd event loop and file monitoring use native OS interfaces
    except on obscure platforms. FAM and gamin appear to be abandoned.
    Package maintainers on Linux and *BSD:
    please remove —with-libev and —with-fam from package builds
    lighttpd uses epoll() on Linux, kqueue() on *BSD for event notification.
    lighttpd uses inotify() on Linux, kqueue() on *BSD for file monitoring.

  • mod_compress is DEPRECATED; use mod_deflate
    mod_compress has been subsumed by mod_deflate
    Note: mod_compress config options may be removed in a future release
  • mod_geoip is DEPRECATED; use mod_maxminddb
    Note: mod_geoip will be removed from a future lighttpd release
  • mod_authn_mysql is DEPRECATED; use mod_authn_dbi
    Note: mod_authn_mysql will be removed from a future lighttpd release
  • mod_mysql_vhost is DEPRECATED; use mod_vhostdb_dbi or mod_vhostdb_mysql
    Note: mod_mysql_vhost will be removed from a future lighttpd release
  • mod_cml is DEPRECATED; use mod_magnet
    Note: mod_cml will be removed from a future lighttpd release
  • mod_flv_streaming is DEPRECATED; (Adobe Flash Video (.flv))
    (Note: can be replaced with a few lines of lua code and mod_magnet)
    (sample script flv-streaming.lua is posted at )
    Adobe Flash is deprecated and support has been removed from modern clients