Microsoft closing in on Apache's web server crown 50 million more of the world's web servers started to run Microsoft's internet information server (IIS) during February, according to Netcraft. The server-counter's data for the month offers the following view of the world's web servers. Developer January 2014 Percent February 2014 Percent Change Apache 358,669,012 …
This post has been deleted by its author
Statitics are often hard to interprate, there may be a server running IIS or Apache or Nginx but how many websites does the server run? does this include VPS instances running?
From my perspective as a web developer, those from an IT background with MS training will naturally go for ISS/.net but what costs are involved, pattents to work round, security and licencing and re-training costs. Have you ever been re-traind for a new version of JavaScript or PHP, what about VB/.net?
Yes like for like IIS is more secure for Apache and is great for things like PCI compliance but IIS will also do more than Apache such as borwser/server interaction like Node.js so depending on the setup is it more secure?
If you are large business employing a team to look after your big website, then yes IIS is probbly for you but try getting licencing fee off and upgrade costs off a small business that wants to pay $35 a year for hosting. When you consider that you can have a AWS server running Apache/Nginx for $6 a month running mutiple websites what you dont pay in licencing is left in your pocket right?
So for a true picture we need to not only know if IIS its Linux in the stats but are these servers running a physical machine or one giant cloude spawing Instance mache, and for each server what servies/modules are running such as email, .net, php and how many domains are being used with each server?
> there may be a server running IIS or Apache or Nginx but how many websites does the server run? does this include VPS instances running?
Number of servers has nothing to do with it. These statistics are all about websites/domains.
> Yes like for like IIS is more secure for Apache and is great for things like PCI compliance but IIS will also do more than Apache such as borwser/server interaction like Node.js so depending on the setup is it more secure?
What are you even talking about? If it weren't for the appalling spelling and grammar, my shill detector would be off the charts! For someone who claims to be a "web developer", I'll be generous and presume you're someone with a large investment in MS technologies, and little actual experience with Apache.
I'm not sure if the stats are any good but I would like to point out that how the server identifies itself is configurable. I have often set-up Apache servers to appear to be IIS servers. It is certainly not the best method of security and nor is it the only thing I do but it does help slow down the script kiddies.
Those who use IIS either haven't used Apache or nginx, or are non-technical admins/devs.
That was once me. I used to swear by IIS - why? because it's the only thing I had used!
It's all very well for point-and-click devs working on internal sites - but out in the real world, IIS just doesn't cut it for me - or am I just holding it wrong?
Anyone who disagrees needs to actually use Apache/nginx - Mono on nginx runs like shit off a shovel!
Would rather click on pretty icons? Got stumped on editing a config file? Then you're in the wrong job! Prepare to be outsourced.
Yes like for like IIS is more secure for Apache and is great for things like PCI compliance but IIS will also do more than Apache such as borwser/server interaction like Node.js so depending on the setup is it more secure?
Are you sharing whatever you're smoking? Allow me, as a web developer who uses both IIS and LAMP servers (depending on the exact situation), to correct some of your misconceptions.
First, Apache and IIS can both be locked down very well. It just takes an admin who knows what they're doing. The only way I'd say IIS is more secure than Apache is if we're talking about an admin who doesn't understand Apache's config files. The opposite is also true, at least for modern IIS systems (all bets are off if you're still running IIS 5). Second, it is possible to run Node.js on Apache. Perhaps not as straight forward as getting it up and running on IIS, but it is possible. Third, PCI compliance is an equal headache on either system in my experience.
> a single company – the Nobis Technology Group – switching to IIS
It seems likely that company has a huge stack of parked sites. Microsoft has, in the past, been known to 'donate' servers and software to host parked sites to boost their share - one box can hold several thousand sites that have zero content and no traffic (other than Netcraft poking around).
The 2nd table seems to give a more realistic indication of the proportions of real sites.
> if it wasn't from a totally anonymous ...
Said the Anonymous Coward. But then he is more believable than 'The Vogon' even when he forgets to tick the checkbox.
> but I can't imagine for a minute that they paid you to run IIS.
Microsoft paid Nokia a $billion a year to use Windows Phone. Your admitted lack of imagination is not a constraint on how Microsoft marketing applies its billions.
GoDaddy went IIS some years ago as well, that caused a spike as well, back in the day.
IIS is for idiots. It is nice and easy SSO solution for corporate intranet in windows only shops with window cleaner admins, for us who understand this shit, LAMP/nginx/tomcat are way better alternatives. Besides, IIS runs on windows server only, nuff said.
What I like on netcraft, is the availability metrics ...FreeBSD and Linux beat everything else.
This post has been deleted by its author
nginx is primarily a reverse proxy load balancer with a neat edge host for static content and termination for encryption. For Java/Mono apps it does away with the need for a full Apache web server and helps the like of Node.JS scale.
Microsoft's ISA server does the equivalent, but reports IIS as the host type.
Thanks to Mr Snowdon many more web sites are going to move to https for everything (including static content) so Nginx can expect much better growth because the CPU load of SSL is a big motivator for reverse proxies.
It is Apples & Pears because Nginx might just be fronting Apache/IIS.. All that is clear id that nobody is using Squid anymore
My thoughts exactly. I think it's pretty rare and unique circumstances that make someone run nginx as their primary web server software (at least at the present time). It would typically be a front end/proxy for another server instance. Imagine if Varnish identified itself as the "web server" instead of passing through what was behind it.
All in all, I don't think it really matters what web server someone is running, as long as it gets the job done and you can configure things correctly and securely. Even if IIS jumped over apache, does that mean Apache will die off? Of course not. Now if PCI compliance checking companies started saying stuff like "well, you need to be running the top web server in order to make things secure", then we'd start having problems.
Oh look, another of these articles again. The growth is for *all* sites, but look at the *active* sites graph
Apache - 1.81
Nginx +1.49
Microsoft 0.18 (yes, barely registered a blip)
Seems that MS' server product is the best thing to keep your *parked* domains on :D
This article is a bad joke, hope you did not pay the guy money for it.
I don't believe these stats because, well, it's rubbish. I hardly ever see IIS in the wild these days.
And personally, I wouldn't even trust it to run a domain parking page, which seems to account for most of the IIS market last time I looked.
One thing that may add an element of truth is people starting to use Azure's cloud object storage service, whatever that's called, and adding DNS records to it.
What everyone doesn't realise is that the Azure cloud is probably running haproxy, nginx, Apache just with the Server HTTP header changed to appear as IIS. I joke of course but the thought of Microsoft trusting their own software to handle the business-critical applications of paying customers has put me right off my breakfast.
Hmm, I suppose... think of the types who haven't learned anything new since they were hand-held through uni. Cobbling together intranet sites in VB.NET, no worries of browsers other than whatever old version of IE they use.
Copying and pasting code from abandoned forums, using bloated calendar controls bought 8 years ago that haven't been updated since IE7, with the viewstate getting larger than the content. There's no competing intranet site, there's no motiviation to improve. The user's expect it to run crap.
"Have you tried compatability mode??", "Don't upgrade, they broke it!", "Chrome spies on you".
If it starts going slow, or eats memory.. a reboot will fix it. The smarter might even rip-off a VB6 "service" to automate it.
IIS Manager? What's that?
Yep. IIS has it's place.
[I am currently polishing this type of guy's turd]
That's the thing with statistics - slice them up and you can prove anything you like, even multiple contrary proofs simultaneously - Anyone remember "lies, damn lies and statistics"?
Personally whenever I see the figures for "active sites" (i.e. trying to filter out "parked" domains/sites) I imagine someone at Apache blowing a raspberry and shouting "we still have over half the web, suckers!"
American, UK and some European countries' obsession over numbers has become ridiculous. Any person, company - like the Nobis Technology Group, organization or government who move to Microfoft IIS against Apache or nginx need their collective heads examined, since IIS has never, ever, never, ever proven to be as stable, robust, flexible and "especially" as secure as these two latter mentioned applications.
However I respect that in most democratic countries ,one has the right to make bad choices, as is so often done, purely as a result of susceptibility to marketing hype, "brand name" recognition and popularity, and personal preferences that can have nothing what-so-ever to do with sound technical knowledge or judgment. Get paid lots of money is OK initially, until the security vulnerability bottom falls out.
I suppose that Simon Sharwood wanted to play an early April Fool joke. He surely has checked the data and seen that somebody just dumped millions of inactive sites on IIS just because they had unused servers available.
Looking at the real data Apache is running more than 50% of the active servers worldwide.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
