Ferron is a fast web server with automatic TLS certificate management, easy configuration, and rock-solid security — so you can go live in minutes.
Command not availableWatch, as Ferron serves a website with automatic TLS setup in minutes.
Despite powering much of the internet, popular web servers (such as Apache and NGINX) weren't designed for ease of use, security, or modern developer experience.
Have you spent hours configuring a web server just to set up a website? NGINX configs can become verbose, even for something as common as a high-performance reverse proxy. Apache's directives can be hard to navigate too, with many options that can make simple tasks needlessly hard.
Many popular web servers (such as Apache and NGINX) are written in memory-unsafe languages (like C) and rely on low-level libraries. While mature and widely audited, this class of software has historically been more vulnerable to memory-safety bugs, such as Heartbleed in OpenSSL, increasing the potential impact of defects.
Apache's traditional process- and thread-based architectures can be less efficient under high concurrency and modern workloads, often needing more resources to achieve the same throughput as newer, event-driven servers.
Designed with modern web hosting needs in mind, Ferron combines speed, security, and ease of use in one powerful package.
Thoroughly optimized for speed with support for high concurrency.
Built with memory safety as a priority, eliminating common security vulnerabilities.
Automatic SSL/TLS certificate acquisition and renewal with Let's Encrypt integration.
Simple, intuitive configuration with sensible, secure defaults and comprehensive documentation.
Advanced reverse proxy capabilities with support for load balancing and health checks.
Built-in support for modern API patterns including WebSockets.
Ferron delivers high performance under real-world web workloads, without requiring expert-level tuning.
Designed for large numbers of simultaneous connections without artificial keep-alive limits or backend pool starvation.
Optimized for modern protocols (HTTP/2 and experimental HTTP/3), allowing for efficient multiplexing and low-latency connections.
Asynchronous event-driven architecture provides predictable performance and lower memory usage under load.
High performance out of the box; you don't have to adjust worker counts, pools, or any other hidden limits.
Get started with Ferron in minutes. Choose your preferred platform and installation method.
Command not availableFerron has simple, intuitive configuration, compared to more complex configurations of some popular web servers.
server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /var/www/html;
gzip on;
location / {
try_files $uri $uri/ =404;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
root "/var/www/html"
}upstream backend {
server localhost:3000;
keepalive 32;
}
server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
proxy "http://localhost:3000"
}server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /var/www/html;
index index.php index.html index.htm;
location / {
gzip on;
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
# The "fastcgi.conf" is located in the NGINX configuration directory (at least on Debian-based systems)
include fastcgi.conf;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
root "/var/www/html"
// Check if the PHP-FPM socket file is accessible by the web server user, often "ferron"
fcgi_php "unix:///var/run/php/php-fpm.sock"
}Don't take our word for it — hear from the system administrators and developers who use Ferron every day.
I suspect that people don't like changing web servers, and perhaps that's why it took the industry so long to move away from Apache. Ferron actually looks great — great performance, automatic TLS, easy reverse proxy configuration and more. Congrats on shipping this!
You may want to check out what Ferron is doing. I've been using it for a few months. Highly recommend. (...) Significantly easier to set up than nginx, and by far the most effortless auto TLS integration. (...) Highly recommend using the v2 docker images though. It now uses KDL for configuration, which is much cleaner than YAML. The syntax is versatile enough that you can create a custom DSL of sorts. Ferron uses it to replicate if statements, and uses them to filter access by IP or headers.
Join many sysadmins and developers using Ferron to serve websites faster, more securely, and with less overhead.