Would you like to use stable version of Ferron? Visit Ferron 1.x website
Ferron is a fast web server with automatic TLS certificate management, easy configuration, and rock-solid security — so you can go live in minutes.
Command unavailableWatch, as Ferron serves a website with automatic TLS setup in minutes.
Despite powering much of the internet, popular web servers (such as Apache and NGINX) weren't designed for ease of use, security, or modern developer experience.
Have you spent hours configuring a web server just to set up a website? NGINX configs can become verbose, even for something as common as a high-performance reverse proxy. Apache's directives can be hard to navigate too, with many options that can make simple tasks needlessly hard.
Many popular web servers (including Apache and NGINX) are written in programming languages and use libraries that aren't designed for memory safety. This caused many issues, such as Heartbleed in OpenSSL, putting servers at unnecessary risk.
Apache's architecture can struggle under modern workloads, often underperforming compared to newer, leaner servers. This means wasted resources and slower response times for your website visitors.
Designed with modern web hosting needs in mind, Ferron combines speed, security, and ease of use in one powerful package.
Thoroughly optimized for speed with support for high concurrency.
Built with memory safety as a priority, eliminating common security vulnerabilities.
Automatic SSL/TLS certificate acquisition and renewal with Let's Encrypt integration.
Simple, intuitive configuration with sensible, secure defaults and comprehensive documentation.
Advanced reverse proxy capabilities with support for load balancing and health checks.
Built-in support for modern API patterns including WebSockets.
Ferron can outperform other popular web servers in performance benchmark tests across different workloads.
Higher is better | Benchmarks run on AMD Ryzen 5 8600G, 32GB RAM, with the ferrbench -c 1000 -d 60s -t 12 -h https://localhost --http2 command | Benchmarks performed on September 19, 2025
Higher is better | Benchmarks run on AMD Ryzen 7 8700G, 32GB RAM, with the ferrbench -c $CONCURRENCY -d 5s -t 16 -h https://localhost --http2 command | Benchmarks performed on October 26, 2025
Lower is better | Benchmarks run on AMD Ryzen 7 8700G, 32GB RAM, with the ferrbench -c $CONCURRENCY -d 5s -t 16 -h https://localhost --http2 command | Benchmarks performed on October 26, 2025
Higher is better | Benchmarks run on AMD Ryzen 5 8600G, 32GB RAM, with the ferrbench -c 100 -d 60s -t 12 -h https://localhost --http2 command | Benchmarks performed on June 13, 2025
Get started with Ferron in minutes. Choose your preferred platform and installation method.
Command unavailableFerron has simple, intuitive configuration, compared to more complex configurations of some popular web servers.
server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /var/www/html;
gzip on;
location / {
try_files $uri $uri/ =404;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
root "/var/www/html"
}upstream backend {
server localhost:3000;
keepalive 32;
}
server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
proxy "http://localhost:3000"
}server {
listen 80;
listen 443 ssl http2;
server_name example.com;
server_tokens off;
# Assuming you use Certbot for automatic certificate management
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /var/www/html;
index index.php index.html index.htm;
location / {
gzip on;
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
# The "fastcgi.conf" is located in the NGINX configuration directory (at least on Debian-based systems)
include fastcgi.conf;
}
}// TLS certificate is obtained automatically by Ferron
example.com {
root "/var/www/html"
// Check if the PHP-FPM socket file is accessible by the web server user, often "ferron"
fcgi_php "unix:///var/run/php/php-fpm.sock"
}Don't take our word for it — hear from the system administrators and developers who use Ferron every day.
I suspect that people don't like changing web servers, and perhaps that's why it took the industry so long to move away from Apache. Ferron actually looks great — great performance, automatic TLS, easy reverse proxy configuration and more. Congrats on shipping this!
You may want to check out what Ferron is doing. I've been using it for a few months. Highly recommend. (...) Significantly easier to set up than nginx, and by far the most effortless auto TLS integration. (...) Highly recommend using the v2 docker images though. It now uses KDL for configuration, which is much cleaner than YAML. The syntax is versatile enough that you can create a custom DSL of sorts. Ferron uses it to replicate if statements, and uses them to filter access by IP or headers.
Join many sysadmins and developers using Ferron to serve websites faster, more securely, and with less overhead.