[BitPirate]

If a webserver requires additional tools for the user to avoid all these pitfalls, maybe just maybe it should re-evaluate its defaults.

[jgalt212]

Yeah, the config checker should be built-in, and if it does not pass, then one must use --force or similar to start the server.

[ndocjdn]

But then how will nginx continue to pretend that it is still 1995?

nginx was once amazing, but it’s decidedly bad now when compared to modern webservers.

[nubinetwork]

What is a modern webserver? I only use Apache or nginx... anything cobbled together with nodejs or go doesn't count.

[TheFlyingFish]

Caddy has been my default choice recently: https://caddyserver.com

Among other things, it features automatic TLS via ACME and dead-simple configuration for my most common use cases: namely, serving a directory of static files and reverse-proxying to an app server.

It is written in Go, but I certainly wouldn't describe it as "cobbled together."

I'm also a fan of Traefik but it's strictly a reverse proxy, there's not even built-in support for serving static files. But it's great if you have e.g. a bunch of containers on a single host and you want to front them all with a single load balancer.