Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

FastCGI, the 30-year-old protocol, is argued to be a safer alternative to HTTP for reverse proxy-to-backend communication. HTTP/1.1's ambiguous framing enables desync/request-smuggling attacks, and its lack of structural separation between trusted proxy headers and untrusted client headers creates persistent security vulnerabilities. FastCGI solves both problems: it uses explicit message framing (eliminating desync), and prefixes HTTP headers with 'HTTP_' to structurally separate them from trusted proxy parameters like REMOTE_ADDR. Popular proxies (nginx, Apache, Caddy, HAProxy) support FastCGI backends, and Go's standard library makes switching trivial. Downsides include no WebSocket support, less tooling, and potentially lower throughput due to less optimization.

FastCGI: 30 Years Old and Still the Better Protocol for Reverse Proxies

<p>I’m intrigued.  There is just so much tech from yesteryear that go so much right.  Today, it gets buried under the hype</p>


<p>Great article with clear use cases when and why to remember FCGI.</p>
