[Django]-Do I need Nginx with Gunicorn if I am not serving any static content?

It is recommended in Gunicorn docs to run it behind a proxy server.

Technically, you don’t really need Nginx.

BUT it’s the Internet: your server will receive plenty of malformed HTTP requests which are made by bots and vulnerability scanner scripts. Now, your Gunicorn process will be busy parsing and dealing with these requests instead of serving genuine clients.

With Nginx in front, it will terminate these requests without forwarding to your Gunicorn backend.

Most of these bots make requests to your IP address, instead of your domain name. So it’s really easy to configure Nginx to ignore requests made to IP address and only serve requests made to your domain. This is far more secure and faster than relying on Django’s ALLOWED_HOSTS settings.

Also, it’s much easier to find resources for Nginx about protecting your server, like blacklisting rogue IP addresses or user agents, etc. Compare these two google searches: nginx ban ip vs gunicorn ban ip. You can see Nginx search has more resources.

If you’re worried about performance, then rest assured Nginx will not be the bottleneck. If you really want to optimise performance, database querying will be the first place to start.

No, I no longer deploy nginx specifically for the python app. I may have an application load balancer / nginx in the path to split requests to other apps, but not for load management. If using asyncio based systems, I typically don’t even use an app server (uwsgi/gunicorn). This is including apps with very high throughput. Every layer of reverse-proxy / layer-7 load balancing will add a touch of latency- don’t add it if you don’t need it.

Even if you don’t use NGINX for serving static assets putting gunicorn behind a proxy server is the recommended setup.

For example, putting gunicorn behind a proxy will allow to add some back pressure to your system in order to protect you from attacks such as Slowloris.