mod_pagespeed alternative
mod_pagespeed is Google's open-source web optimization module — image optimization, CSS and JS
minification, critical CSS injection — first released in 2010 and shipped as Apache (mod_pagespeed) and Nginx (ngx_pagespeed) modules. Google donated the project to the Apache Software Foundation in 2017; the
Apache Incubator podling retired in 2023, and the repositories were marked read-only on
GitHub in 2025.
The repository still exists, read-only, at apache/incubator-pagespeed-mod. The 1.13.35.2 binaries still install, still build, and still serve pages. They also haven't received a security patch in years, don't build against newer Apache releases, don't emit Core Web Vitals telemetry, and don't ship AVIF.
If you're searching for "mod_pagespeed alternative", you have two actively-maintained successors: ModPageSpeed 2.0 and mod_pagespeed 1.1.
A short history
| Year | Event |
|---|---|
| 2010 | Google releases mod_pagespeed for Apache |
| 2013 | Nginx port released as ngx_pagespeed |
| 2017 | Google donates the project to the Apache Software Foundation; active Google development ends |
| 2020 | Final 1.13.35.2 release |
| 2023 | Apache Incubator podling retires |
| 2025 | GitHub repositories marked read-only |
| 2026 | Active continuations: ModPageSpeed 2.0 (rewrite) and mod_pagespeed 1.1 (lineage continuation) |
We-Amp B.V. — founded by mod_pagespeed maintainer Otto van der Schaaf — develops both continuations. The open-source history on we-amp.com has the longer version of how the project changed hands.
Why people are looking for an alternative
The archived 1.13.35.2 binaries still run, but the cost is accumulating:
- No security patches in years. Unpatched dependencies (libpng, libwebp, libjpeg, ICU) carry known CVEs (e.g. libwebp CVE-2023-4863).
- No build against newer Apache releases. Builds against current Apache trunk fail.
- No Core Web Vitals tooling. LCP and INP signals are missing from the filter set.
- No modern image formats. AVIF support never landed.
- Toolchain rot. Bazel pre-2.x, glibc constraints, and pinned Python 2 in the build scripts.
ModPageSpeed 2.0 — the rewrite
ModPageSpeed 2.0 is a from-scratch rewrite designed for nginx and container-native
deployment. A separate worker process reads originals from a shared cache, generates up to
36 variants per asset (WebP, AVIF, viewport sizes, pixel densities, save-data), and writes
them back. Nginx serves cache hits via zero-copy mmap.
Different architecture, same optimization libraries that mod_pagespeed proved at scale.
# nginx with Docker Compose
curl -fsSL https://get.modpagespeed.com | shRead the docs · Try the 14-day trial
mod_pagespeed 1.1 — the lineage continuation
mod_pagespeed 1.1 continues the original codebase. Same configuration syntax, same filters, same admin console. New: CVE patches, modern toolchain, AVIF, Cyclone Cache, Apache 2.4+, nginx 1.30, IIS, and Envoy ports.
If you have a 1.13.35.2 deployment and want a security-patched drop-in, this is the path.
# nginx
load_module modules/ngx_pagespeed.so;
pagespeed on;
pagespeed FileCachePath /var/cache/ngx_pagespeed;# Apache
LoadModule pagespeed_module modules/mod_pagespeed.so
ModPagespeed on
ModPagespeedFileCachePath /var/cache/mod_pagespeedmod_pagespeed 1.1 docs · Package repositories (packages.modpagespeed.com)
2.0 or 1.1 — which one
| Use case | Choose |
|---|---|
| New nginx deployment, want modern architecture | ModPageSpeed 2.0 |
Existing mod_pagespeed 1.13.35.2 deployment, want a drop-in security upgrade | mod_pagespeed 1.1 |
| Apache, IIS, or Envoy server | mod_pagespeed 1.1 |
| ASP.NET Core application | WeAmp.PageSpeed NuGet middleware (uses the 1.1 core) |
| Want WebP + AVIF + critical CSS + variant-aware caching out of the box | ModPageSpeed 2.0 |
Migration
The 1.1 configuration syntax is the same as 1.13.35.2 — most installs are a package swap. For 2.0, configuration is intentionally minimal and migration is a re-architecture rather than a drop-in. See getting started for the 2.0 install path, and the deeper comparison for choosing between the two.
Frequently asked questions
Is mod_pagespeed deprecated?
Yes. Google handed mod_pagespeed to the Apache Software Foundation in 2017. The Apache Incubator podling retired in 2023, and the repositories were marked read-only on GitHub in 2025. The 1.13.35.2 binaries still install but have not received security patches in years.
What happened to mod_pagespeed?
Google moved on after the 2017 donation to the Apache Incubator. We-Amp shipped the final 1.13.35.2 release. The repository at apache/incubator-pagespeed-mod is now read-only.
What is the modern replacement for mod_pagespeed?
Two actively-maintained continuations from We-Amp: ModPageSpeed 2.0 (a from-scratch rewrite for nginx and container-native deployment) and mod_pagespeed 1.1 (the lineage continuation with the same configuration syntax, plus security patches and AVIF).
Can I still use mod_pagespeed 1.13.35.2?
It still runs. It also has no security patches in years, doesn't build against newer Apache releases, has no AVIF, and a build toolchain that wants Bazel 0.x and Python 2. If your threat model accepts unpatched dependencies, you can keep running it.
Should I choose ModPageSpeed 2.0 or mod_pagespeed 1.1?
Pick 1.1 if you have an existing pagespeed-style configuration you want to keep working. Pick 2.0 if you're starting fresh, or if AVIF, variant-aware caching, and zero-copy serving are worth a re-architecture.
Try one
- ModPageSpeed 2.0 —
curl -fsSL https://get.modpagespeed.com | sh· 14-day trial · docs - mod_pagespeed 1.1 — package repos · docs