I have no illusions about OpenBSD's httpd being able to replace nginx or Apache in larger deployments, or that the latter cannot be configured to be just as safe and robust, but for the lone hacker or researcher who just needs a simple web server to serve static files or front FastCGI, OpenBSD's httpd is an excellent fit.
The sharp-eyed, who have compared that manual with the Bernstein original, will have noted that mentioning UCSPI-SSL is one of the very doco modernizations that I did. (-:
I want to have a simple web server on my server at home to run a distro mirror and some other HTTP-centric things
I install lighttpd, and just dump all the files I want to serve in /var/www/localhost/htdocs
Start the daemon, bam, working. No messing about with htaccess or other things
For example one ommission that bit me is the lack of native-support for the X-Forwarded-For header, making it hard to use behind a reverse proxy. At the time I last looked the most common-patch for this didn't support IPv6 addresses which was a real show-stopper. Of course this was back in 2011 so things might have changed:
The original author stopped accepting patches to thttpd back in 2004 though, unless something has changed recently it's a little hard to recommend it for general-purpose use. That's lead to divergence in features between a few distributions.
(I run maybe 30 websites on one box. I run each one under a different UID, with a dedicated instance of lighttpd for each site - then I use haproxy/apache as the front-end. In the past I used thttpd, because I wanted things to be minimal, but I realized that thttpd was too minimal.)
Some of us have to sling some Oracle for a living.
Also here's the revised patchset, which is more thorough and changes some config syntax:
https://marc.info/?l=openbsd-tech&m=152763343417988&w=2 (adds rewrite)
Sure, it lacks tests - and it's had a couple revisions since… but it's something to behold.
Until then, it seems the recommendation is to run relayd in front of httpd, in order to add such headers.