The Apache HTTP Server ( ) is a free and

open-source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized so ...

cross-platform

web server A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initia ...

software, released under the terms of Apache License 2.0. Apache is developed and maintained by an open community of developers under the auspices of the

Apache Software Foundation The Apache Software Foundation (ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open source software projects. The ASF was formed from a group of developers of the ...

. The vast majority of Apache HTTP Server instances run on a

Linux distribution A Linux distribution (often abbreviated as distro) is an operating system made from a software collection that includes the Linux kernel and, often, a package management system. Linux users usually obtain their operating system by downloading one ...

, but current versions also run on

Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ...

OpenVMS OpenVMS, often referred to as just VMS, is a multi-user, multiprocessing and virtual memory-based operating system. It is designed to support time-sharing, batch processing, transaction processing and workstation applications. Customers using Ope ...

, and a wide variety of

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

systems. Past versions also ran on

NetWare NetWare is a discontinued computer network operating system developed by Novell, Inc. It initially used cooperative multitasking to run various services on a personal computer, using the IPX network protocol. The original NetWare product in ...

OS/2 OS/2 (Operating System/2) is a series of computer operating systems, initially created by Microsoft and IBM under the leadership of IBM software designer Ed Iacobucci. As a result of a feud between the two companies over how to position OS/2 r ...

and other operating systems, including ports to mainframes. Originally based on the NCSA HTTPd server, development of Apache began in early 1995 after work on the NCSA code stalled. Apache played a key role in the initial growth of the

World Wide Web The World Wide Web (WWW), commonly known as the Web, is an information system enabling documents and other web resources to be accessed over the Internet. Documents and downloadable media are made available to the network through web ...

, quickly overtaking NCSA HTTPd as the dominant

HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide We ...

server. In 2009, it became the first web server software to serve more than 100 million

website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and W ...

s. ,

Netcraft Netcraft is an Internet services company based in Bath, Somerset, England. The company provides cybercrime disruption services across a range of industries. History Netcraft was founded by Mike Prettejohn. The company provides web server and ...

estimated that Apache served 23.04% of the million busiest websites, while

Nginx Nginx (pronounced "engine x" ) is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Igor Sysoev and publicly released in 2004. Nginx is free and open-source softw ...

served 22.01%. Cloudflare at 19.53% and Microsoft

Internet Information Services Internet Information Services (IIS-pronounced 2S, formerly Internet Information Server) is an extensible web server software created by Microsoft for use with the Windows NT family. IIS supports HTTP, HTTP/2, HTTPS, FTP, FTPS, SMTP and NN ...

at 5.78% rounded out the top four. For some of Netcraft's other stats Nginx is ahead of Apache. According to W3Techs review of all web sites in June 2022 Apache was ranked second at 31.4% and Nginx first at 33.6%, with Cloudflare Server third at 21.6%.

Name

According to

The Apache Software Foundation The Apache Software Foundation (ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open source software projects. The ASF was formed from a group of developers of the A ...

, its name was chosen "from respect for the various Native American nations collectively referred to as

Apache The Apache () are a group of culturally related Native American tribes in the Southwestern United States, which include the Chiricahua, Jicarilla, Lipan, Mescalero, Mimbreño, Ndendahe (Bedonkohe or Mogollon and Nednhi or Carrizaleño a ...

, well-known for their superior skills in warfare strategy and their inexhaustible endurance". This was in a context in which it seemed that the open internet -- based on free exchange of open source code -- appeared to be soon subjected to a kind of conquer by proprietary software vendor

Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washi ...

; Apache co-creator

Brian Behlendorf Brian Behlendorf (born March 30, 1973) is an American technologist, executive, computer programmer and leading figure in the open-source software movement. He was a primary developer of the Apache Web server, the most popular web server software ...

-- originator of the name -- saw his effort somewhat parallel that of

Geronimo Geronimo ( apm, Goyaałé, , ; June 16, 1829 – February 17, 1909) was a prominent leader and medicine man from the Bedonkohe band of the Ndendahe Apache people. From 1850 to 1886, Geronimo joined with members of three other Central Apache b ...

, Chief of the last of the free Apache peoples. But it conceded that the name "also makes a cute

pun A pun, also known as paronomasia, is a form of word play that exploits multiple meanings of a term, or of similar-sounding words, for an intended humorous or rhetorical effect. These ambiguities can arise from the intentional use of homophoni ...

on 'a patchy

'—a server made from a series of patches". There are other sources for the "patchy" software pun theory, including the project's official documentation in 1995, which stated: "Apache is a cute name which stuck. It was based on some existing code and a series of software patches, a pun on 'A PAtCHy' server." But in an April 2000 interview, Behlendorf asserted that the origins of Apache were not a pun, stating: When Apache is running under

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, ...

, its process name is , which is short for "HTTP daemon".

Feature overview

Apache supports a variety of features, many implemented as

compiled In computing, a compiler is a computer program that translates computer code written in one programming language (the ''source'' language) into another language (the ''target'' language). The name "compiler" is primarily used for programs tha ...

modules Broadly speaking, modularity is the degree to which a system's components may be separated and recombined, often with the benefit of flexibility and variety in use. The concept of modularity is used primarily to reduce complexity by breaking a s ...

which extend the core functionality. These can range from

authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...

schemes to supporting

server-side In the client–server model, server-side refers to programs and operations that run on the server. This is in contrast to client-side programs and operations which run on the client. General concepts Typically, a server is a computer applicati ...

programming languages such as

Perl Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was offic ...

, Python, Tcl and PHP. Popular authentication modules include mod_access, mod_auth, mod_digest, and mod_auth_digest, the successor to mod_digest. A sample of other features include

Secure Sockets Layer Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...

and

Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...

support ( mod_ssl), a

proxy Proxy may refer to: * Proxy or agent (law), a substitute authorized to act for another entity or a document which authorizes the agent so to act * Proxy (climate), a measured variable used to infer the value of a variable of interest in climate re ...

module ( mod_proxy), a

URL rewriting In web applications, a rewrite engine is a software component that performs rewriting on URLs (Uniform Resource Locators), modifying their appearance. This modification is called URL rewriting. It is a way of implementing URL mapping or routing ...

module (mod_rewrite), custom log files (mod_log_config), and filtering support (mod_include and mod_ext_filter). Popular compression methods on Apache include the external extension module, mod_gzip, implemented to help with reduction of the size (weight) of web pages served over

. ModSecurity is an open source intrusion detection and prevention engine for Web applications. Apache logs can be analyzed through a Web browser using free scripts, such as AWStats/ W3Perl or Visitors.

Virtual hosting Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring al ...

allows one Apache installation to serve many different

websites A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and Wiki ...

. For example, one computer with one Apache installation could simultaneously serve example.com, example.org, test47.test-server.example.edu, etc. Apache features configurable error messages,

DBMS In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases ...

-based authentication databases,

content negotiation Content negotiation refers to mechanisms defined as a part of HTTP that make it possible to serve different versions of a document (or more generally, representations of a resource) at the same URI, so that user agents can specify which version f ...

and supports several

graphical user interface The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, ins ...

s (GUIs). It supports password authentication and digital certificate authentication. Because the source code is freely available, anyone can adapt the server for specific needs, and there is a large public library of Apache add-ons. A more detailed list of features is provided below: * Loadable Dynamic Modules * Multiple Request Processing modes (MPMs) including Event-based/Async, Threaded and Prefork. * Highly scalable (easily handles more than 10,000 simultaneous connections) * Handling of static files, index files, auto-indexing and content negotiation * .htaccess per-directory configuration support *

Reverse proxy In computer networks, a reverse proxy is the application that sits in front of back-end applications and forwards client (e.g. browser) requests to those applications. Reverse proxies help increase scalability, performance, resilience and securi ...

with caching ** Load balancing with in-band health checks ** Multiple load balancing mechanisms **

Fault tolerance Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more faults within some of its components. If its operating quality decreases at all, the decrease is proportional to the ...

and Failover with automatic recovery ** WebSocket,

FastCGI FastCGI is a binary protocol for interfacing interactive programs with a web server. It is a variation on the earlier Common Gateway Interface (CGI). FastCGI's main aim is to reduce the overhead related to interfacing between web server and CGI ...

SCGI The Simple Common Gateway Interface (SCGI) is a protocol for applications to interface with HTTP servers, as an alternative to the CGI protocol. It is similar to FastCGI but is designed to be easier to parse. Unlike CGI, it permits a long-running ...

, AJP and

uWSGI uWSGI is an open source software application that "aims at developing a full stack for building hosting services". It is named after the Web Server Gateway Interface (WSGI), which was the first plugin supported by the project. uWSGI is maintai ...

support with caching ** Dynamic configuration *

TLS/SSL Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in secur ...

with

SNI SNI may refer to: Science and technology * Substitution nucleophilic internal, a chemistry reaction mechanism * Swedish Standard Industrial Classification, a Swedish economic classification system * Server Name Indication, an extension to the ...

and OCSP stapling support, via

OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HT ...

or wolfSSL. * Name- and IP address-based virtual servers *

IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. I ...

-compatible * HTTP/2 support * Fine-grained authentication and authorization access control * gzip compression and decompression * URL rewriting * Headers and content rewriting * Custom logging with rotation * Concurrent connection limiting * Request processing rate limiting * Bandwidth throttling *

Server Side Includes Server Side Includes (SSI) is a simple interpreted server-side scripting language used almost exclusively for the World Wide Web. It is most useful for including the contents of one or more files into a web page on a web server (see below), using ...

IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...

-based geolocation * User and Session tracking *

WebDAV WebDAV (Web Distributed Authoring and Versioning) is a set of extensions to the Hypertext Transfer Protocol (HTTP), which allows user agents to collaboratively author contents ''directly'' in an HTTP web server by providing facilities for con ...

* Embedded

, PHP and Lua scripting * CGI support * public_html per-user web-pages * Generic expression parser * Real-time status views * FTP support (by a separate module)

Performance

Instead of implementing a single architecture, Apache provides a variety of MultiProcessing Modules (MPMs), which allow it to run in either a process-based mode, a hybrid (process and thread) mode, or an event-hybrid mode, in order to better match the demands of each particular infrastructure. Choice of MPM and configuration is therefore important. Where compromises in performance must be made, Apache is designed to reduce latency and increase

throughput Network throughput (or just throughput, when in context) refers to the rate of message delivery over a communication channel, such as Ethernet or packet radio, in a communication network. The data that these messages contain may be delivered ove ...

relative to simply handling more requests, thus ensuring consistent and reliable processing of requests within reasonable time-frames. For delivering static pages, Apache 2.2 series was considered significantly slower than

nginx Nginx (pronounced "engine x" ) is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Igor Sysoev and publicly released in 2004. Nginx is free and open-source softw ...

and

varnish Varnish is a clear transparent hard protective coating or film. It is not a stain. It usually has a yellowish shade from the manufacturing process and materials used, but it may also be pigmented as desired, and is sold commercially in variou ...

. To address this issue, the Apache developers created the Event MPM, which mixes the use of several processes and several threads per process in an

asynchronous Asynchrony is the state of not being in synchronization. Asynchrony or asynchronous may refer to: Electronics and computing * Asynchrony (computer programming), the occurrence of events independent of the main program flow, and ways to deal wit ...

event-based loop. This architecture as implemented in the Apache 2.4 series performs at least as well as event-based web servers, according to

Jim Jagielski Jim Jagielski (born March 11, 1961) is an American software engineer, who specializes in web, cloud and open source technologies. Biography Jagielski graduated from the Johns Hopkins University in 1983 with a BES in Electrical/Computer En ...

and other independent sources. However, some independent but significantly outdated benchmarks show that it is still half as fast as nginx, e.g.

Licensing

The Apache HTTP Server codebase was relicensed to the Apache 2.0 License (from the previous 1.1 license) in January 2004, and Apache HTTP Server 1.3.31 and 2.0.49 were the first releases using the new license. The

OpenBSD OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project e ...

project did not like the change and continued the use of pre-2.0 Apache versions, effectively forking Apache 1.3.x for its purposes. They initially replaced it with

, and soon after made their own replacement, OpenBSD Httpd, based on the Relayd project.

Versions

Version 1.1: The Apache License 1.1 was approved by the ASF in 2000: The primary change from the 1.0 license is in the 'advertising clause' (section 3 of the 1.0 license); derived products are no longer required to include attribution in their advertising materials, only in their documentation. Version 2.0: The ASF adopted the Apache License 2.0 in January 2004. The stated goals of the license included making the license easier for non-ASF projects to use, improving compatibility with GPL-based software, allowing the license to be included by reference instead of listed in every file, clarifying the license on contributions, and requiring a patent license on contributions that necessarily infringe a contributor's own patents.

Development

The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, feature-rich and freely available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. This project is part of the Apache Software Foundation. In addition, hundreds of users have contributed ideas, code, and documentation to the project. Apache 2.4 dropped support for

BeOS BeOS is an operating system for personal computers first developed by Be Inc. in 1990. It was first written to run on BeBox hardware. BeOS was positioned as a multimedia platform that could be used by a substantial population of desktop users an ...

, TPF,

A/UX A/UX is Apple Computer's Unix-based operating system for Macintosh computers, integrated with System 7's graphical interface and application compatibility. Launched in 1988 and discontinued in 1995 with version 3.1.1, it is Apple's first offic ...

NeXT Next may refer to: Arts and entertainment Film * ''Next'' (1990 film), an animated short about William Shakespeare * ''Next'' (2007 film), a sci-fi film starring Nicolas Cage * '' Next: A Primer on Urban Painting'', a 2005 documentary film Lit ...

, and

Tandem Tandem, or in tandem, is an arrangement in which a team of machines, animals or people are lined up one behind another, all facing in the same direction. The original use of the term in English was in ''tandem harness'', which is used for two ...

platforms.

Security

Apache, like other server software, can be hacked and exploited. The main Apache attack tool is Slowloris, which exploits a bug in Apache software. It creates many sockets and keeps each of them alive and busy by sending several bytes (known as "keep-alive headers") to let the server know that the computer is still connected and not experiencing network problems. The Apache developers have addressed Slowloris with several modules to limit the damage caused; the Apache modules mod_limitipconn,

mod_qos mod_qos is a quality of service (QoS) module for the Apache HTTP server implementing control mechanisms that can provide different priority to different requests. Description A web server can only serve a limited number of concurrent requests. Q ...

, mod_evasive,

mod security ModSecurity, sometimes called Modsec, is an open-source web application firewall (WAF). Originally designed as a module for the Apache HTTP Server, it has evolved to provide an array of Hypertext Transfer Protocol request and response filterin ...

, mod_noloris, and mod_antiloris have all been suggested as means of reducing the likelihood of a successful Slowloris attack. Since Apache 2.2.15, Apache ships the module mod_reqtimeout as the official solution supported by the developers.

References

External links

* {{Authority control 1995 software HTTP Server Cross-platform free software Free software programmed in C Free web server software Reverse proxy Software using the Apache license Unix network-related software Web server software for Linux Web server software