In this issue

As covered last week, support for apachectl's start/stop/restart functionality has been integrated into the httpd binary itself for the next release of Apache 2.0, using the -k command line option. The intention is that in basic installations, the HTTP server can be started by running httpd -k start, and stopped using httpd -k stop.

The naming of release archives was raised as a possible source of confusion for Apache users on Win32 platforms. For Windows users who wish to compile Apache by hand, a .zip is posted alongside the standard .tar.gz for each release, containing the Apache source converted to use the DOS newline convention. It is feared that many users looking for the Win32 installer binaries (stored in a different location) are downloading this source .zip archive by mistake. Naming strategies are being devised to attempt to alleviate this confusion.

Other topics under discussion on the development list include a deadlock discovered in the worker MPM and some problems with mod_cache in 2.0.

In this section we highlight some of the articles on the web that are of interest to Apache users.

The administrator at cgisecurity.com has written "The Cross Site Scripting FAQ" to clarify what this security issue really means, and what its threats are. The article demonstrates a simple method of stealing a cookie and examines a few examples of cross site scripting attacks. The official Apache website also has a few articles regarding this issue with information specific to Apache 1.3.

PHP's creator, Rasmus Lerdorf reveals his innermost thoughts in an interview hosted by the SitePoint community forums. Find out what his opinions are on the best web server to run PHP on, and what lies ahead for PHP.

"Poor Sysadmin's Guide to Remote Linux Administration" lets you in on the secrets of how to survive as a system administrator on a low budget who is far, far away from his machines. Since using a "daemon monitoring daemon" tool is the way to go, Kendall Clark reviews 4 such utilities: supervise, mon, monit, and Dms. He also shows us how easy it is to monitor an Apache web server using one of these tools.