|
In this issue
Release: 1.1.1
Beta: None
Bugs fixed in next release:
-
Running Apache with the -v flag exits with a status value
of 1. In the next release it will exit with a 0 status.
-
Status module output format has been tidied
Apache is being prepared for a public beta release. While
there is currently no date set for the release, the
development work has slowed down to allow the internal
testing of a stable version.
The following items are under development and may be included
in the next release of Apache. See our Apache 1.2
Sneak Preview for other new features in the next release.
FastCGI
The Apache module which implements FastCGI, a faster
replacement for CGI, will be included in the next Apache
distribution.
The October Netcraft Server
Survey shows that the trend of the last couple of months
is continuing, with Apache and Microsoft growing, and NCSA
and Netscape losing market share. Apache is now used on 38%
of servers surveyed.
The two most popular Web servers according to the Netcraft
Survey are Apache and NCSA
HTTPd. Both servers are widely used, although according
to the server survey Apache is used on over twice as many
sites as NCSA, and the market share of NCSA is dropping while
Apache's is growing. This feature is designed to explain the
differences between NCSA HTTPd and Apache, so that users of
either server can decide if the other meets their
requirements better. We then look in detail at the directives
changed between NCSA and Apache, which can be used by
existing NCSA users if they decide to convert to Apache. Or
it can also act as a guide to converting the other way.
NCSA version 1.3 was the base for Apache development.
Initially, Apache was a drop-in replacement for the NCSA
HTTPd, however as both have developed there are now some
differences between the two servers. Since then, much of
Apache's code has been considerably rewritten, in particular
to allow the functionality to be extended with
modules. This feature explains how the current
versions of Apache and NCSA HTTPd differ, what features
Apache adds, and those it lacks. This is followed by a
detailed list changes between NCSA and Apache. The versions
used for the comparison are Apache 1.1.1 and NCSA HTTPd
1.5.2.
Apache Features
Perhaps the most important difference between Apache and NCSA
is that Apache is extensible via a programming API. The means
that the functionality of Apache can be extended almost
arbitrarily, via modules. The list of Apache features
given here concentrates on the functions provided by the
server in its default configuration, or with the addition of
modules distributed as part of Apache. However there are a
lot of additional modules which can be added to perform
specific tasks. See our feature on additional
modules for an idea of the extensibility of Apache.
Unless stated otherwise, the features listed in this section
are available with the default server configuration. If the
module is marked as optional, then it is part of the
official Apache distribution, but not compiled in by default.
If a module is described as third party then it is not
part of the Apache distribution.
Leaving aside the third-party modules, the main features that
Apache supports and NCSA does not are:
-
Additional authentication options: anonymous, from a
Berkeley DB file, from an mSQL or Postgres95 database
-
All directives can appear in any of the configuration files
-
An experimental proxy-cache (much improved in 1.2)
-
Call a CGI program when file of particular mime type is
accessed, with Action directive
-
Configurable logging format (with LogFormat in optional
mod_log_config module)
-
Create a user clickstream log (optional mod_cookies module)
-
Customise CGI environment variables (optional mod_env
module)
-
Dynamic module loading (optional mod_dld module)
-
Imagemap extensions - internal support (like NCSA 1.5) with
additional directives (ImapMenu, ImapBase, ImapDefault)
-
Info module which displays the compiled in modules and
current configuration
-
Listen on selected addresses and ports (Listen directive)
-
Pipe any log file to another process, instead of writing to
a file
-
Restrict access by URL with <Location> sections,
which compliments <Directory>
-
Server pool tuning with MaxSpareServers and MinSpareServers
-
Server-based content negotiation, based either on a file
listing the variants, or automatically generated from file
extensions
-
Set actions for files with particular extensions
(SetHandler and AddHandler directives)
-
Set mime type for all files in directory with ForceType
directive
-
Status module to see the status of the child processes and
what request they are currently servicing
-
Turn DNS lookups on/off at run time (HostnameLookups
directive)
-
USER_NAME environment variable set when SSI execs a CGI,
giving owner of SSI file
-
Use CERN format 'metafiles' to add header info to response
(optional mod_cern_meta module)
-
<VirtualHost> sections can contain almost any
configuration directive, with no need for
<SRMOptions> sections
The next release of Apache will add a number of major new
features, see our Apache 1.2
Sneak Preview feature.
NCSA Features
Apache does not implement these features:
-
Kerberos
-
Parsing output of CGI for SSI directives
-
Satisfy directive to allow access based on client
hostname or a username and password
-
Authentication against NIS usernames and passwords
(although there are third party modules which do this)
Changes
Some features that are available in both NCSA and Apache are
implemented differently in the servers. The detailed list of
changed directives, below, gives more information. This is a
summary of the main changes.
-
.htaccess files restricting by host
.htaccess files written using the examples on the NCSA
site which restrict by host, not by user, may not work with
Apache. The examples to restrict by host also include the
AuthName and AuthType directives, which
are only used in user authentication. The fix is to remove
any of these commands from .htaccess files which only
restrict by hostname (any AuthUserFile and
AuthGroupFile directives should also be removed).
-
DBM User and Group Files
Apache supports DBM user and group files for
authentication if the optional DBM module is used
(mod_auth_dbm). This is configured by different directives,
unlike NCSA which uses the same directives with a second
argument to specify DBM format. (Apache 1.2 will also allow
use of the same directive syntax as NCSA)
-
Digest Support
Digest authentication can be added to Apache with the
optional digest module (mod_digest).
-
FastCGI support
This is available for Apache with an third party module
(from the fastCGI
site). (It will be an optional module in Apache 1.2).
-
Non-IP Virtual Hosts
In Apache, these are implemented using the normal
<VirtualHost> sections. The name to respond to is
given in the <VirtualHost> directive or on a
ServerAlias directive. Apache does not implement
<Host>.
-
Log Files
Apache logs to the transfer log in the standard common log
format. It does not support the LogOptions
directive to build user agent and referrer information into
the log file. However, the log format can be completely
customised with the optional configurable log module
(mod_log_config), and separate agent and referer logs
created with optional modules (mod_log_agent and
mod_log_referer). In 1.2, the config log module will be the
default, and it will support multiple log files each with a
customisable format.
-
KeepAlive
The directives to support keepalive (persistent
connections) use a different syntax.
-
Server Pool
Both Apache and NCSA 'pre-fork' a pool of servers to
handle requests. However, in Apache the main (parent)
process does not handle any part of the request. In NCSA,
the parent process receives each request then hands it to a
suitable child. In Apache, a pool of 'spare' servers is
maintained, and the number of servers is configurable.
-
XBITHACK
This is a runtime directive in Apache.
Directive Changes
This section lists all the directives that NCSA supports. For
each directive, we say whether that directive exists in
Apache, and if it does, whether there is any change in
meaning or syntax. Where directives do not exist in Apache,
we either give an alternative method of implementing it in
Apache, or state that the feature related to that directive
is not implemented (if it will be implemented in Apache 1.2,
we note it here).
Apache does not distinguish between the three configuration
files that NCSA HTTPd uses. That is, in Apache, any directive
can appear in any of the configuration files (and in fact it
is possible to put all the directives into a single file, if
desired). However, this list of directives is split into
sections for each of the configuration files, and the
directives listed in the same order as given in the NSCA
documentation.
Directives valid in NCSA's Server Configuration file
(httpd.conf):
-
ServerType: same
-
Port: same
-
User: same
-
Group: same
-
ServerAdmin: same
-
ServerRoot: same
-
ServerName: same
-
StartServers: same (but NCSA does not use the same
method for its pool of servers)
-
MaxServers: use MaxClients instead, same syntax
and meaning
-
MaxRequestsPerChild: same
-
TimeOut: same, except Apache resets the timeout on
sending each time data is written (when sending a file), so
this is not an overall timeout.
-
AccessConfig: same
-
ResourceConfig: same
-
TypesConfig: same
-
IdentityCheck: same, except can be set in
.htaccess files
-
BindAddress: same syntax. Can however be used with
virtual host configurations. See also new Listen directive
for more control over addresses bound to
-
<Host>: not valid. Implement non-IP virtual
hosting using normal <VirtualHost> section
-
<VirtualHost>: same, except Apache does not
support the errorlevel argument (it effectively defaults to
'required'). In 1.2 <virtualhost> will be able to
take multiple hosts and ip addresses. <virtualhost>
is used to implement non-IP vhosts (see NCSA Host
directive). Almost all directives are valid within a
<VirtualHost> section, so the NCSA <SRMOptions>
section is not needed in Apache.
-
<SRMOptions>: not applicable. Apache does
not distinguish between the three config files, so
directives are valid in all. You can just remove the
<SRMOptions> and </SRMOptions> lines.
-
ErrorLog: same, except Apache can log to a pipe
(ErrorLog |program)
-
TransferLog: same. Apache can also log to a pipe
(i.e. another process) with "TransferLog |program". Log
file is in standard 'common log format'.. No LogOptions
Combined format to include user agent or referer
information, however if the optional mod_log_config module
is used, the log format can be set with LogFormat
directive.
-
AgentLog: available if mod_log_agent compiled in.
Syntax same, except Apache may log to a pipe, AgentLog
|program.
-
RefererLog: available if mod_log_referer compiled
in. Syntax same, except Apache may log to a pipe,
RefererLog |program.
-
RefererIgnore: available if mod_log_referer
compiled in. Syntax same.
-
PidFile: same
-
LogDirGroupWriteOK: not implemented.
-
LogDirOtherWriteOK: not implemented.
-
LogOptions: not valid in Apache. To specify
formats, use the mod_log_config module and LogFormat
instead. For separate agent and referer logs, use
mod_log_agent and mod_log_referer modules.
-
KeepAlive: on Apache, argument is the maximum
number of requests per connection. Use a value of 0 to
disable keepalives.
-
KeepAliveTimeout: same syntax. If not given,
Apache defaults to 15, NCSA 10
-
MaxKeepAliveRequests: not valid. Use KeepAlive
instead, except a value of 0 in NCSA means stay alive
forever, in Apache it disables keepalives completely
-
AssumeDigestSupport: not valid (but it doesn't do
anything in NCSA anyway)
-
Annotation-Server: not valid
Directives valid in NCSA's Resouce Configuration file
(srm.conf):
-
DocumentRoot: same
-
UserDir: same, except apache can also use a
full-path with * to represent username (e.g. UserDir
/home/*/public_html). Also Apache can redirect to a full
URL.
-
AccessFileName: same
-
Redirect same (but the order that Alias and
Redirects are applied may be different). Apache can only
redirect to a full URL, not a relative URL.
-
RedirectPermanent: not implemented
-
RedirectTemp: use Redirect instead
-
Alias: same
-
ScriptAlias : same
-
AddType same, except Apache can have multiple
extensions listed
-
AddEncoding same, except Apache can have multiple
extensions listed
-
DefaultType: same
-
DirectoryIndex: same (Apache can use multiple
names, as can HTTPd 1.5). Apache can list names as URLs
relative to the server root.
-
FancyIndexing: same, but IndexOptions preferred
-
DefaultIcon: same
-
ReadmeName: same
-
HeaderName: same
-
AddDescription: same
-
AddIcon: same
-
AddIconByType: same
-
AddIconByEncoding: same
-
IndexIgnore: same
-
IndexOptions: same
-
ErrorDocument: same, except Apache can also output
a static string with ErrorDocument "string, or redirect to
a full URL. Apache passes on more REDIRECT_xxx env
variables (all variables existing at time of the redirect
are renamed REDIRECT_variable). But it does not pass on the
error message in QUERY_STRING, or REDIRECT_REQUEST (use
REDIRECT_URL instead). Apache can put ErrorDocument in
.htaccess.
Directives valid in NCSA's Access configuration file
(access.conf, or .htaccess files where allowed):
-
<Directory>: same
-
Options: same, except Apache also supports
MultiViews option (for server-side content negotiation)
-
AllowOverride: same, except Apache does not use
Redirect (use FileInfo instead to control Redirects in
.htaccess file)
-
AuthName: same
-
AuthType: same (basic only) digest supported by
optional mod_digest
-
AuthUserFile: same, except Apache does not support
the second argument (standard, dbm or nis). Use
AuthDBMUserFile instead for DBM format (1.2 will implement
second arg to AuthUserFile). There are third party modules
which implement NIS authentication.
-
AuthGroupFile: same differences as AuthUserFile.
-
AuthDigestFile same, if optional mod_digest
compiled in
-
<Limit>: same. Note that in Apache, the
directives valid inside <Limit> can also appear
outisde, in which case they apply to all methods
-
order: same
-
deny: same (but see allow for note about
partial comparisons)
-
allow: same, except Apache applies comparisons
against full components only, eg bar.edu matchs x.bar.edu,
but does not match x.foobar.edu.
-
require: same
-
referer: not valid in Apache. To restrict by
referer, or any other request header, use third party
module mod_rewrite (to be distributed in Apache 1.2)
-
satisfy: not valid.
-
OnDeny: not valid. Can be implemented by
specifying an ErrorDocument 401
Other changes:
-
The XBITHACK functionality is configurable at runtime with
XBitHack directive
-
All configuration directives can be used in any of the
config file
-
Apache does not set the SERVER_ROOT, REMOTE_GROUP or
ANNOTATION_SERVER CGI variables
|
|
|
|