The Apache HTTP Server Project

ApacheCon

Essentials

  • About
  • License
  • FAQ
  • Security
    Reports

    • Download!

  • from a mirror

    • Documentation

  • Apache 1.3
  • Apache 2.0

    • Get Involved

  • Mailing Lists
  • Bug Reports
  • Developer Info

    • Subprojects

  • Docs
  • Test
  • Flood
  • libapreq
  • Modules

    • Miscellaneous

  • Contributors
  • Awards
  • Support
    Webring
    • The Number One HTTP Server On The Internet

    The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

    Apache has been the most popular web server on the Internet since April of 1996. The July 2003 Netcraft Web Server Survey found that 63% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined.

    The Apache HTTP Server is a project of the Apache Software Foundation.

    Want to try out the Apache HTTP Server?

    Great! We have updated our download page in an effort to better utilize our mirrors. We hope that by making it easier to use our mirrors that we will be able to provide a better download experience.

    Please ensure that you verify your downloads using PGP or MD5 signatures!

    Apache 2.0.47 Released

    The Apache HTTP Server Project is proud to announce the tenth public release of Apache 2.0.

    This version of Apache is principally a security and bug fix release. Of particular note is that 2.0.47 addresses four security vulnerabilities:

    Certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one.
    [CAN-2003-0192]

    Certain errors returned by accept() on rarely accessed ports could cause temporal denial of service, due to a bug in the prefork MPM.
    [CAN-2003-0253]

    Denial of service was caused when target host is IPv6 but ftp proxy server can't create IPv6 socket.
    [CAN-2003-0254]

    The server would crash when going into an infinite loop due to too many subsequent internal redirects and nested subrequests.
    [VU#379828]

    For further details, see the announcement.

    Download | New Features in Apache 2.0 | ChangeLog for 2.0

    Apache 1.3.28 Released

    The Apache Group is pleased to announce the release of the 1.3.28 version of the Apache HTTP Server. (German translation here)

    This version of Apache is principally a security and bug fix release. Of particular note is that 1.3.28 addresses and fixes the following issues: CAN-2003-0460 (cve.mitre.org) (rotatelogs bug), VU#379828 (infinite loop potential), and file descriptor leakage .

    Download | Apache for Win32 | New Features in Apache 1.3 | ChangeLog for 1.3.28

    Copyright © 1999-2002, The Apache Software Foundation