Apache HTTP Server Version 1.3
Overview of New Features in Apache 1.3
New features with this release, as extensions of the Apache
functionality. Because the core code has changed so
significantly, there are certain liberties that earlier versions of
Apache (and the NCSA daemon) took that recent Apache versions are
pickier about - please check the
compatibility notes if you have any
If you're upgrading from Apache 1.2, you may wish to read
the upgrade notes.
Enhancements: Core |
- Dynamic Shared Object (DSO) support
- Apache modules may now be loaded at runtime; this means that
modules can be loaded into the server process space only when necessary,
thus overall memory usage by Apache will be significantly reduced. DSO
currently is supported on FreeBSD, OpenBSD, NetBSD, Linux, Solaris, SunOS,
Digital UNIX, IRIX, HP/UX, UnixWare, AIX, ReliantUnix and generic SVR4
- Support for Windows NT/95
- Apache now experimentally supports the Windows NT and Windows 95
- The source files for Apache have been re-organized. The main
difference for Apache users is that the "Module" lines in
Configuration have been replaced with "AddModule"
with a slightly different syntax. For module authors there are
some changes designed to make it easier for users to add their
- Reliable Piped Logs
- On almost all Unix architectures Apache now implements "reliable"
piped logs in mod_log_config. Where reliable
means that if the logging child dies for whatever reason, Apache
will recover and respawn it without having to restart the entire
server. Furthermore if the logging child becomes "stuck" and
isn't reading its pipe frequently enough Apache will also restart
it. This opens up more opportunities for log rotation, hit
filtering, real-time splitting of multiple vhosts into separate
logs, and asynchronous DNS resolving on the fly.
- IP-based virtual hosts are looked up via hash table.
- <Directory> parsing speedups.
- The critical path for static requests has fewer system calls.
This generally helps all requests. (45 syscalls for a static
request in 1.2 versus 22 in 1.3 in a well tuned
ProxyReceiveBufferSize directive gives
mod_proxy's outgoing connections larger network
buffers, for increased throughput.
- The low level I/O routines use
available) to issue multiple writes with a single system call.
They also avoid copying memory into buffers as much as
possible. The result is less CPU time spent on transferring
- Static requests are served using
means bytes are only copied from the disk buffer to the
network buffer directly by the kernel. The program never
copies bytes around, which reduces CPU time. (Only where
- When presented with a load spike, the server quickly adapts by
spawning children at faster rates.
- The code which dispatches modules was optimized to avoid
repeatedly skipping over modules that don't implement certain
phases of the API. (This skipping showed up as 5% of the cpu
time on profiles of a server with the default module mix.)
- Revamp of the Unix scoreboard management code so that less
time is spent counting children in various states. Previously
a scan was performed for each hit, now it is performed only
once per second. This should be noticeable on servers running
with hundreds of children and high loads.
- New serialization choices improve performance on Linux, and
be compile-time configured to buffer writes.
ap_cpystrn(), a routine which doesn't have to
zero-fill the entire result. This has dramatic effects on
- Additions to the internal "table" API (used for keeping lists
of key/value string pairs) provide for up to 20% performance
improvement in many situations.
See the new performance
documentation for more information.
- Unified Server Configuration Files
- (Apache 1.3.4) The contents of the three
server configuration files (httpd.conf,
srm.conf, and access.conf) have
been merged into a single httpd.conf file.
The srm.conf and access.conf files
are now empty except for comments directing the Webmaster
to look in httpd.conf. In addition, the
merged httpd.conf file has been restructured
to allow directives to appear in a hopefully more
intuitive and meaningful order.
- Continuation Lines in config files
- Directive lines in the server configuration files may now be
split onto multiple lines by using the canonical Unix continuation
mechanism, namely a '\' as the last non-blank character on the
line to indicate that the next line should be concatenated.
- Apache Autoconf-style Interface (APACI)
- Until Apache 1.3 there was no real out-of-the-box batch-capable
build and installation procedure for the complete Apache
package. This is now provided by a top-level
configure script and a corresponding top-level
Makefile.tmpl file. The goal is to provide a GNU
Autoconf-style frontend which is capable to both drive the old
src/Configure stuff in batch and additionally
installs the package with a GNU-conforming directory layout. Any
options from the old configuration scheme are available plus a lot
of new options for flexibly customizing Apache.
Note: The default installation layout has changed
for Apache 1.3.4. See the files
INSTALL for more information.
- APache eXtenSion (APXS) support tool
- Now that Apache provides full support for loading modules under
runtime from dynamic shared object (DSO) files, a new support tool
apxs was created which provides off-source building,
installing and activating of those DSO-based modules. It
completely hides the platform-dependent DSO-build commands from
the user and provides an easy way to build modules outside the
Apache source tree. To achieve this APACI installs the Apache C
header files together with the
- Default Apache directory
path changed to
- The default directory for the apache ServerRoot changed from the
/usr/local/apache/. This change covers only the
default setting (and the documentation); it is of course possible
to override it using the -d
ServerRoot and -f httpd.conf switches when
- Improved HTTP/1.1-style Virtual Hosts
- The new
directive is used to list IP address:port pairs on which
HTTP/1.1-style virtual hosting occurs. This is vhosting based on
Host: header from the client. Previously this
address was implicitly the same as the "main address" of the
machine, and this caused no end of problems for users, and was not
powerful enough. Please see the Apache Virtual Host documentation for
further details on configuration.
directive includes other config files immediately at that point in
- -S command line option for debugging vhost setup
- If Apache is invoked with the
-S command line option
it will dump out information regarding how it parsed the
VirtualHost sections. This is useful for folks
trying to debug their virtual host configuration.
- Control of HTTP methods
- <LimitExcept> and
</LimitExcept> are used to enclose a group of access control
directives which will then apply to any HTTP access method not listed in
the arguments; i.e., it is the opposite of a section and can be
used to control both standard and nonstandard/unrecognized methods.
- NEW - Pass all of the server's environment variables to
CGIs and SSIs.
- With the PassAllEnv directive all
of the server's environment variables are made available to CGIs and SSIs
within the directive's scope. Please note that this directive is not
recommended for general use.
- Improved mod_negotiation
- The optional content negotiation (MultiViews) module has been completely
overhauled for Apache 1.3.4, incorporating the latest HTTP/1.1
revisions and the experimental Transparent Content Negotion features
of RFC 2295 and RFC 2296.
- NEW - Spelling correction
- This optional module corrects frequently occurring spelling and
capitalization errors in document names requested from the server.
- NEW - Conditional setting of
- The addition of
SetEnvIfNoCase. These allow you to set
environment variables for server and CGI use based upon attributes
of the request.
- NEW - "Magic"
- The optional
mod_mime_magic has been
added. It uses "magic numbers" and other hints from a file's
contents to figure out what the contents are. It then uses this
information to set the file's media type, if it cannot be
determined by the file's extension.
- NEW - Unique Request
- mod_unique_id can be included
to generate a unique identifier that distinguishes a hit from
every other hit. ("Unique" has some restrictions on it.) The
identifier is available in the environment variable
- mod_proxy enhancements:
- Easier and safer authentification for ftp proxy logins:
When no ftp user name and/or password is specified in the
URL, but the destination ftp server requires one, apache now
returns a " Authorization Required" status. This status code
usually makes the client browser pop up an "Enter user name and
password" dialog, and the request is retried with the given user
authentification. That is slightly more secure than specifying
the authentication information as part of the request URL,
where it could be logged in plaintext by older proxy servers.
- The new AllowCONNECT directive allows configuration
of the port numbers to which the proxy CONNECT method may connect.
That allows proxying to https://some.server:8443/ which resulted
in an error message prior to Apache version 1.3.2.
- The proxy now supports the HTTP/1.1 "Via:" header as specified in
RFC2068. The new
directive allows switching "Via:" support off or on, or
suppressing outgoing "Via:" header lines altogether for privacy
- The "Max-Forwards:" TRACE header specified in HTTP/1.1 is now
supported. With it, you can trace the path of a request along a
chain of proxies (if they, too, support it).
directives added to proxy, useful for intranets.
ProxyPassReverse directive. It lets Apache adjust the
URL in the Location header on HTTP redirect
- Easier navigation in ftp server directory trees.
mod_include string comparisons
- The string-based server-side include (SSI) flow-control directives
now include comparison for less-than (<), less-than-or-equal
(<=), greater-than (>), and greater-than-or-equal (>=).
Previously comparisons could only be made for equality or
- ServerRoot relative auth filenames
- Auth filenames for the various authentication modules are now
treated as relative to the ServerRoot if they are not full paths.
- Enhancements to directory
- Code split:The
mod_dir module has
been split in two, with mod_dir handling directory index
files, and mod_autoindex
creating directory listings. Thus allowing folks to remove the
indexing function from critical servers.
- Sortable: Clicking on a column title will now sort
the listing in order by the values in that column. This feature can
be disabled using the
SuppressHTMLPreamble can be used if
your README.html file includes its own HTML header.
IndexOptions directive now allows
the use of incremental prefixes (+/- to add/remove the respective
keyword feature, as was already possible for the
Options directive) to its
keyword arguments. Multiple IndexOptions directives applying
to the same directory will now be merged.
let you set height and width attributes to the
<IMG> tag in directory listings.
- The new
NameWidth keyword to the
directive lets you set the number of columns for
directory listings. If set to an '*' asterisk, the name width
will be adjusted automatically.
- The FancyIndexing directive now correctly has
the same impact as
without replacing the effect of any existing IndexOptions
- Less Buffering of CGI Script Output
- In previous versions of Apache, the output from CGI scripts would
be internally buffered by the server, and wouldn't be forwarded to
the client until either the buffers were full or the CGI script
completed. As of Apache 1.3, the buffer to the client is flushed
any time it contains something and the server is waiting for more
information from the script. This allows CGI script to provide
partial status reports during long processing operations.
- Regular Expression support for
directives allow for the use of regular expression matching.
sections provide a new syntax for regular expression sectioning.
directive added to mod_info
- Allows additional information to be listed along with a specified
- Absence of any
- If no
TransferLog directive is given then no log is
written. This supports co-existence with other logging modules.
- Ability to name logging formats
directive has been enhanced to allow you to give nicknames to
specific logging formats. You can then use these nicknames in
CustomLog directives, rather than having to
spell out the complete log format string each time.
- Conditional logging
now supports logging based upon environment variables.
mod_log_referer and mod_log_agent are now deprecated.
- mod_cern_meta configurable per-directory
- mod_cern_meta is now
configurable on a per-directory basis.
- New map types for
- The new map types `Randomized Plain Text' and `Internal Function'
were added to the
RewriteMap directive of
mod_rewrite. They provide two new features: First, you now can
randomly choose a sub-value from a value which was looked-up in a
rewriting map (which is useful when choosing between backend
servers in a Reverse Proxy situation). Second, you now can
translate URL parts to fixed (upper or lower) case (which is
useful when doing mass virtual hosting by the help of
- CIDR and Netmask access control
- mod_access directives now
support CIDR (Classless Inter-Domain Routing) style prefixes, and
netmasks for greater control over IP access lists.
For all those module writers and code hackers:
- A new phase for Apache's API is called once per "heavy-weight process,"
before any requests are handled. This allows the module to set up
anything that need to be done once per processes. For example,
connections to databases.
- A new phase called once per "heavy-weight process," when it is
terminating. Note that it can't be called in some fatal cases (such
as segfaults and kill -9). The
child_exit functions are passed a pool whose lifetime is
the same as the lifetime of the child (modulo completely fatal
events in which apache has no hope of recovering). In contrast,
init function is passed a pool whose lifetime
ends when the parent exits or restarts.
- Used in the child to indicate the child should exit after finishing
the current request.
http_main.h. This is used in the parent to register
a child for monitoring. The parent will report status to a supplied
callback function. This allows modules to create their own children
which are monitored along with the httpd children.
http_log.h. This API provides the common code for
implementing piped logs. In particular it implements a reliable piped
log on architectures supporting it (i.e., Unix at the moment).
- scoreboard format changed
- The scoreboard format is quite different. It is considered a
"private" interface in general, so it's only mentioned here as an FYI.
set_last_modified split into three
- The old function
set_last_modified performed multiple
jobs including the setting of the
Last-Modified header, the
ETag header, and processing conditional requests (such as
IMS). These functions have been split into three functions:
meets_conditions. The field
mtime has been
request_rec to facilitate
- New error logging function:
- All old logging functions are deprecated, we are in the process of
replacing them with a single function called
This is still a work in progress.
set_file_slot for config parsing
set_file_slot routine provides a standard routine that
prepends ServerRoot to non-absolute paths.
post_read_request module API
- This request phase occurs immediately after reading the request (headers),
and immediately after creating an internal redirect. It is most useful
for setting environment variables to affect future phases.
pclosesocket functions allow
for race-condition free socket creation with resource tracking.
- Test if the request is the initial request (i.e., the one
coming from the client).
- An option to
ap_spawn_child functions which prevents Apache
from aggressively trying to kill off the child.
alloc debugging code
ALLOC_DEBUG provides a rudimentary memory
debugger which can be used on live servers with low impact --
it sets all allocated and freed memory bytes to 0xa5. Defining
ALLOC_USE_MALLOC will cause the alloc code to use
free() for each object. This
is far more expensive and should only be used for testing with tools
such as Electric Fence and Purify. See
for more details.
- The new
strncpy "lookalike", with slightly different
semantics is much faster than
strncpy because it
doesn't have to zero-fill the entire buffer.
- These new functions do not call
on their arguments. This provides for big speedups. There is
also some debugging support to ensure code uses them properly.
src/CHANGES for more information.
- The function prototype for this changed from taking a
server_rec * to taking a
- These are wrappers which deal with the
when retrieving the server name and port for a request.
- Change to prototype for
- Added a
child_info * to
(as passed to
ap_bspawn_child) and to
ap_call_exec to allow children to work correctly on Win32.
We also cleaned up the nomenclature a bit, replacing
spawn_child_err with simply
- This API function allows for modules to add their own additional
server tokens which are printed on the on the
header line. Previous 1.3beta versions had used a
to perform this function. Whether the tokens are actually displayed
is controlled by the new
- Port to EBCDIC mainframe machine
- As a premiere, this version of Apache comes with a beta version of
a port to a mainframe machine which uses the EBCDIC character set
as its native codeset (It is the SIEMENS family of mainframes
running the BS2000/OSD operating system on a IBM/390
compatible processor. This mainframe OS nowadays features a
SVR4-like POSIX subsystem).
AccessFileName directive can now take more than
one filename. This lets sites serving pages from network file
systems and more than one Apache web server, configure access
based on the server through which shared pages are being served.
HostNameLookups now defaults to "Off"
directive now defaults to "Off". This means that, unless explicitly
turned on, the server will not resolve IP addresses into names. This
was done to spare the Internet from unnecessary DNS traffic.
- Double-Reverse DNS enforced
directive now supports double-reverse DNS. (Known as
PARANOID in the terminology of tcp_wrappers.) An IP
address passes a double-reverse DNS test if the forward map of the
reverse map includes the original IP. Regardless of the
HostnameLookups setting, mod_access access lists using DNS
names require all names to pass a double-reverse
DNS test. (Prior versions of Apache required a compile-time
switch to enable double-reverse DNS.)
- LogLevel and syslog support
- Apache now has configurable error
logging levels and supports error logging via syslogd(8).
- Detaching from stdin/out/err
- On boot Apache will now detach from stdin, stdout, and stderr. It
does not detach from stderr until it has successfully read the
config files. So you will see errors in the config file. This
should make it easier to start Apache via rsh or crontab.
- Year-2000 Improvements
- The default
timefmt string used by
mod_include has been
modified to display the year using four digits rather than the
two-digit format used previously. The
module has also been modified to display years using four digits
in FancyIndexed directory listings.
- Common routines Moving to a Separate Library
- There are a number of functions and routines that have been
developed for the Apache project that supplement or supersede
library routines that differ from one operating system to another.
While most of these are used only by the Apache server itself,
some are referenced by supporting applications (such as
htdigest), and these other applications would fail to
build because the routines were built only into the server. These
routines are now being migrated to a separate subdirectory and
library so they can be used by other applications than just the
server. See the
- This directive optionally adds a line containing the server
version and virtual host name to server-generated pages (error
documents, ftp directory listings, mod_info output etc.). This
makes it easier for users to tell which server produced the error
message, especially in a proxy chain (often found in intranet
- This directive gives control over how Apache creates
self-referential URLs. Previously Apache would always use the ServerName and Port directives to construct a
"canonical" name for the server. With
off Apache will use the hostname and port supplied by the
client, if available.
SERVER_VERSION definition abstracted, and server
build date added
- In earlier versions, the Apache server version was available to
modules through the
#defined value for
SERVER_VERSION. In order to keep this value
consistent when modules and the core server are compiled at
different times, this information is now available through the
core API routine
ap_get_server_version(). The use of
SERVER_VERSION symbol is deprecated. Also,
ap_get_server_built() returns a string representing
the time the core server was linked.
- Including the operating
system in the server identity
- A new directive,
ServerTokens, allows the Webmaster
to change the value of the
Server response header
field which is sent back to clients. The
directive controls whether the server will include a non-specific
note in the server identity about the type of operating system on
which the server is running as well as included module information.
As of Apache 1.3, this additional information is included by default.
Apache HTTP Server Version 1.3