“The mind-boggling phenomenon that made the World Wide Web a
household name has been fueled, in part, by the availability of a
robust, fully functional, freely available HTTP server package.
Apache, named for its origin as a patch to the original National
Center for Supercomputing Applications (NCSA) HTTP implementation,
is estimated to be utilized by over six million Web sites,
including both commercial and educational installations.”
“According to a recent survey conducted by Netcraft
(www.netcraft.com), Apache accounts for roughly 60 percent of the
Web servers in use today. Microsoft’s Internet Information Server
(IIS) is a distant second at 20 percent. As its popularity
increases, the Apache Software Foundation (www.apache.org) remains
focused on providing a full-featured, open source HTTP server,
while also addressing the security needs of the enterprises that
rely on the features exclusive to Apache.”
“Apache’s flexibility enables its core team to quickly implement
new features and enhancements, creating a product that is
substantially faster and more efficient than most of its
competitors (including commercial products). However, does ?free?
come at a price when it comes to security? It doesn’t have to. The
diligent network manager will quickly recognize the advantages of
choosing a platform that is field-tested on more than six million
Web servers and runs on 17 operating systems.”
“However, the question still remains: Is Apache the most
secure HTTP server available? The answer is simple: Apache can be
made to be the most secure, and this article will show you how.
Please note that I will concentrate on the Unix variant of Apache.
While a Windows NT port is available, it has yet to reach the level
of maturity currently enjoyed by the Unix version.“