Apache Webserver Surpasses 50 Million Website Mark

chris81 writes "For the first time ever, the Apache Web Server is powering more than 50 million websites, according to Netcraft's Web Server Survey for October. Although relative share fell by 0.67 percent, the total number of sites powered by Apache grew to over 52 million. Microsoft's IIS finished second with more than 15 million sites served."

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:...and

[KiloByte]

I wonder how they count it when you have different names for a single site:

<VirtualHost *>
                ServerName urukpr0n.angband.pl
                ServerAlias urukporn.angband.pl urukp0rn.angband.pl urukpron.angband.pl
[...]
(No, this site [angband.pl] isn't what you think.)

This is especially important if you count the fact that in a lot of cases www.$SITE is a CNAME for $SITE.

Re:...and

[diegocgteleline.es]

That's what the "active sites" means I think - and that would make 23 millions of real apache servers

http://survey.netcraft.com/index-200007.html#activ e [netcraft.com]

Re:...and

[Anonymous Coward]

Not 23 million actual servers, just 23 million different sites. Probably hosted on just a few hundred thousand physical servers. Netcraft "active sites" calculation is based on an estimate from contacting each server IP address a few times using a selection of the registered names and then comparing them. e.g. if you host 4000 domains which all say "We own this domain $domain, why not offer us money for it?" Netcraft will notice that 4000 names lead to that IP address, connect say 14 times, get a very similar response each time and conclude that there is only one active site.

23 million servers would represent almost 1% of all unicast IPv4 addresses (and AFAIK Netcraft don't look for IPv6-only servers)

Re:...and

[dtfinch]

You just know that web hosts want to milk their IIS installs for as many sites as possible. It's cheaper to add more ram and hard drives than to buy another Windows Server license to host more sites.

Err....

[Anonymous Coward]

>>Microsoft's IIS finished second with more than 15 million sites served.
Now did they try to find how many actually work ;)

Re:Err....

[Skiron]

12,000,000 of them are within microsoft.com domain (spoofed Apache httpd)...

Re:Err....

[diegocgteleline.es]

since they were detected, I assume all of them?

Logical Target

[soloport]

Look. Apache is targeted by all the script kiddies because it's SO popular. I mean, if you were a script kiddie and saw such a huge target as Apache, compared to the IIS install base, which one would YOU go after? You IIS *zealots* are a big turn-off to the rest of the web serving community.

Re:Logical Target

[cnelzie]

Haha! You funny.

    Anyway, if you know your crap and are out to compromise servers, then you can easily determine what kind of server Apache is running on. If you then really know your crap and compromise that Apache server, chances are you have a very powerful OS via some form of UNIX for which to direct new attacks from.

I'm impressed

[Killjoy_NL]

Not just that so many people and companies host websites on Apache, I'm more impressed that there are so many websites?

Such an enormous collection of data, it boggles my mind.

Re:I'm impressed

[AvantLegion]

True. But once you remove the porn, there's only about 500 or so.

Re:I'm impressed

[drstock]

"I'm fairly sure that if they took all the porn off the Internet, there'd only be 1 website left, and it would be called Bring Back The Porn."
- Dr Cox from Scrubs.

Re:I'm impressed

[gstoddart]

True. But once you remove the porn, there's only about 500 or so.
Yeah, but why would you remove the porn?

Re:I'm impressed

[rolfwind]

I would be interested to see what OSes those sites are running on, I'd suspect it would kill the "Linux is just as insecure as Microsoft" myth.

BTW, does Netcraft have a version of the DowJones 500 to see what the top 500 sites are running? I can't seem to find anything....

Re:I'm impressed

[DrSkwid]

It's no myth.

what operating systems are popular with Apache?

[SgtChaireBourne]

I would be interested to see what OSes those sites are running on

Netcraft used to show a summary with that information. I'm not sure why they stopped showing it, since they do still collect it and show it for individual site queries. I suppose if enough people ask them to reinstate it, they might actually reply to one of the messages and explain the rationale. More likely than not it probably made it evident that one of their major advertisers **cough**MS**cough was losing market share to both other http servers and other platforms.

Along the same lines, I saw a recent IDC report that showed (if one looked at the data oneself) that MS was continuing to lose market share in the server room, at least percentage wise. My guess is that they took most of Novell's share around 2000 when they ran the smear campaign against Netware and then have been slowly hemorrhaging marketshare since then.

Re:what operating systems are popular with Apache?

[Ian.Waring]

Some of the OS numbers used to get bent out of shape by people front ending Windows machines with Linux based cache or content distribution networks (Akamai being a notable one). Which is why MS used to show up as running Linux for www.microsoft.com. The methodology has probably improved since.

Ian W.

Re:I'm impressed

[alanw]

I would be interested to see what OSes those sites are running on, I'd suspect it would kill the "Linux is just as insecure as Microsoft" myth.

BTW, does Netcraft have a version of the DowJones 500 to see what the top 500 sites are running? I can't seem to find anything....

There's the What's that site running? [netcraft.com] page, the Longest uptime [netcraft.com] page and the monthly most reliable hosting [netcraft.com] page.

Re:I'm impressed

[masklinn]

Uptime isn't reliable since last time i checked Linux boxes still had an uptime bug (the 497 days reset).

Re:I'm impressed

[tb3]

Yes, but Windows servers have an uptime bug, too. It's called "Windows Server".

Re:I'm impressed

[masklinn]

Actually no, the uptime bug of windows server can be found under the reference "Windows" in most documentations

Re:I'm impressed

[aussie_a]

Such an enormous collection of data, it boggles my mind.

Here's a list of what the sites are (from most populous): 1: Porn sites
2: Spam sites
3: Spyware sites
4: Scamming sites
5: Warez sites
6: Blogs
7: Message boards
8: Wikipedia duplicates (where they copy and paste Wikipedia entries)
9: Software related sites
10: Other business related sites
11: Education-related websites.

As you can see, most of it is just rubbish.

Re:I'm impressed

[lucas teh geek]

It's a pitty you've been modded funny, i would have modded you insightful

Re:I'm impressed

[Kjella]

It's a pitty you've been modded funny, i would have modded you insightful

Quote the GP:
"Here's a list of what the sites are (from most populous): 1: Porn sites
(...)
As you can see, most of it is just rubbish."

<slashbot>Pr0n is rubbish? It must be a joke, +1 Funny.</slashbot>

Re:I'm impressed

[alexhs]

1: Porn sites
2: Spam sites
3: Spyware sites
4: Scamming sites
5: Warez sites

What are the differences between these five ?

You also forgot ad-serving sites between 5 and 6.
It's not because you have an ad-blocker that they don't exist ;)

Re:I'm impressed

[Ignignot]

I know! Who cares about 2 through 11 anyway. We should convert those other sites to porn sites!

Re:I'm impressed

[Killjoy_NL]

For me it's data until I need something, then some of the data becomes information :)

Oh!

[Martz]

Isn't that the number of servers required just to power /.?

I smell a rat!

Micosoft salesrep

[kryten_nl]

Microsoft salesrep: "You know, Apache's relative share fell by *cough*0.*cough* 67 percent!!!"

Apache share *INCREASED*

[krygny]

"Although relative share fell by 0.67 percent, the total number of sites powered by Apache grew to over 52 million."

From September to October, Apache's share went from 69.15% to 69.89% (+0.74%).

Re:Apache share *INCREASED*

[cakesy]

Yeah, but from October to September, Apache's share went from 69.89% to 69.15% (-0.74%).

Makes you think, doesn't it?

Re:Micosoft salesrep

[jellomizer]

Well there are the MS Fans out there who believe Microsoft's propaganda, and/or believe that Microsoft is the only serious player out there.

Secondly there are a lot of companies that are strictly a Microsoft shop, and the cost of moving is to high and the staff is use to windows so they stick with windows solutions they already bought.

Third they have a group of .NET developers and it is easy to for them to make a Web App on IIS vs. Getting Mono on Apache working, and working threw any of the glitches.

IIS is arguably easier to use then apache because you don't need to go threw and end a text file and add commands that may not be part of the default configuration.

Fear from ignorance, they are afraid if they don't use IIS then they will not be able to support the IE users, heck whenever they look at a pro-linux site who uses advanced CSS it rarely renders properly for them.

They already have Windows [NT, 2000, 2003] servers and they have IIS on them so they will use it, because they already paid for it.

It has been a long time since I heard of a major security flaws in IIS being affected and much longer for Apache. But you are expecting all the consumers to be logical, that is just crazy.

Re:Micosoft salesrep

[slavemowgli]

IIS is arguably easier to use then apache because you don't need to go threw and end a text file and add commands that may not be part of the default configuration.

If your IT department is afraid of editing text files (I assume that was supposed to mean "edit", right?), then you have a bigger problem than being dependant on Microsoft, anyway.

Re:Micosoft salesrep

[jellomizer]

The fear of editing a text config file is not a fear of using the editor but knowing what commands to change and type without any help from the application to say what you entered is crap so when you made 20 changes and run it and it bombs out then you need to figure what you changed was wrong or made a typo. Bringing up and down the server for each of the 20 changes could drive people nuts when the web server is acting funny.

Re:Micosoft salesrep

[Baricom]

Can't you do a syntax check in Apache without restarting it? I think it's the -t switch.

Re:Micosoft salesrep

[Anonymous Coward]

IIS is also arguably faster, as it's running on a single architecture, on an OS designed by the same developer.

IIS is not arguably faster than Apache httpd, it is faster. What is arguable is the wisdom of running a server at ring0 (kernel address space). Apache was not designed for raw speed, it was designed to be full-featured, stable and correct. If you want to see IIS trounced by a kernel based httpd, take a look at TUX [redhat.com] and this (typically flawed) benchmark [litespeedtech.com]. The only good thing I have to say about IIS is that version 6 appears to have undergone a security audit and is no longer being rooted by simple HTTP GET requests (a genuine Microsoft innovation) like previous versions.

Notice the similarities

[grazzy]

In the graphs acceleration compared to 2001/2002? :)

Actually...

[DavidHOzAu]

It's because of php's increasing popularity, as this page [php.net] shows.

Re:Actually...

[QuantumG]

I wonder how it compares to this graph [venganza.org].

Re:Actually...

[hostpure]

It is most likely because of PHP and a fair collection of PHP Blogging scripts which are available. I mean just look at the sheer number of blogs at the moment and it isn't hard to understand just how many new sites there are now. Must be a dot blog boom (I doubt it will be too long before we see the .blog TLD)

Re:Actually...

[Anonymous Coward]

PHP has nothing to do with Apache. You can run it also inside IIS.

Re:Actually...

[shutdown -p now]

You can, but there are quite a few Apache-specific features which are not available under IIS. Also, most PHP tutorials suggest Apache for a server (and MySQL for a database), and most preconfigured packages available are Apache/PHP/MySQL.

Re:Actually...

[imroy]

Just out of interest, here's the mod_perl graph [apache.org] (a little out of date though). *sigh*

Also, here's SecuritySpace's Apache module survey [securityspace.com] which covers everything else.

Re:Actually...

[Adhemar]

I have the feeling that the reason why Java-based web programming never really took off, and PHP is being widely used so widely, lies in the fact that PHP is freely shipped with the most popular web server.

So, the popularity of PHP (compared to Java) is more due to the popularity of Apache than the other way around.

Re:Actually...

[consumer]

Apache HTTPD does not come with PHP. PHP is not an Apache project. Tomcat (a Java servlet runner) is an Apache project, although it isn't shipped with the httpd either.

Odd lines in chart

[inkswamp]

The chart marked "Market Share for Top Servers Across All Domains August 1995 - October 2005" is interesting. I'm not entirely sure I understand what it means, but July 2001 and June 2004 show an almost mirror image in terms of the blue and red lines (Apache and MS.) When one goes up, the other goes down and vice-versa. Strange. I wonder what exactly was happening during that time period to cause that.

Re:Odd lines in chart

[Kjella]

I'm not entirely sure I understand what it means, but July 2001 and June 2004 show an almost mirror image in terms of the blue and red lines (Apache and MS.) When one goes up, the other goes down and vice-versa. Strange. I wonder what exactly was happening during that time period to cause that.

Several big hosting providers were trying to switch their hosting between Apache and IIS. Providers that are big enough to actually make those kinds of dents in the graph. As you can see from the final result, most of them figured out Apache was the better solution. I wouldn't use IIS to serve HTML either, only if the content required .NET and you didn't really have a choice.

Kjella

Re:Odd lines in chart

[inkswamp]

That makes sense. Thanks for explaining.

I wouldn't use IIS to serve HTML either,

I've dealt with both Apache and IIS professionally and by far--by far!--I have encountered the most issues with IIS, from little annoyances to full-blown meltdowns. I'm not sure how IIS survives in the market place when its competitor is more robust, functions better and is free. Chalk one up to the marketing people at MS, I guess.

Re:Odd lines in chart

[odie_q]

Their selling point is integration. I have a client who design, sell and admin content management systems, and they are a pure MS shop. Their products rely heavily on the integration between IIS, Exchange, .Net and Active Directory. From what I have seen they would have a lot less hassle with a system of separate components that actually work and fit with their product instead of shoehorning their stuff into the MS conventions, but they are convinced that the superior integration of Microsoft's offerings gi

Re:Odd lines in chart

[guruevi]

Well. That is because of the contracts running with Microsoft. We have a contract (as hostingprovider) that x-% of the servers has to be Windows based so we recompiled Apache to show up as IIS and the next month Netcraft confirmed it, we moved 15000 sites (URL-forwarding) to IIS.

Re:Odd lines in chart

[RoLi]

I'm not sure how IIS survives in the market place

They survive because of customer lock-in (aka "Integration" in salesspeak), "standardization" (with desktop systems) and the delusion (which is interestingly put forward by both pro- and anti Microsoft people) that "sooner or later" Microsoft will dominate every market and so it's better to bet on the winner.

However, with years of IIS being pretty stagnant or slowly losing marketshare, this delusion cannot be sustained forever, more and more people realize that OSS is not just a fad and is here to stay.

Also with each round of forced upgrades on the IIS-side, some jump ship.

It will probably will take a decade or two, but then IIS-fans will find themselves in the very situation they wanted to avoid: Being a tiny minority, fighting with bad 3rd party support and being frowned upon.

In some countries it already happened: In Germany, IIS runs only 5.56% [securityspace.com] of domains (down from over 20% 5 years ago) - cheap German webhosters don't offer Windows anymore at all, some webhosters charge extra for Windows and only few charge the same (however those are usually the most expensive webhosters anyway)

Re:Odd lines in chart

[larien]

The big movers are the domain registrars; they'll host several hundred parked domains on a single server. While they're all using the same content (probably the same files, even), they'll show up as hundreds of sites. If they move from Apache to IIS (or vice versa), several hundred (or thousand?) websites appear to switch.

Domain registrars

[miller60]

Larien is correct. The changes indicate infrastructure shifts at domain registrars, specifically Network Solutions and Namezero (as alluded to in this Netcraft post [netcraft.com] from 2003 and this one [netcraft.com] from 2001. Both briefly shifted from Solaris to Windows, and then back again.

Domain Registrar

[drasfr]

Yup. I can confirm this. I used to work at a major domain registrar, using Linux/Apache and Microsoft visited us and asked for us to migrate our servers to Window/IIS for the sole purpose of increasing the netcraft numbers... We were doing URL forwarding. By the way, the conversion was VERY painful... even though they engineers came on site to work on the code for this.

Re:Odd lines in chart

[Rocketship Underpant]

"July 2001 and June 2004 show an almost mirror image in terms of the blue and red lines (Apache and MS.) When one goes up, the other goes down and vice-versa. Strange. I wonder what exactly was happening during that time period to cause that."

I suspect that red "hump" on the Microsoft graph coincides with major version releases of their IIS and Windows Server 2003. People and companies tried it out, then switched back to Apache over time.

Some of the sharper spikes are sometimes due to large ISPs with thousa

Re:Odd lines in chart

[inkswamp]

I understand that. I was wondering what the real world events were that caused it, especially for such a prolonged period of time. As the other responses here explain, it turns out it was some big customers jumping back and forth.

Now can we have the results for Gopher servers!

[Viol8]

Just curious. Also would be nice to see the current amount of WAIS
and Archie servers left! :o)

Re:Now can we have the results for Gopher servers!

[MoogMan]

7 and 3 respectively.

Re:Now can we have the results for Gopher servers!

[Viol8]

Don't happen to have the addresses do you? I fancy a trip down
memory lane today...

Re:Now can we have the results for Gopher servers!

[kc_cyrus]

There are still many Gopher servers around, check out the directories at:

Floodgap Gopherspace [floodgap.com]

and

gopher.quux.org [quux.org]

What will LAMP's success mean to M$?

[linumax]

Well, actually they have their own plans [com.com].
and part of the plan is giving some for free! See SQL Server 2005 Express Edition's Pricing Policy [microsoft.com] and the same for Visual Studio Express Edition which will be free.
I don't do much open-source programming but I'd like to thank all those guys who do, cuz if it was not for their efforts, M$ would have never given something for free (at least as in beer!!)
Anyway, the point is that some small businesses might be attracted to M$'s side by giving these development tools for free and this might have an effect on Apache and as a whole LAMP's market share.

Re:What will LAMP's success mean to M$?

[nogginthenog]

4 GB maximum database size

Looks a bit like MS SQL Desktop Engine. That's been around for a while - originally bundled with Visual Studio, some Office versions and other MS stuff, but downloadable recently-ish from MS for free.

Quality issue

[SgtChaireBourne]

Yes, it's interesting to see that competition forced a reduction in price from MS' side, but you still have the problem of quality.

Qualitywise, MS SQL Server is the IIS of the database world. Only if you somehow got locked into .NET or some other proprietary hook into MS would you need MS SQL over an industry standard like Postgresql [postgresql.org] or MySQL [mysql.com] which are in approximately the same niche. Those two are even starting to nibble at the heels of Oracle in some contexts, unlike MS SQL.

MS has tried give aways b

Re:Quality issue

[pedestrian crossing]

I've got to disagree with you on this one. MS-SQL is about the -only- MS product that is worth a damn.

MySQL? I think you need to lay off the Kool-Aid. Postgresql? Maybe, but it doesn't come with the suite of tools that you get with MS-SQL.

Really, I dislike MS as much as the next slashbot, but MS SQL server is the exception to the rule.

Re:What will LAMP's success mean to M$?

[killjoe]

I think this is awesome. Open source is forcing MS to give away software they would normally charge thousands of dollars for. This certainly will not help their bottom line. Every penny MS doesn't make is one less penny going to kill open source or lobbying govt. Whoo Hoo.

Well happy birthday or something

[Xiph]

I really can't see this as anything that'll come as a surprise to anyone, nor the fact that apache came first. I also have a feeling that the apache guys see this the same way, as it is nowhere to be found at http://apache.org/foundation/news.html/ [apache.org]. but i guess any round number is worth celebrating, after all free as in drunk, is as important as any other freedom ;)

What would be really interesting...

[sosume]

What would be really interesting would be a figure of total pages served (over the entire internet), grouped by server type. Or the average return opn investement, per server type. Number of hostnames really says nothing, I can add a few thousand myself with no trouble at all.

Re:What would be really interesting...

[DaHat]

I agree, hostnames alone is pretty worthless. Personally I would like to see statistics based on IP address and not host names.

It's pretty easy for any person to colo a LAMP setup and host the webpage of everyone they know who doesn't want to be on geocities anymore... far easier than plunking down the cash for a Windows 2003 install with IIS6.

Of course, there are always studies like that of Port 80 software who found that 53.7% of corporate web servers were running IIS, vs the 22.7% of Apache.

See http://ww [port80software.com]

Three considerations

[VincenzoRomano]

#1. Sites vs servers.
Netcraft states they count the sites while they don't mention whether they count 2nd level domains (foo.com), 3rd level domains (www.foo.com, support.foo.com) or what else. They just say they "received responses from 74,409,971 sites" while not defining what a site actually is.

#2. Growth.
There has been a growth of about 3.73% in the number of (so called) web sites. There must be some hidden winner(s). That is, there must be some group of web servers that is getting the great part of the growth all at once! Netcraft is failing to mention who they are!

#3. Webserver (or website) identification.
It's all but trivial to identify web servers. Are they using some special tool like amap [thc.org] and nmap [insecure.org] or just looking at the server response content? How accurate this identification can be?

Re:Three considerations

[rjw57]

Follow the links in TFA. They you'll get to http://survey.netcraft.com/index-200007.html [netcraft.com] which says
"The Netcraft Web Server Survey is a survey of Web Server software usage on Internet connected computers. We collect and collate as many hostnames providing an http service as we can find, and systematically poll each one with an HTTP request for the server name."

Re:Three considerations

[slim]

They just say they "received responses from 74,409,971 sites" while not defining what a site actually is.

Netcraft is very clear about this [netcraft.com].

One server running 10,000 virtual hosts is 10,000 "sites".

This is why historically thttpd did very well in Netcraft surveys -- it was good at hosting thousands of sites from one server (and allowed throttling of over-used sites).

Great news, but keep in mind ...

[oztiks]

This is really good news for the OS community, it shows a community product being chosen over a commerical application in the industry.

But keep in mind just because the server is not IIS and is Apache doesnt mean they arent running Windows Apache, I find lots of Windows admins leaning to Apache even when they have IIS readily available.

Just need to check

[peterpi]

I'm just updating my fanboyism and I need to check some figures.

• IIS' 20% market share is rubbish.
• Firefox's 10% share is the greatest thing evar.

you forgot Apple

[toby]

and their 5% (?).

Why use IIS?

[vhogemann]

Now, I'm not trying to be a troll. I just want to understand the reasons that make someone choose IIS over Apache, since (AFAIK) the later is more secure, more capable, and performs better under heavy load.

Can anyone point me some?

Re:Why use IIS?

[Anonymous Coward]

Now, I'm not trying to be a troll. I just want to understand the reasons that make someone choose IIS over Apache, since (AFAIK) the later is more secure, more capable, and performs better under heavy load.

Can anyone point me some?

Sure! Microsoft can:

For reasons, see these case studies:
http://www.microsoft.com/windowsserver2003/iis/eva luation/casestudies/default.mspx [microsoft.com]
- better uptime
- better TCO
- easier to maintain
- more secure
- improved leveragement of potential monetizement of business platform migration

Re:Why use IIS?

[ooh456]

Here are the top 10 reasons people choose IIS over Apache:

10. Because they don't know what they are doing.
9. Because their customers don't know what they're doing.
8. Because they are partnered with MS.
7. Because they are racist against Native Americans.
6. Because they get some orgasmic thrill from spending money on slower, inferior products and services.
5. Because the same reason they use Hotmail over Gmail.
6. Because they are really using Apache... but configure it to report itself as IIS to confuse attackers.
5. Because they are originally from another dimension where IIS works better than Apache.
4. Because they were playing a practical joke on their users and then died suddenly.
3. Because they are brainwashed from listening to too many Steve Balmer speeches.
2. Because really all those IIS servers out there are just Microsoft's own servers trying to keep MSN.com running.
1. Because they smoke a lot of crack.

Re:Why use IIS?

[ggeens]

One word: ASP.

Many corporate sites start of as a set of static pages with a "Contact us" web form. ASP is typically used for that as it requires only minimal programming effort.

Later on, when more dynamic content is added, they will often stick with IIS since they already know it.

Re:Why use IIS?

[ajs318]

ASP requires only minimal effort? HAH!

PHP requires just as little effort if you turn register_globals back on.

It's only insecure if you let it be insecure. Blindly doing an iteration such as

foreach ($_POST as $i => $_) { ${$i} = $_; };
foreach ($_GET as $i => $_) { ${$i} = $_; };

is really no more secure than having register_globals turned on in the first place. The real insecurity came from the order in which the variable sources were processed; by default a query string in a GET request woul

Re:Why use IIS?

[Billly Gates]

Think corporate ... actually think american corporation mindsets?

They want to support only one platform that everyone is trained to use. Now which company do you think that is?

Revised (serious list) from the other guy posting ...
1.) Corporations already have Visual Studio.net and guess what? It includes C#.net. Now which webserver do you think it runs on?
2.) IIS is already included on the cdrom with windows
3.) MCSE's know how to or could learn how to use IIS
4.) Nobody ever got fired for using Microsoft soft

Why is apache so popular?

[Some Random Username]

Not that there is anything particularly horrible about apache, but alot of sites could use something smaller, and less of a memory hog like lighttpd. But yet they use apache anyways "cause we're using linux", as if the only webservers that exist are apache and IIS.

Re:Why is apache so popular?

[SumDog]

Because most of the tools we use for web development work and are actively maintained on Apache. mod_php, mod_perl, mod_ruby, etc. Sure you can use these via CGI with any web server, but the in process execution makes them more convenient to use.

Apache has turned into a de-facto standard. People can expect security updates for it, and the large user base insures its longevity. With any major piece of software, there are always better alternatives. But still, people use sendmail, even though we have postfix and qmail. People use bind...

Apache works, is solid, scalable and is supported by many languages and many people. That's why most people use it.

Re:Why is apache so popular?

[Some Random Username]

Actually, I found that having the language mashed into the webserver was a bad thing. PHP, perl, ruby, python, java, etc, etc, etc all can do fastcgi. This gives you persistant apps, just as fast as if it were in the webserver, but without the ability to crash your websever, running as seperate users, and with the ability to do things like store persistant objects without having to do anything special at all. Even just simple things like using persistant database connections without having to have one co

Netcraft is so inaccurate

[SumDog]

The problem is that I know many system administrators that change their server's response to be Apache even though it's IIS. By the same token I know several Apache servers that respond as IIS and are used as honeypots; their logs are parsed for several known exploits and worms.

People have always mentioned this problem with mining for server usage statistics. What does netcraft do to try and filter out a lot of these false statistics? Is there any thing they can do? Is there any other way to identify a "tru

Re:Netcraft is so inaccurate

[Alioth]

There's no point spoofing your identity: any hacks/scripts/worms etc. do NOT check it - they try the exploit regardless of what the server reports itself as. That's why your Apache log (which is reporting itself as Apache) is full of attempted IIS exploits. Skript kiddies and worms _do not check_.

22 days old?

[Laaserboy]

From TFA:
Posted by wss at October 4, 2005 08:40 AM

Which means that the news is 22 days old. Given that this is a monthly survey, the slashpost seems a tad bit behind the times.

One of us should write a bot that posts a story 21 days after the fact and see if we can beat the masses that happen upon Netcraft and re-print old news.

Re:Apache License?

[QuantumG]

      1. You must give any other recipients of the Work or Derivative Works a copy of this License; and

      2. You must cause any modified files to carry prominent notices stating that You changed the files; and

      3. You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and

      4. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.


The last clause there is what makes it incompatible with the GPL and what made the OpenBSD folks fork it (they folked before the license change to include this clause). In answer to your question, yes, indeed anyone is free to extend and distribute binary forms of the software without having to hand over source code for their extensions (or even for the code they didn't write).

But here's a question for you. If you're required to give "any other recipients of the Work or Derivative Works a copy of this License", does that mean that the extended work has to be under this license? Or does it just mean you have to give the license to them, even though it isn't applicable. What stupid wording. Presumably it means you can't change the license on the software.. but you can apply any license you want on your extensions.. which means you can prohibit the software from being distributed, even though "this license" says you are free to distribute it.

Re:Apache License?

[zootm]

But here's a question for you. If you're required to give "any other recipients of the Work or Derivative Works a copy of this License", does that mean that the extended work has to be under this license?

I think that that clause is intended to ensure that the distributers of the derived work let people know that the system is based upon a system with a more "free" licence, to ensure that those who buy the derivative work know that these parts (which are likely to be substantial, in this case) are include

Re:Apache License?

[dirkx]

But here's a question for you. If you're required to give "any other recipients of the Work or Derivative Works a copy of this License", does that mean that the extended work has to be under this license? Or does it just mean you have to give the license to them, even though it isn't applicable.

It means exactly what it says (see the original [apache.org]; the above suffers from crcual typo's) - you must pass on the license (which include the important disclaimers) along and as it pertains to the agrement under which yo

Re:Apache License?

[QuantumG]

Bah. If you compile a proprietary extension into an Apache licensed program it doesn't matter that you're technically allowed to copy the Apache licensed portions. You can't seperate the two (and even if you could, the seperate parts would be useless) so the entire program is practically under a proprietary license.

Re:So what your saying is:

[diegocgteleline.es]

No, IIS isn't "growing faster than apache", it has grow faster than apache this month. If you look at other web server surveys (or at that graphic) you'll find different numbers

Re:So what your saying is:

[dbrutus]

Actually, Apache's share is up. The article is wrong. Last month it was 69.15% of the market and this month it's 69.89% of the market.

Re:Innovation

[Viol8]

"I think we don't talk often enough about this software here"

Thats cos webservers are , however you want to look at it, pretty
boring programs from a technical point of view.

Re:Innovation

[the_2nd_coming]

all the innovation is done in the modules, not the server

Re:IIS? Are you sure?

[petermgreen]

even with apache identifying itself as apache you STILL see requests that are targeting IIS security holes. It seems its easier for attackers to just fire at as many hosts as possible rather than checking them first.

Re:IIS? Are you sure?

[HermanAB]

Like this (http://uptime.netcraft.com/up/today/top.avg.html [netcraft.com]) : www.windows-sc.necsoft.com 102 1267 1310 1310 BSD/OS Microsoft-IIS/5.0 Running MS IIS on BSD - Duh...

Mod down: unsubstantiated claim

[ArsenneLupin]

If you instead count only real servers own by the company (dedicated servers) IIS is 4-5 times more used then Apache.

Care to quote the source of this blunt claim? While it is certainly true that many domain-name parking services use Apache, Apache would still lead by a large margin even if those were accounted for.

Re:"Is that so"

[jbplou]

Are you on crack, you can place multiple domains on IIS. If you are going to make points about one product being better than another atleast know what both can do.

Re:Yay!

[ArsenneLupin]

If you're not running your site with at least parameterized, escaped, dynamic SQL if not stored procedures...

You know that. I know that. But does the average Microsoft code monkey know that? Most probably not! If they'd been that computer-smart, they wouldn't have chosen Microsoft...

you need to just shut it down anyway.

That's what they'll do eventually, especially after their site has been linked from Slashdot. But quite often, even the notoriously slow Slashdot editors manage to be faster than the op