Web Servers
Who’s running the show?
What are they?
The big two:
POPULAR WEB SERVERS
Apache
http://en.wikipedia.org/wiki/Apache_web_server
We’re number one!
Apache

Apache HTTP Server, referred to simply as Apache:



A web server
Notable for playing a key role in the initial growth of the
World Wide Web
Apache

First viable alternative to Netscape Communications
Corporation web server


Evolved to rival other Unix-based web servers



Currently known as Sun Java System Web Server
Functionality and performance
Since April 1996 Apache has been the most popular
HTTP server on the World Wide Web
September 2007: Apache served 50% of all websites
Apache

Project's name was chosen for two reasons:



Respect for the Native American Indian Apache tribe

Well-known for their endurance and their skills in warfare

Making it "a patchy" server
Project's root is a set of patches to the codebase of NCSA
HTTPd 1.3
Apache is developed and maintained by

Open community of developers


Available for a wide variety of OSs



Microsoft Windows
Novell NetWare
Unix-like operating systems

e.g. Linux and Mac OS X

z-OS (IBM mainframe)
and more…

Apache is free software / open source software.


Under the auspices of the Apache Software Foundation
Released under the Apache License
APACHE HISTORY
History

First version of the Apache web server created by
Robert McCool

Heavily involved with the National Center for
Supercomputing Applications web server


When Rob left NCSA in mid-1994



Known simply as NCSA HTTPd
Development of httpd stalled
Left a variety of patches for improvements circulating
through e-mails
Rob McCool was not alone in his efforts

Several other developers helped form the original
"Apache Group":

Brian Behlendorf, Roy T. Fielding, Rob Hartill, David
Robinson, Cliff Skol nick, Randy Terbush, Robert S.
Thau, Andrew Wilson, Eric Hagberg, Frank Peters, and
Nicolas Pioch
History

Version 2 of the Apache server was a substantial rewrite of much of the Apache 1.x code


Strong focus on further modularization and the
development of a portability layer, the Apache Portable
Runtime
Apache 2.x core several major enhancements over Apache 1.x:







UNIX threading
Better support for non-Unix platforms
New Apache API
IPv6 support
First alpha release of Apache March 2, 2000
First general availability release on April 6, 2002
Version 2.2 introduced a new authorization API that
allows for more flexibility

Also features improved cache modules and proxy
modules
FEATURES
Features

Apache supports a variety of features

Many implemented as compiled modules


Extend the core functionality
Range from:
server-side programming language support
- to  authentication schemes


Common language interfaces support


mod_perl, mod_python, Tcl, and PHP
Popular authentication modules include

mod_access, mod_auth, and mod_digest
Features

Other features include:




SSL and TLS support
 mod_ssl
A proxy module
A useful URL rewriter
 AKA a rewrite engine, implemented under
mod_rewrite
Custom log files


Filtering support



mod_log_config
mod_include
mod_ext_filter
Apache logs can be analyzed

via web browsers with free scripts
 AWStats/W3Perl
 Visitors
Features

Virtual hosting allows one Apache installation
to serve many different actual websites

For example, one machine, with one Apache
installation could simultaneously serve:





Apache features




www.example.com
www.test.com
test47.test-server.test.com
And more…
Configurable error messages
DBMS-based authentication databases
Content negotiation
Also supported by several graphical user
interfaces (GUIs)

Permit easier, more intuitive configuration of the server
USAGE
Usage

Apache is the Web server component of
the popular XAMPP Web server
application stack

Partners

OS




Web Server


Apache
Database


Linux
- LAMPP
Windows - WAMPP
Mac OS X - MAMPP
MySQL
Programing Language



PHP
Perl
Python
Usage

Apache can serve both static content
and dynamic Web pages

Many web applications are designed
expecting the environment and features
that Apache provides
Usage

Apache is redistributed as part of various
proprietary software packages including the



Mac OS X integrates Apache



Oracle Database
IBM WebSphere application server
Its built-in web server
Support for its WebObjects application server
It is also supported by Borland

Kylix and Delphi development tools
Usage

Apache included with Novell NetWare 6.5


Apache used for many tasks where content
needs to be available in a secure and reliable
way



Default web server
Sharing files from a personal computer over the
Internet
User who has Apache installed on their desktop can
put arbitrary files in the Apache's document root
which can then be shared
Programmers developing web applications


Locally installed version of Apache
Preview and test code as it is being developed
LICENSE
License

Software license




From the Apache Foundation
Distinctive part of the Apache HTTP Server's history
Apache License allows distribution of both open and
closed source derivations of the source code
Free Software Foundation does not consider
the Apache License to be compatible with
version 2 of the GNU General Public License
(GPL)

Software licensed under the Apache License cannot
be integrated with software that is distributed
under the GPL
License

Free software license:

Incompatible with the GPL



Has certain patent termination cases that the
GPL does not require
Version 3 of the GPL includes a provision


Has a specific requirement that is not in the GPL
(Section 7e) allows it to be compatible with licenses
that have patent retaliation clauses, including the
Apache License
Apache is a registered trademark

May only be used with the trademark holder's
express permission
http://en.wikipedia.org/wiki/IIS
We’re # 2…
MICROSOFT IIS
IIS

Microsoft Internet Information Services (IIS)



Formerly called Internet Information Server
Set of Internet-based services for servers using
Microsoft Windows
World's second most popular web server in terms of
overall websites


July 2010: it served 25.87% of all websites and 36.63%
of all active websites (Netcraft)
IIS Services currently include servers for:





FTP
SMTP
NTP
NNTP
HTTP/HTTPS
History of IIS


Initially released as additional set of
Internet based services for Windows
NT 3.51
Has gone through a series of
enhancements as Windows changed
History of IIS

Current shipping versions of IIS:

10



8.5




Windows Server 2012
Windows 8
7.5



Windows Server 21012 R2
Windows 8.1
8.0


Windows Server 2016
Windows 10
Windows 7
Windows Server 2008 R2
7.0


Windows Vista
Windows Server 2008
History of IIS

Windows Vista and 7 do not install
IIS by default


Can be selected among the list of optionally
installed components
IIS 7.0 on Vista does not limit the number of
connections allowed
 Restricts performance based on active
concurrent requests
SECURITY
Security

Early versions of IIS had many
vulnerabilities

Chief among them CA-2001-19

Led to the infamous Code Red worm
Security

IIS 7.0 the components were
modularized
Only the required components
need be installed
 Further reducing the attack surface
 Security features such
asURLFiltering were added

 Rejects
suspicious URLs based on a
user defined rule set
AUTHENTICATION
MECHANISMS
Authentication mechanisms

IIS 5.0 and higher support the
following authentication
mechanisms:




Basic access authentication
Digest access authentication
Integrated Windows Authentication
.NET Passport Authentication
INTERNET INFORMATION
SERVICES 7.0
Internet Information Services 7.0

Debuted with Windows Vista


Included in Windows Server 2008
IIS 7.0 features a modular architecture




Instead of a monolithic server which features all
services
IIS 7 has a core web server engine
Modules offering specific functionality can be
added to the engine to enable its features
Advantages
 Only the features required need be enabled
 The functionalities can be extended by using
custom modules
Internet Information Services 7.0

IIS 7 ships with a handful of modules


Microsoft will make other modules available online
Following sets of modules ship with the server:
 HTTP Modules
 Security Modules
 Content Modules
 Compression Modules
 Caching Modules
 Logging and Diagnostics Modules


Integrates with the new configuration store
New management environment
Internet Information Services 7.0

Significant change from previous
versions:

All web server configuration information is
stored solely in XML configuration files


Instead of in the metabase
Server has a global configuration file


Provides defaults
Each virtual web's document root (and any
subdirectory thereof) may contain a
web.config

Containing settings that augment or override the
defaults
Internet Information Services 7.0

Changes to these files take effect
immediately


Marks a significant departure from previous
versions whereby web interfaces, or machine
administrator access, were required to change
simple settings such as default document,
active modules and security/authentication
Eliminates the need to perform metabase
synchronization between multiple servers
in a farm of web servers
Internet Information Services 7.0

Features a completely rewritten
administration interface

Takes advantage of modern MMC features
such as
Task panes
 Asynchronous operation


Configuration of ASP.NET is more fully
integrated into the administrative interface.
Resume 2/24
NGINX
nginx

NGINX Plus is the web server,
reinvented


World’s most popular open source web
server for high-traffic websites
NGINX Plus adds enterprise-ready
features




load balancing
session persistence
monitoring
advanced management
nginx

High-performance HTTP Server

Delivers web and video assets with



Web Accelerator





Provides SSL and SPDY acceleration
HTTP connection optimization
High-performance caching
HTTP compression
Application Gateway



Unparalleled speed
Maximizing performance and efficiency
PHP, Ruby, Java and other application types supported
Supports FastCGI, uWSGI and HTTP Proxy interfaces
Load Balancer and Application Delivery solution

Gives



reliability
control
consistent performance for HTTP and TCP applications.
The "spiel"

The following from

http://nginx.com/products/?_bt=66902
162345&_bk=nginx&_bm=b&gclid=CN
y26dbm5MMCFWRk7AodWwoAXw
Capability

Future-proof, IPv6-ready reverse
proxy with:



Load balancing
High availability
For:



HTTP and TCP services
Application request routing
Content acceleration and caching
Predictability

Works predictably, without spikes,
on:



Low power chipsets
Virtual machines with limited RAM
Eliminate unexpected issues with
operations

Reduce infrastructure costs
Simplicity

Flexible, logical, easily scalable
setup

Ten lines of directives enable:
Load balancing
- or  Static content delivery


Don’t waste engineering hours on
tweaking unreadable configurations
nginx


Virtualized
Built to optimize CPU and memory
resource utilization.


Extremely efficient in virtualized public
and private cloud environments
Pay less, get more
nginx

Automation



Easily automated with tools like Puppet
and Chef
Can be managed by independent
development teams
Shift engineering focus from
maintenance to innovation
Scalability and Performance

Serves




Million users or more per server
Tens of thousands of requests per
second
Best in class multi-tenancy for virtual
hosts
Easily scales for unparalleled efficiency
SUMMARY
Summary


Concentrated on HTTP servers
Apache and IIS are the main web
serving tools




Apache still king
IIS Up and down, wandering
Nginx is a rising contender
Usage tracked

Netcraft Web Server Survey