what s new in httpd 2 2
play

What's new in httpd 2.2? 2.1 Paul Querna pquerna@apache.org July - PowerPoint PPT Presentation

Apr 12, 2023 •23 likes •393 views

What's new in httpd 2.2? 2.1 Paul Querna pquerna@apache.org July 21, 2005 http://www.outoforder.cc/presentations/ 2.2? major.minor.patch Versioning Scheme: Even = Stable / General Availability 2.0.x & 2.2.x Odd =

  1. What's new in httpd 2.2? 2.1 Paul Querna pquerna@apache.org July 21, 2005 http://www.outoforder.cc/presentations/

  2. 2.2? • major.minor.patch • Versioning Scheme: • Even = Stable / General Availability • 2.0.x & 2.2.x • Odd = Development / Alpha / Beta • 2.1.x & 2.3.x

  3. Stable... • Rules: • Changes require Voting (RTC) • Cannot break forward compatibility • Module API • Binary API • Configuration Directives

  4. History • 2.0a1 released in March 2000 • 2.1-dev created in November, 2002 • 2.2.0 released on ?

  5. Current Status • 2.1.6-alpha on June 27 2005 • Plenty of Features! • Needs alpha/beta testing • Source Compat with most modules • mod_php, mod_perl2, etc

  6. • Authentication • Caching • Proxying • Smart Filtering • Event MPM • DBD Framework • Many Many Others!

  7. Authentication • Refactor of Authentication Modules • Split into methods and providers • Easy to write new providers • Before, required each back-end to write a full Basic or Digest Auth Layer • Removed Auth*Authoritative Directives

  8. mod_authn_file • Provides a back-end for both Basic and Digest Authentication • Default configuration is partially backwards compatible.

  9. <Location /use-basic> AuthType Basic AuthName “Private Area” AuthBasicProvider file AuthUserFile /example/.htpasswd Require valid-user </Location> <Location /use-digest> AuthType Digest AuthName “Private Area” AuthDigestProvider file AuthUserFile /example/.htpasswd Require valid-user </Location>

  10. <Location /use-file-and-ldap> AuthType Basic AuthName “Private Area” AuthBasicProvider file ldap AuthUserFile /example/.htpasswd AuthLDAPURL ldap://ldap.example.com/o=Example Require valid-user </Location>

  11. mod_authn_alias • Mix and match any authentication provider • Check multiple back-ends of the same type

  12. <AuthnProviderAlias ldap ldap-alias1> AuthLDAPBindDN cn=youruser,o=ctx AuthLDAPBindPassword yourpassword AuthLDAPURL ldap://ldap.host/o=ctx </AuthnProviderAlias> <AuthnProviderAlias ldap ldap-other> AuthLDAPBindDN cn=yourotheruser,o=ctx AuthLDAPBindPassword yourotherpassword AuthLDAPURL ldap://other.ldap.host/o=ctx </AuthnProviderAlias> <Location /use-aliased-ldap> AuthBasicProvider ldap-alias1 ldap-other Require valid-user </Location>

  13. Future Auth Dev.. • mod_authnz_dbd • Built on apr_dbd • MySQL, Postgres, SQLite Drivers available

  14. Caching • No longer experimental • Attempts to be HTTP RFC Compliant • Two Storage Modules: • mod_disk_cache • htcacheclean • mod_mem_cache • no advantages over disk_cache

  15. Why Cache? • Performance.... • Proxied Content • Slow back-end servers • Dynamic Content • Don’t Regenerate pages for every hit

  16. How Fast? • mod_disk_cache: • IO Limited, not CPU. • Kernel will use sendfile() • Easily saturate Gigabit Links

  17. CacheEnable disk / CacheRoot /var/cache/apache CacheDirLevels 5 CacheDirLength 3 CacheIgnoreCacheControl off CacheIgnoreHeaders None CacheIgnoreNoLastMod On CacheDefaultExpire 600 CacheMaxExpire 3600

  18. mod_proxy • Forward and Reverse Proxy • Protocols: • HTTP 0.9, 1.0, 1.1 • AJP 13 • FTP • CONNECT (SSL Proxying)

  19. Big Features • Connection Pooling • AJP • Native Protocol for talking to Tomcat • Replace mod_jk, mod_jk2, mod_webapp.. • mod_proxy_balancer • Load Balancer • Change Worker Status

  20. # Set the soft maximum (smax) to 1.. ProxyPass / http://server.example.com/ smax=1 ProxyPassReverse / http://server.example.com/

  21. ProxyPass /balancer-manager ! <Location /balancer-manager> # <insert authentication here> SetHandler balancer-manager </Location>

  22. ProxyPass /balancer-manager ! <Location /balancer-manager> # <insert authentication here> SetHandler balancer-manager </Location> ProxyPass / balancer://example/ <Proxy balancer://example/> BalancerMember http://server1/ BalancerMember http://server2/ BalancerMember http://server3/ </Proxy>

  25. mod_filter • Dynamic Configuration of Output Filters • AddOutputFilterByType? • What if you don’t know the type? • Proxies! • Chains?

  26. FilterDeclare SSI FilterProvider SSI INCLUDES \ resp=Content-Type $text/html FilterChain SSI

  27. FilterProvider unpack jpeg_unpack Content-Type $image/jpeg FilterProvider unpack gif_unpack Content-Type $image/gif FilterProvider unpack png_unpack Content-Type $image/png FilterProvider downsample downsample_filter \ Content-Type $image FilterProtocol downsample "change=yes" FilterProvider repack jpeg_pack Content-Type $image/jpeg FilterProvider repack gif_pack Content-Type $image/gif FilterProvider repack png_pack Content-Type $image/png <Location /image-filter> FilterChain unpack downsample repack </Location>

  28. Event MPM • Experimental MPM • Requires: • Linux 2.6 (EPoll) • *BSD (KQueue) • Mac OS X 10.4 (KQueue) • Solaris 10 (Event Ports)

  29. HTTP Keep Alive • Sends Multiple HTTP Requests over a single TCP Socket. • Performance Tuning Docs commanded that it is Disabled! • Designed to improve performance? • Apache HTTPD is the problem....

  30. Why? • All other MPMs: • Child waits KeepAliveTimeout seconds • No other requests served • Fill up to MaxClients

  31. The Solution! • Event MPM uses a separate thread: • Handles all listening Sockets • Handles all KeepAlive connections • Workers pass a KeepAlive Conn back • Workers free to service other requests

  32. Not Perfect. • Pipelined Requests with mod_ssl • No easy solution at this time • Maybe fixed in 2.4?

  33. mod_dbd • Database Services for other modules • Connection Pooling • Connection Sharing (cross module) • Make it easier to build applications on top of httpd.

  34. More Features • mod_ssl: TLS Upgrade inside HTTP • mod_info: Hooks, File Names, and Line Numbers • Large File Support enabled by default • libpcre Updated to 5.0 • Dump loaded modules, httpd -M • httxt2dbm: Create DBM Files for RewriteMap

  35. Future Dev • Async MPMs • Summer of Code: • Perchild Replacement • mod_ftp • mod_smtpd

  36. • TH17 Caching Tips for improving Performance • FR09 Clustering and Load Balancing using mod_proxy

  37. Questions? • Slides Online: • http://www.outoforder.cc/

Recommend

Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015

Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015

Introduction Generalities 2.4. what Brass Tacks Configuration/deployment example For Further Study Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015 TriPython Triangle Python Users Group

1.3k views • 93 slides
Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology Offjcer Total Child Health, Inc. * Slides available on the Linux Foundation / ApacheCon2015 web site and at http://people.apache.org/~schultz/ApacheCon

1.04k views • 69 slides
mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat

mod_cluster A new httpd-based load balancer Brian Stansberry JBoss, a division of Red Hat Agenda Who is Brian Stansberry? Principal Software Engineer at Red Hat Technical Lead for JBoss Application Server Clustering Part of

528 views • 18 slides
Web Application Forensics HTTPD Logfile Security Analysis Jens Mller, Ruhr University Bochum

Web Application Forensics HTTPD Logfile Security Analysis Jens Mller, Ruhr University Bochum

Web Application Forensics HTTPD Logfile Security Analysis Jens Mller, Ruhr University Bochum jens.a.mueller@rub.de Scenario You got pwned The Log File Problem Log files are huge. We are lazy. How find important stuff? Still

873 views • 28 slides
OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org)

OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org)

I n t ro d u c i n g OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org) ESDENERA NETWORKS GmbH Why do we need a web server in base? Serve the OpenBSD page. Why do we need a web server

264 views • 22 slides
Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/

Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/

Introduction Generalities Brass Tacks Configuration/deployment example For Further Study Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ trawick@emptyhammock.com April 14, 2015 ApacheCon US 2015 Introduction

700 views • 51 slides
Using FastCGI with Apache HTTP Server FastCGI with Apache httpd Comparisons between the

Using FastCGI with Apache HTTP Server FastCGI with Apache httpd Comparisons between the

Using FastCGI with Apache HTTP Server Jeff Trawick The world of FastCGI Using FastCGI with Apache HTTP Server FastCGI with Apache httpd Comparisons between the contenders Jeff Trawick Configuration Future November 3, 2010 Table of

1.34k views • 110 slides
CS 337 Web Programming HTML/CSS/HTTP/JavaScript/PHP/MySQL/ CGI/XML/JSON/HTTPD/W3C/OMG No Moar

CS 337 Web Programming HTML/CSS/HTTP/JavaScript/PHP/MySQL/ CGI/XML/JSON/HTTPD/W3C/OMG No Moar

CS 337 Web Programming HTML/CSS/HTTP/JavaScript/PHP/MySQL/ CGI/XML/JSON/HTTPD/W3C/OMG No Moar TLAs CSS Doing it with Style The Big Picture MySQL HTML JavaScript CSS HTTP PHP PHP HTML JavaScript HTTP Browser Web Server CSS MySQL

2.23k views • 199 slides
Developing Applications with APR Paul Querna pquerna@apache.org July 21, 2005

Developing Applications with APR Paul Querna pquerna@apache.org July 21, 2005

Developing Applications with APR Paul Querna pquerna@apache.org July 21, 2005 http://www.outoforder.cc/presentations/ A.P.R. Apache Portable Runtime Origin: httpd Platforms: Unix, Netware, OS/2, Windows. Your Application APR-Util

497 views • 34 slides
Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton ,

Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton ,

Nemesis: Preventing Web Authentication &amp; Access Control Vulnerabilities Michael Dalton , Christos Kozyrakis Stanford University Nickolai Zeldovich Massachusetts Institute of Technology Web Application Overview User: webdb User: httpd

446 views • 22 slides
The Hidden Gem Jim Jagielski @jimjag About Me Apache Software Foundation

The Hidden Gem Jim Jagielski @jimjag About Me Apache Software Foundation

Apache httpd v2.4 Reverse Proxy The Hidden Gem Jim Jagielski @jimjag About Me Apache Software Foundation Co-founder, Director, Member and Developer Director Outercurve, MARSEC-XL, OSSI, OSI (ex) Developer Mega

863 views • 45 slides
IT350 Web and Internet Programming SlideSet #18: HTTP Authentication

IT350 Web and Internet Programming SlideSet #18: HTTP Authentication

IT350 Web and Internet Programming SlideSet #18: HTTP Authentication http://www.httpwatch.com/httpgallery/authentication/ http://httpd.apache.org/docs/2.2/howto/auth.html Outline HTTP Basic Authentication HTTP Digest Authentication 1

349 views • 8 slides
SY306 Web and Databases for Cyber Operations SlideSet #21: HTTP Authentication

SY306 Web and Databases for Cyber Operations SlideSet #21: HTTP Authentication

SY306 Web and Databases for Cyber Operations SlideSet #21: HTTP Authentication http://www.httpwatch.com/httpgallery/authentication/ http://httpd.apache.org/docs/2.2/howto/auth.html Outline HTTP Basic Authentication HTTP Digest

226 views • 8 slides
Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was

Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was

9/3/11 11:15 AM Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was named after &quot;A-patchy-server&quot;, which was the result of NCSA httpd server being patched a lot. The project was started by

537 views • 8 slides
Mass Virtual Hosting with Apache 2.0 Paul Querna chip@OutOfOrder.cc Virtual Hosts IP

Mass Virtual Hosting with Apache 2.0 Paul Querna chip@OutOfOrder.cc Virtual Hosts IP

Mass Virtual Hosting with Apache 2.0 Paul Querna chip@OutOfOrder.cc Virtual Hosts IP Address Required for HTTPS The 'Host' Header Mass Virtual Hosting? HTTPD's Default configuration doesn't deal well with thousands of

967 views • 20 slides
Syslog and Log Rotate Computer Center, CS, NCTU Log files Execution information of each

Syslog and Log Rotate Computer Center, CS, NCTU Log files Execution information of each

Syslog and Log Rotate Computer Center, CS, NCTU Log files Execution information of each services sshd log files httpd log files ftpd log files Purpose For post tracking Like insurance 2 Computer Center, CS,

231 views • 22 slides
Apache As A Malware-Scanning Proxy Jeremy Stashewsky, Sophos Plc. http://www.sophos.com/

Apache As A Malware-Scanning Proxy Jeremy Stashewsky, Sophos Plc. http://www.sophos.com/

Apache As A Malware-Scanning Proxy Jeremy Stashewsky, Sophos Plc. http://www.sophos.com/ jeremys@ca.sophos.com Overview The case: building an appliance product Apache HTTPD proxy architecture Malware scanning: challenges and

895 views • 68 slides
Art in Our Servers Jean-Frederic Clere Jean-Frederic Clere What I will cover What I will cover

Art in Our Servers Jean-Frederic Clere Jean-Frederic Clere What I will cover What I will cover

SSL/TLS and HTTP/2 State of the SSL/TLS and HTTP/2 State of the Art in Our Servers Art in Our Servers Jean-Frederic Clere Jean-Frederic Clere What I will cover What I will cover HTTP/2 HTTP/2 and ALPN Servers Apache HTTPD

394 views • 28 slides

More recommend