The three main topics of discussion this week on the
development lists were Roy Fielding's proposal for a new
Apache release procedure, mod_proxy, and SSL support for
The proposal for a new release procedure means that the
Apache CVS tree would be tagged by the developers every
couple of weeks, at a point when the tree has settled and is
not undergoing major changes. The code at this tag would then
be tested, and depending on the outcome of the testing,
publicly distributed as an "alpha", "beta", or "stable"
release. The main aim of the new procedure is to produce
frequent, high-quality Apache releases. Another advantages is
that development can continue whilst the release is in
testing, and the tree is not required to be "frozen" as the
current policy dictates. Ryan Bloom began implementing the
procedure this week by tagging the Apache 2.0 tree.
Despite mod_proxy having a large user-base, its development
in Apache has stagnated recently, resulting in calls this
week that it should either be removed from the Apache 2.0
tree completely, or moved into a separate repository to allow
development to proceed independently of Apache itself. The
final decision has not yet been made, although Chuck Murcko
was spurred into action and committed some patches to make
mod_proxy compile again in the current Apache 2.0 CVS tree.
At ApacheCon Europe last November, a meeting took place
between Ben Laurie (the author of Apache-SSL), Ralf
Engelschall (the author of mod_ssl), Mark Cox (Red Hat), and
Randy Terbush (Covalent). The meeting was held to decide the
fate of SSL support for Apache 2.0, aiming to avoid the
current situation of parallel module development for Apache
1.3. The discussion continued on the list this week, and
although a little technical ground was covered, the problems
remain mainly political.
This issue marks the fifth anniversary of Apache Week. Issue
one was published on 9th February 1996, although it was
only available on the Web until we started an email
subscription option with issue 6.
When issue one was published, Apache version 1.0.0 had been
out for just over a month. The current stable version was
1.0.2. The first Netcraft Server Survey we reported on, in issue 5
(March 1996) showed that Apache was almost the most
popular server: it had 27% compared to NCSA's httpd with 28%.
Apache became the most widely used server in the April 1996
survey, reported in issue 9.
By happy coincidence, this issue also celebrated the first
anniversary of the creation of Apache. In July 1996 Apache
1.1 was released (issue
By January 1997 we were delivering Apache Week to over 3000
address, plus visitors to the Apache Week web site. We
covered the long Apache 1.2 beta cycle, which had started on
1st December 1996 with 1.2b1 and continued until Apache 1.2
was released in June 1997 (issue
68). The 1.3 beta cycle started in October 1997 (issue
87) and continued until Apache 1.3.0 was released in June
118). Whilst 1.3.0 was highly stable on Unix systems, it
was much less developed on Windows.
In August 1998 the Netcraft Server Survey showed for the
first time that Apache was in use on more than half the
world's internet servers, and Ralf Engelschall released the
first version of the popular mod_ssl module. In
October the first official Apache conference, ApacheCon 98,
was held in San Fransisco and was a huge sucess drawing
nearly 500 registrations (issue
134). This was the first time most of the Apache
developers had met. Two more Apache conferences have been
held since then, with the most recent in London providing a
unique opportunity to talk to the people behind the software.
There were memorable moments too, a keynote by author Douglas
Adams, and the first time that Ralf Engelschall (mod_ssl) and
Ben Laurie (Apache-SSL) met. [photo,
Towards the end of 1998, Apache was recognised by Microsoft
as a real and credible threat to their business in their
leaked memos (issue
In July 1999 (issue
165) the Apache Software Foundation was formed with the
aim to provide a legal framework for Apache and related
open-source projects such as the Jakarta and XML projects.
Apache 1.3 remains the stable branch of the Apache software,
now at 1.3.17 (released 26th January 2001). Although the new
releases are designed mostly for bug fixes there have been a
significant number of new features added in the last year.
The Apache group have been working on Apache 2.0 for a long
time, with initial plans reported in February 1998 (issue
102). In September 1999 (issue
173) we published a Apache 2.0 preview and stated that a
beta version should be available in late 1999 or early 2000.
In February 2000 we reported a beta was likely in March 2000.
It is now likely that a public beta release will be made
available in February 2001, although it may be some time
before 2.0 is a full stable release. Previous experience has
shown it can take nearly a year after a release before a
significant proportion of sites upgrade.
Today Apache-based servers are on use on over 60% of the
world's Internet sites, including some of the more famous
sites such as Amazon.com. Apache Week is now delivered to
over 12,000 addresses, with a similar number of unique
visitors each week to the web site. We teamed up with the
O'Reilly network just over a year ago, and last summer Apache
Week became part of Red Hat when C2Net was aquired. However
the content, editorial control, and impartiality have not
been changed. The revenues we get from the extra advert
banners are being used to fund more in-depth articles, as
well as a percentage direct to the Apache Software
Apache Week will continue to bring you the latest news about
Apache and its development, as it happens. We will also
monitor how Apache is being reported in the news, and where
appropriate respond with corrections or clarifications.
In this section we highlight some of the articles on the web
that are of interest to Apache users.
Gazette provides three different options to redirect a
request to another virtual host running on the same
webserver. If you want to distinguish yourself from the boys,
the solution is to use mod_rewrite under a
Virtual Host container. It also shows you how to achieve the
same results using a Perl script or the Redirect
Chris Bush explains the basics of Tomcat configuration and
includes instructions for integrating Tomcat with Apache in
as an Application Server - The Tomcat Way". A good read
for those interested in supporting Java Servlet 2.2 and JSP
1.1 with Apache Web Server.
More on JSP as the Developer Shed kicks off a new series of
tutorials with "The JSP
Files (part 1)". It explains the history, basics of JSP
documents and assumes that your JSP development environment
is ready. In case it isn't, you can always refer to the
article we mentioned above.
In "Safer CGI
Scripting", Charles Walker and Larry Bennett cover
methods to fix various CGI scripts vulnerabilities and touch
on developing a CGI security strategy. Although the examples
are written in Perl and C, they can also be applied to the
scripting language of your choice.