Release: 1.1.3 (Released 14th January 1997)
Bugs reported in 1.2b7:
Beta: 1.2b7 (Released 22nd February 1997)
In mod_rewrites rules, the REMOTE_IDENT variable was not
set if used inside a virtual host where rfc1413 checking is
off in the main host but turned on in the virtual host.
CGI scripts can take three extra seconds to complete if
accessed via an SSI directive.
Bugs fixed in next release:
Persistent connections are used whenever it is safe to.
Use chunked encoding for responses where possible, not just
if using persistent connections
There were no write timeouts on certain parts of sending
responses (headers, error responses, last part of chunked
response) which could lead to processes stuck in write.
The log_printf module API function cannot be using during
the create_server_config callback if virtual hosts are
Status module counts of bytes and connections served may be
The mod_auth_anon module can check email addresses, but
allowed addresses with either a dot or an @ - better
address checking is to check for both a dot and @.
Apache is currently in a 'beta release' cycle. This is where
it is made available prior to full release for testing by
anyone interested. Normally during the beta cycle no new
major features will be added. The full release of Apache 1.2
is expected in April.
The generation of the Makefile in the modules directory has
been improved so that it is easier for third-party modules to
be located in separate directories under the modules
From the next release, additional modules can be placed in a
subdirectory under the src/modules directory.
When the relevant Module line is added to the
Configuration file, Apache will make all the
required modules. The module author should supply a Makefile
with their module which by default builds the module (either
as an object file or a library).
The use of virtual hosts in Apache is closely connected with
the DNS. If the Apache cannot resolve the name of the virtual
host into a number during startup (or after a HUP signal),
Apache will die. While this provides a safe default - if
Apache starts, you know it managed to configure all the
virtual hosts - it has caused problems on some sites where
DNS resolving sometimes fails. The best solution in this case
is to fix the DNS resolver so that it works all the time.
Alternatively, Apache can be configured in such a way that it
does not need to do the name to number translation, by always
giving the IP address inside of the virtual host name. A
document explaining how Apache can be setup like this is
available on the Apache site, in DNS
This document also covers the security problem where one user
of an Apache virtual host on a site could configure their DNS
in such a way that they intercept traffic destined for other
virtual hosts on the same server. Alternatively, a malicious
customer can setup their DNS so that Apache fails to start at
all, which would deny access to all other customers' web
sites on the same physical server.
This second security problem is caused because Apache fails
to start at all if it cannot configure a virtual host. The
next beta release will continue to start the server, but
disable any virtual hosts that could not be configured during
startup. Messages about the failed virtual hosts will be
displayed on the screen to provide a warning.
The way that Apache interacts with its virtual hosts is
explained in detail in a new Apache site document, vhosts in
depth. This document also explains the order in which
virtual hosts are chosen, and the new special virtual host
name of _default_ (which used to be called
255.255.255.255 in previous 1.2 betas).
Apache has been ported to the Amiga.
Apache 1.0.5 is already available, with a late beta of
1.2 in progress. A set of pages about Apache on the Amiga
are currently under construction. Note that this work is not
being done by the core Apache developers.
Several new draft standard are now available. These are all
proposals to extend the HTTP functionality with new features
or clarify the existing HTTP/1.1 specification, RFC2068.
Use and interpretation of HTTP version numbers and
Problem with HTTP/1.1 Warning header, and proposed fix
clarify RFC2068. The former explains what HTTP version number
servers should respond with, and the latter solves some
problems with the definition of the Warning
header in HTTP/1.1.
User Agent Hint Response Header draft defines a new HTTP
header, Ua-Hint, which can be used to mark
resources as safe to re-POST and control client history
lists, amongst other things.
HTTP State Management Mechanism defines how to store
state at the client end, commonly referred to as 'cookies'.
It is intended to replace the existing definition in RFC2109.
Note that all these documents are "Internet Drafts" which
mean that they are still under revision and may not
necessarily become standards. Many other standards related to
Apache and web servers in general are available on the Apache