Apache Week
   
   Issue 149, 12th February 1999:  

Copyright 1996-2005
Red Hat, Inc.

In this issue


Apache Status

Apache Site: www.apache.org
Release: 1.3.4 (Released 11th January 1999) (local download sites)
Beta: None

Apache 1.3.4 is the current stable release. Users of Apache 1.3.3 and earlier should look at upgrading to this version. Read Guide to 1.3.4 for information about changes between 1.3.3 and 1.3.4 and between 1.2 and 1.3.4.

These bugs have been found in 1.3.4 and will be fixed in the next release.

Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

  • apachectl gives an error if the PID file does not exist.

Patches for bugs in Apache 1.3.4 will be made available in the apply_to_1.3.4 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

Limiting unknown methods

There are various ways of limiting access to resources on a server: for example, access can be restricted to users who enter a valid username and password, or to clients from particular IP addresses or hostnames. Normally these restrictions apply to all request methods: GET, POST, etc. However sometimes it is necessary to apply the restriction to particular methods only, which is done by putting the restriction into a <Limit>...</Limit> section. For example, the following directives limit the GET method only:

  <Limit GET>
  order deny,allow
  deny from all
  allow from 192.168
  </Limit>

The contents of this <Limit> section do not apply if the method is other than GET. Any other method (such as POST) will bypass this restriction. Note that some people incorrecly use <Limit> like this when they really want to restrict all accesses to a resource. To restrict all accesses to a resource, <Limit> should not be used.

While the current syntax allows a restriction to be applied to specific named methods, it cannot be used to apply a restriction to all methods except specific ones. From the next release of Apache this will be possible, using the new <LimitExcept> section. For example, to apply a restriction to every method except POST requests, use:

  <LimitExcept POST>
  ...
  </LimitExcept>

Better status codes from the proxy

When the proxy cannot serve a request, it currently returns a "500 internal server error" status to the client. From the next release, it will return other status codes if appropriate. For example if it cannot serve a request because the remote URL is blocked by ProxyBlock it will return a "403 Forbidden" status instead.

Lynx work-around

Current versions of Lynx send out a header saying that it does "transparent content negotiation" (TCN), but Lynx does not implement TCN. The next version of Apache will have a work-around to disable TCN if the user-agent is "Lynx".


Apache Conference survey

Planning for ApacheCon 1999 is at an early stage, and the organisers are asking for comments about where the conference should be held, what major topics should be covered, and so on. The form is availablem at http://www.apache.org/ApacheCon/.


Apache's use up again

Apache increased market share again in February 1999, and again by a larger amount than Microsoft. The Netcraft Server Survey shows that Apache is now used on 54.65% of servers, up 0.43, while Microsoft servers are used on 23.58%, up 0.09. In real numbers, Apache is used on 2,350,748 servers and Microsoft on 1,014,419.


Comments or criticisms? Please email us at editors@apacheweek.com