Stable Apache 2.4 Release

    Today, a stable version of the Apache http server was released under 2.4.1. The first stable version of branch 2.2 was released back in 2005. Despite the fact that the new release has a large number of innovations, it is backward compatible with API version 2.2.x.

    For a detailed list of innovations, I ask under Cat.


    Main innovations:

    • Several MPMs can be assembled as dynamically loadable modules that can be activated without rebuilding;
    • Event MPM is no longer experimental. Event MPM is based on the Worker module code and implements a hybrid connection processing model combining multithreading with a pool of processes awaiting connection;
    • Implemented support for asynchronous read and write operations;
    • The LogLevel directive can be configured for each module and each directory separately. On top of the debug logging level, new levels from trace1 to trace8 can be added;
    • Now you can define through the If statement for configuration blocks;
    • It is possible to specify the value of the KeepAliveTimeout parameter in milliseconds;
    • The NameVirtualHost directive is deprecated;
    • The AllowOverrideList directive provides finer customization of .htaccess files;
    • Ability to use variables in configuration files;
    • Memory consumption compared to branch 2.2 is reduced.


    New modules:

    • mod_proxy_fcgi - FastCGI protocol backend for mod_proxy;
    • mod_proxy_scgi - SCGI protocol backend for mod_proxy;
    • mod_proxy_express - dynamically configured proxies for mod_proxy;
    • mod_remoteip - replaces the IP address and host name of the client with a request from the IP address of the list of proxies or load balancers using request headers;
    • mod_heartmonitor, mod_lbmethod_heartbeat - allows mod_proxy_balancer to distribute the load based on the data on the number of active connections on the backend servers;
    • mod_sed - an improved replacement for mod_substitute, which allows you to edit the response body with sed;
    • mod_allowmethods - module for restricting some HTTP methods without interference for authentication and authorization;
    • mod_lua - embeds the Lua interpreter in HTTPD for configuration and business logic;
    • mod_log_debug - allows you to add custom debugging logging at various phases of request processing;
    • mod_buffer - provides buffering of stacks of input-output filters;
    • mod_ratelimit - provides bandwidth limit for clients;
    • mod_reflector - provides reflection of the request body through the output filter stack.


    Changes in modules:

    • mod_ssl - support for checking the status of a client certificate on OCSP servers has been added, and the ability to share SSL session data on several http servers through memcached has been added;
    • mod_proxy - significantly increased the performance of the ProxyPass directive in the Location and LocationMatch blocks;
    • mod_proxy_balancer - the number of BalancerMembers parameters that can be changed through balancer-manager has been expanded; the ability to add new BalancerMembers parameters through balancer-manager has been added;
    • mod_cache - can now cache HEAD requests, module directives can be installed on separate directories, and not just for the entire server (where possible), the module can provide old data from the cache if the server is unavailable (5xx error);
    • mod_include - support for the OnError attribute in the include directive, which allows you to provide an error document instead of the default error line;
    • ] mod_cgi, mod_include, mod_isapi, ... - a more stringent check of translations of headers into environment variables, which reduces the likelihood of XSS attacks by substituting scripts into headers, now such headers will be discarded;
    • mod_authz_core - using the Require directive, you can use the extended authorization logic;
    • mod_ldap, mod_authnz_ldap - added support for nested groups, improvements in timeout processing, the ability to use LDAP tools for debugging.


    Extensions:

    • fcgistarter - a new tool for starting the FastCGI daemon;
    • htcacheclean - with its help cached URLs with optional metadata can be specified, the cache size can be limited in descriptors;
    • rotatelogs - can create a link to the current log file.


    Tools for module developers:

    • Added check_config to verify configuration at an early stage of loading. It allows you to independently analyze the parameters of certain directives and, if necessary, adjust them;
    • A general expression parser has been added, the API of which is based on ap_expr.h. The parser code is based on a previously implemented parser for mod_ssl;
    • Added interface for caching small objects based on the session data cache previously created for mod_ssl. As storage, you can use a circular buffer in shared memory, a dbm database on disk and memcached;
    • To monitor the status of mod_cache, cache_status has been added, which is called after deciding on caching. By default, it adds X-Cache headers to the X-Cache-Detail when responding.


    You can download the product on the official website.
    List of all changes in the original

    Also popular now: