logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> News & Hangout View previous topic :: View next topic
Reply to topic   Topic: Are there really lots of vulnerable Apache web servers?
Author
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Wed 12 Feb '14 16:47    Post subject: Are there really lots of vulnerable Apache web servers? Reply with quote

Apache has been the most common web server on the internet since April 1996, and is currently used by 38% of all websites. Most nefarious activity takes place on compromised servers, but just how many of these Apache servers are actually vulnerable?

The latest major release of the 2.4 stable branch is Apache 2.4.7, which was released in November 2013. However, very few websites claim to be using the stable branch of 2.4 releases, despite Apache encouraging users to upgrade from 2.2 and earlier versions.

Less than 1% of all Apache-powered websites feature an Apache/2.4.x server header, although amongst the top million websites, more than twice as many sites claim to be using Apache 2.4.x. Some of the busiest websites using the latest version of Apache (2.4.7) are associated with the Apache Software Foundation and run on the FreeBSD operating system, including httpd.apache.org, www.openoffice.org, wiki.apache.org, tomcat.apache.org and mail-archives.apache.org.

Read more... http://news.netcraft.com/archives/2014/02/07/are-there-really-lots-of-vulnerable-apache-web-servers.html

Doubt about the correctness of the figureres from Netcraft. Because the server header is widely set to production and does not expose the version. So Apache Lounge shows just Apache.
Back to top
jimski



Joined: 18 Jan 2014
Posts: 196
Location: USSA

PostPosted: Thu 13 Feb '14 1:26    Post subject: Reply with quote

The most stable Linux distributions such as RHEL, CentOS and Debian all come with Apache 2.2 as of now. Also most sysadmins like stable better than new. This will change when new Linux releases start including Apache 2.4 by default, then the market share of Apache2.4 will increase.

Also, on windows, web administrators who don't want to or can't compile their own modules still have a hard time to find some extensions for php x64 and modules for Apache 2.4 x64.
Back to top


Reply to topic   Topic: Are there really lots of vulnerable Apache web servers? View previous topic :: View next topic
Post new topic   Forum Index -> News & Hangout