What’s new in Apache HTTP Server 2.4?

Netsparker Web Application Security Scanner - the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

By Chandan Kumar on September 20, 2020

Posted in

Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.

New features in Apache HTTP Server 2.4.x

Apache 2.4.1 was released in Feb 2012 with much great enhancement and new features. The latest version as I write is 2.4.10 released in July 2014.

In this article, I will talk about some of the significant enhancement, new features included in Apache 2.4 version.

Enhancement

KeepAliveTimeout: It’s possible to specify KeepAliveTimeout in milliseconds with this version. To do so, just add KeepAliveTimeout directive in httpd.conf file.

Ex:

KeepAliveTimeout 5
#Obviously you have to change this value from 5 to something you wish.

Memory Usage: Apache 2.4 claims to use less memory than 2.2.x

Event MPM: Event MPM (Multi-Processing Module) is now fully supported. In an earlier version, it was experimental.

mod_ssl: support OCSP stapling, can share SSL session data between servers through Memcached.

mod_proxy: Location and LocationMatch block in ProxyPass directive offer the significant performance advantage.

New Modules

mod_heartmonitor, mod_lbmethod_heartbeat: This allows mod_proxy_balancer to check the number of active connections on the backend server and perform load balancing.

mod_auth_form: This will enable you to use HTML login form to restrict access. This module has a dependency on mod_session, and these make use of HTTP cookies.

mod_allowmethods: Now you can restrict HTTP methods in your Apache instance with the simple configuration.

<Location /> 
AllowMethods GET HEAD
</Location>

mod_ratelimit: if you are running a web server on low bandwidth or just want to limit the bandwidth, this module is for you. This can restrict client bandwidth to your configured location in httpd.conf file.

Ex: –

<Location /downloads> 
SetOutputFilter RATE_LIMIT 
SetEnv rate-limit 400
</Location>

Note – rate-limit is in KiB/s

mod_data: This module converts response body into an RFC2397 data URL. Data URL is useful when you want to reduce the number of connections while loading page/application. This can also be included in PHP languages.

I believe above are significant changes in Apache 2.4. You may also refer the official Apache 2.4 page for complete details.