Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
Share on:

What’s new in Apache HTTP Server 2.4?

apache http
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

New features in Apache HTTP Server 2.4.x

Apache 2.4.1 was released in Feb 2012 with much great enhancement and new features. The latest version as I write is 2.4.10 released in July 2014. 

In this article, I will talk about some of the significant enhancement, new features included in Apache 2.4 version.


KeepAliveTimeout: It’s possible to specify KeepAliveTimeout in milliseconds with this version. To do so, just add KeepAliveTimeout directive in httpd.conf file.


KeepAliveTimeout 5
#Obviously you have to change this value from 5 to something you wish.

Memory Usage: Apache 2.4 claims to use less memory than 2.2.x

Event MPM: Event MPM (Multi-Processing Module) is now fully supported. In an earlier version, it was experimental.

mod_ssl: support OCSP stapling, can share SSL session data between servers through Memcached.

mod_proxy: Location and LocationMatch block in ProxyPass directive offer the significant performance advantage.

New Modules

mod_heartmonitor, mod_lbmethod_heartbeat: This allows mod_proxy_balancer to check the number of active connections on the backend server and perform load balancing.

mod_auth_form: This will enable you to use HTML login form to restrict access. This module has a dependency on mod_session, and these make use of HTTP cookies.

mod_allowmethods: Now you can restrict HTTP methods in your Apache instance with the simple configuration.

<Location /> 
AllowMethods GET HEAD

mod_ratelimit: if you are running a web server on low bandwidth or just want to limit the bandwidth, this module is for you. This can restrict client bandwidth to your configured location in httpd.conf file.

Ex: –

<Location /downloads> 
SetOutputFilter RATE_LIMIT 
SetEnv rate-limit 400

Note – rate-limit is in KiB/s

mod_data: This module converts response body into an RFC2397 data URL. Data URL is useful when you want to reduce the number of connections while loading page/application. This can also be included in PHP languages.

I believe above are significant changes in Apache 2.4. You may also refer the official Apache 2.4 page for complete details.

Thanks to our Sponsors
More great readings on Apache HTTP
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Semrush is an all-in-one digital marketing solution with more than 50 tools in SEO, social media, and content marketing.
    Try Semrush
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder