apache13-modssl
Chuck Swiger
cswiger at mac.com
Mon Apr 12 12:40:22 PDT 2004
Matthew Seaman wrote:
[ ... ]
> Your friend is being unnecessarily alarmist. apache2 is not
> significantly different to apache13 in security terms.
There have been 16 CVE entries list for Apache 2, and 8 for Apache 1.x:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+2
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+1
...so, if anything, one could argue that Apache 1 is a better bet in terms of
security (not surprising, 1.x is more widely used and better tested).
> However, it is
> (I think) still a bit bigger and slower than apache13, plus support
> for all of the vast panoply of add-on modules etc. is yet to appear.
>
> However, apache2 works very well, and has some extra functionality
> (like improved IPv6 support and better threading) which may make it
> the preferrred choice at some sites.
I don't have rigorous benchmarks to prove this opinion :-), but observation
suggests that platforms which have very good thread support (ie, Solaris and
MacOS X) tend to run Apache 2 better than platforms which have OK thread
support (Windows, FreeBSD, Linux).
The same observation tends to apply to Java as well, and if one is generating
dynamic web content using a JVM, the condition of thread support on the local
platform matters even more.
--
-Chuck
More information about the freebsd-questions
mailing list