Date: Mon, 12 Apr 2004 15:39:44 -0400 From: Chuck Swiger <cswiger@mac.com> To: questions@freebsd.org Subject: Re: apache13-modssl Message-ID: <407AF080.5070109@mac.com> In-Reply-To: <20040412102829.GB7692@happy-idiot-talk.infracaninophile.co.uk> References: <20040412095020.M76613@maa-net.net> <20040412102829.GB7692@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Seaman wrote: [ ... ] > Your friend is being unnecessarily alarmist. apache2 is not > significantly different to apache13 in security terms. There have been 16 CVE entries list for Apache 2, and 8 for Apache 1.x: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+2 http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apache+1 ...so, if anything, one could argue that Apache 1 is a better bet in terms of security (not surprising, 1.x is more widely used and better tested). > However, it is > (I think) still a bit bigger and slower than apache13, plus support > for all of the vast panoply of add-on modules etc. is yet to appear. > > However, apache2 works very well, and has some extra functionality > (like improved IPv6 support and better threading) which may make it > the preferrred choice at some sites. I don't have rigorous benchmarks to prove this opinion :-), but observation suggests that platforms which have very good thread support (ie, Solaris and MacOS X) tend to run Apache 2 better than platforms which have OK thread support (Windows, FreeBSD, Linux). The same observation tends to apply to Java as well, and if one is generating dynamic web content using a JVM, the condition of thread support on the local platform matters even more. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?407AF080.5070109>