Release stable version of Apache 2.4

Today, the release of the stable version of the Apache http server under the number 2.4.1. The first stable version of the 2.2 branch was released back in 2005. Despite the fact that in the new release a large number of innovations, it is backward compatible with API version 2.2.x.

For a detailed list of innovations please under the cat.


Main innovations:
')

• Multiple MPMs can be assembled as dynamically loaded modules that can be activated without reassembly;
• The Event MPM module is no longer experimental. Event MPM is based on the code of the Worker module and implements a hybrid model of connection processing that combines multi-threading with a pool of processes waiting for a connection;
• Implemented asynchronous read and write support;
• The LogLevel directive can be configured for each module and each directory separately. Over the debugging level of logging, new levels can be added from trace1 to trace8;
• Now it is possible to define via the If operator for configuration blocks;
• It is possible to specify the value of the KeepAliveTimeout parameter in milliseconds;
• The NameVirtualHost directive is deprecated;
• The AllowOverrideList directive provides more fine-tuning of .htaccess files;
• Ability to use variables in configuration files;
• Memory consumption is reduced compared to branch 2.2.

New modules:

• mod_proxy_fcgi - FastCGI protocol backend for mod_proxy;
• mod_proxy_scgi - SCGI protocol backend for mod_proxy;
• mod_proxy_express - dynamically configurable proxies for mod_proxy;
• mod_remoteip - replaces the client's IP address and host name for a request from the IP address of the list of proxies or load balancing using request headers;
• mod_heartmonitor, mod_lbmethod_heartbeat - allows mod_proxy_balancer to distribute the load based on the data on the number of active connections on the backend servers;
• mod_sed is an improved mod_substitute replacement that allows editing the response body with sed;
• mod_allowmethods - a module for restricting certain HTTP methods without interfering with authentication and authorization;
• mod_lua - implements the Lua language interpreter in HTTPD for configuration and business logic;
• mod_log_debug - allows you to add custom debug logging on various phases of request processing;
• mod_buffer - provides buffering of I / O filter stacks;
• mod_ratelimit - provides a bandwidth limit for clients;
• mod_reflector - provides a reflection of the request body through the output filter stack.

Changes in modules:

• mod_ssl - added support for checking the status of a client certificate on OCSP servers, and also added the ability to share SSL session data on several http-servers, through the use of memcached;
• mod_proxy - significantly increased the performance of the ProxyPass directive in the Location and LocationMatch blocks;
• mod_proxy_balancer - the number of BalancerMembers parameters has been expanded, which can be changed via balancer-manager, the ability to add new BalancerMembers parameters via balancer-manager has been added;
• mod_cache - can now cache HEAD requests, module directives can be installed on separate directories, and not only for the entire server (where this is possible), the module can provide old cached data if the server is unavailable (5xx error);
• mod_include - support of the OnError attribute in the include directive, which allows you to provide an error document instead of the default error string;
• ] mod_cgi, mod_include, mod_isapi, ... - more stringent check of header translations into environment variables, which reduces the likelihood of XSS attacks through the substitution of scripts in headers, now such headers will be discarded;
• mod_authz_core - using the directive Require, you can use the extended logic of authorization;
• mod_ldap, mod_authnz_ldap - added support for nested groups, improvements in timeout handling, the ability to use LDAP tools for debugging.

Extensions:

• fcgistarter is a new FastCGI daemon startup tool;
• htcacheclean - it can be used to specify cacheable URLs with optional metadata, cache size can be limited in descriptors;
• rotatelogs - can create a link to the current log file.

Tools for module developers:

• Added check_config to check the configuration at an early stage of loading. It allows you to independently analyze the parameters of certain directives and, if necessary, correct them;
• Added a general-purpose expression parser whose API is based on ap_expr.h. The parser code is based on the previously implemented parser for mod_ssl;
• An interface for caching small objects has been added, based on the session data cache previously created for mod_ssl. As a storage, you can use a cyclic buffer in shared memory, dbm-database on disk and memcached;
• To monitor the status of mod_cache added cache_status, which is called after the decision on caching. By default, it adds X-Cache headers to X-Cache-Detail when responding.

You can download the product on the official website.
List of all changes in the original