Overview of new features in Apache HTTP Server 2.2
This document describes some of the major changes between the 2.0 and 2.2 versions of the Apache HTTP Server. For new features since version 1.3, see the 2.0 new features document.
- The bundled authentication and authorization modules have been refactored. The new mod_authn_alias(already removed from 2.3/2.4) module can greatly simplify certain authentication configurations. See module name changes, and the developer changes for more information about how these changes affects users and module writers.
mod_cache_disk, and mod_mem_cache(already removed from 2.3/2.4) have undergone a lot of changes, and are now considered production-quality.
htcachecleanhas been introduced to clean up
- The default configuration layout has been simplified and modularised. Configuration snippets which can be used to enable commonly-used features are now bundled with Apache, and can be easily added to the main server config.
- Graceful stop
eventMPMs now allow
httpdto be shutdown gracefully via the
GracefulShutdownTimeoutdirective has been added to specify an optional timeout, after which
httpdwill terminate regardless of the status of any requests being served.
mod_proxy_balancermodule provides load balancing services for
mod_proxy. The new
mod_proxy_ajpmodule adds support for the
Apache JServ Protocol version 1.3used by Apache Tomcat .
- Regular Expression Library Updated
Version 5.0 of the
Perl Compatible Regular Expression Library (PCRE) is now included.
httpdcan be configured to use a system installation of PCRE by passing the
--with-pcreflag to configure.
- Smart Filtering
mod_filterintroduces dynamic configuration to the output filter chain. It enables filters to be conditionally inserted, based on any Request or Response header or environment variable, and dispenses with the more problematic dependencies and ordering problems in the 2.0 architecture.
- Large File Support
httpdis now built with support for files larger than 2GB on modern 32-bit Unix systems. Support for handling >2GB request bodies has also been added.
- Event MPM
eventMPM uses a separate thread to handle Keep Alive requests and accepting connections. Keep Alive requests have traditionally required httpd to dedicate a worker to handle it. This dedicated worker could not be used again until the Keep Alive timeout was reached.
- SQL Database Support
mod_dbd, together with the
apr_dbdframework, brings direct SQL support to modules that need it. Supports connection pooling in threaded MPMs.
Modules in the aaa directory have been renamed and offer better support for digest authentication. For example,
mod_authis now split into
mod_auth_dbmis now called
mod_accesshas been renamed
mod_authz_host. There is also a new mod_authn_alias(already removed from 2.3/2.4) module for simplifying certain authentication configurations.
This module is a port of the 2.0
mod_auth_ldapmodule to the 2.2
Authn/Authzframework. New features include using LDAP attribute values and complicated search filters in the
- A new module that authorizes access to files based on the owner of the file on the file system
- A new module that allows configuration blocks to be enabled based on the version number of the running server.
Added a new
?configargument which will show the configuration directives as parsed by Apache, including their file name and line number. The module also shows the order of all request hooks and additional build information, similar to
- Added a support for RFC 2817 , which allows connections to upgrade from clear text to TLS encryption.
mod_imaphas been renamed to
mod_imagemapto avoid user confusion.
A new command line option
-Mhas been added that lists all modules that are loaded based on the current configuration. Unlike the
-loption, this list includes DSOs loaded via
A new program used to generate dbm files from text input, for use in
- APR 1.0 API
Apache 2.2 uses the APR 1.0 API. All deprecated functions and symbols have been removed from
APR-Util. For details, see the APR Website .
The bundled authentication and authorization modules have been renamed along the following lines:
mod_auth_*-> Modules that implement an HTTP authentication mechanism
mod_authn_*-> Modules that provide a backend authentication provider
mod_authz_*-> Modules that implement authorization (or access)
mod_authnz_*-> Module that implements both authentication & authorization
- Connection Error Logging
A new function,
ap_log_cerrorhas been added to log errors that occur with the client's connection. When logged, the message includes the client IP address.
- Test Configuration Hook Added
A new hook,
test_confighas been added to aid modules that want to execute special code only when the user passes
- Set Threaded MPM's Stacksize
A new directive,
ThreadStackSizehas been added to set the stack size on all threaded MPMs. This is required for some third-party modules on platforms with small default thread stack size.
- Protocol handling for output filters
In the past, every filter has been responsible for ensuring that it generates the correct response headers where it affects them. Filters can now delegate common protocol management to
mod_filter, using the
- Monitor hook added
- Monitor hook enables modules to run regular/scheduled jobs in the parent (root) process.
- Regular expression API changes
pcreposix.hheader is no longer available; it is replaced by the new
ap_regex.hheader. The POSIX.2
regex.himplementation exposed by the old header is now available under the
ap_regex.h. Calls to
regexecand so on can be replaced by calls to
- DBD Framework (SQL Database API)
With Apache 1.x and 2.0, modules requiring an SQL backend had to take responsibility for managing it themselves. Apart from reinventing the wheel, this can be very inefficient, for example when several modules each maintain their own connections.
Apache 2.1 and later provides the
ap_dbdAPI for managing database connections (including optimised strategies for threaded and unthreaded MPMs), while APR 1.2 and later provides the
apr_dbdAPI for interacting with the database.
New modules SHOULD now use these APIs for all SQL database operations. Existing applications SHOULD be upgraded to use it where feasible, either transparently or as a recommended option to their users.