The design of Apache is robust, secure, and stable.



About Apache Server

“ httpd “ is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes or threads to handle requests.
Apache is the most widely used HTTP-server in the world today. It surpasses all free and commercial competitors on the market, and provides a myriad of features; more than the nearest opponent could give you on a UNIX variant. It is also the most used web server for a Linux system. A web server like Apache, in its simplest function, is software that displays and serves HTML pages hosted on a server to a client browser that understands the HTML code. Mixed with third party modules and programs, it can become powerful software, which will provide strong and useful services to a client browser. In its base install, Apache is no more difficult to install then the other software we have installed on our Linux server. The procedures can become tricky when we want to add some third party modules or programs.
There are a lot of possibilities, variants and options for installing Apache. So, in the following, we provide some step-by-step examples where you can see how to build Apache with other third party modules and programs like mod_ssl, mod_perl, PHP4, LDAP connectivity, etc. Of course, the building of these programs is optional, and you are free to compile only what you want (i.e.,you may want to compile Apache with support for PHP4, but without SSL or PostgreSQL database connectivity).
 . Over here , we explain and cover some of the basic ways in which you can adjust the configuration to improve the server's performance. Also, for the interested users, we’ll provide a procedure to be able to run Apache as a non root-user and in a chrooted environment for optimal

Apache 2.0
Version 2.0 of the Apache server was a substantial re-write of much of the code, with a strong focus on further modularisation and the development of a portability layer; the APR. The Apache 2.x core has several major enhancements over Apache 1.x. These include UNIX threading, better support for non-Unix platforms (such as Windows), a new Apache API, and IPv6 support. The first alpha release of Apache 2 was in March 2000 with the first general availability release in May 2002
Version 2.0 introduced a new auth API that allows for more flexibility. It also features improved cache modules and proxy modules.
The choice of modules is one of the most important steps of securing Apache. We should go by the rule: the less the better. To fulfill the functionality and security assumptions, the following modules must remain enabled:


Module's name

Description

httpd_core

The core Apache features, required in every Apache installation.

Mod_access

Provides access control based on client hostname, IP address, or other characteristics of the client request. Because this module is needed to use "order", "allow" and "deny" directives, it should remain enabled.

Mod_auth

Required in order to implement user authentication using text files (HTTP Basic Authentication), which was specified in functionality assumptions.

Mod_dir

Required to search and serve directory index files: "index.html", "default.htm", etc.

Mod_log_config

Required to implement logging of the requests made to the server.

Mod_mime

Required to set the character set, content- encoding, handler, content-language, and MIME types of documents.

All other Apache's modules must be disabled. We can safely turn them off, mainly because we do not need them. By disabling unneeded modules, we can avoid potential break-ins when new security vulnerabilities are found in one of them.

The Total Documetation is in this link...CLICK HERE