Apache HTTP Server Version 1.3

Upgrading to 1.3 from 1.2

In order to assist folks upgrading we are now going to maintain a document describing information critical to existing Apache users. Note that it only lists differences between recent major releases, so for example, folks using Apache 1.1 or earlier will have to figure out what changed up to Apache 1.2 before this document can be considered relevant. Old users could look at the src/CHANGES file which tracks code changes.

These are intended to be brief notes, and you should be able to find more information in either the New Features document, or in the src/CHANGES file.

Compile-Time Configuration Changes

• The source code has been reorganized, which affects anyone with custom modules or modifications. But also, the Module directive has been changed to the AddModule directive.
• The Configuration variable EXTRA_LFLAGS has been renamed EXTRA_LDFLAGS.
• The -DMAXIMUM_DNS definition has been obsoleted by changes to mod_access enforcing double-reverse DNS lookups when necessary.
• mod_dir has been split into two pieces mod_autoindex, and mod_dir.
• mod_browser has been replaced by mod_setenvif.
• IRIX systems with untrusted users who can write CGIs which execute as the same uid as httpd should consider using suexec, or adding -DUSE_FCNTL_SERIALIZED_ACCEPT to EXTRA_CFLAGS. This is slower, more information is available on the performance tuning page. There is a mild denial of service attack possible with the default config, but the default config is an order of magnitude faster.
• mod_auth_msql has been removed from the distribution.

Run-Time Configuration Changes

• The default Apache ServerRoot directory changed from the NCSA-compatible /usr/local/etc/httpd/ to /usr/local/apache/. This change covers only the default setting (and the documentation); it is of course possible to override it using the -d ServerRoot and -f httpd.conf switches when starting apache.
• Folks using HTTP/1.1-style virtual hosting will need to list the ip:port pairs that are supposed to have HTTP/1.1-style virtual hosting via the NameVirtualHost directive. Previously this support was given implicitly on the "main server address". Now it has to be explicitly listed so as to avoid many problems that users had. Please see the Apache Virtual Host documentation for further details on configuration.
• The precedence of virtual hosts has been reversed (applies mainly to vhosts using HTTP/1.1 Host: headers, and the ServerPath directive). Now the earlier vhosts in the file have precedence over the later vhosts.
• HostnameLookups defaults to Off.
• The undocumented mod_access syntax "allow user-agents" was removed. The replacement is the more general "allow from env".
• When using wildcards in pathnames (such as * and ?) they no longer match / (slash). That is, they more closely behave how a UNIX shell behaves. This affects <Directory> directives, for example.
• If no TransferLog directive is given then nothing will be logged. (Previously it would default to logs/access_log.)
• Apache now has configurable error logging levels, and the default eliminates some messages that earlier versions always generated.
• When booting, Apache will now detach itself from stdin, stdout, and stderr. stderr will not be detached until after the config files have been read so you will be able to see initial error messages. After that all errors are logged in the error_log. This makes it more convenient to start Apache via rsh, ssh, or crontabs.

Misc Changes

• ServerType inetd has been deprecated. It still exists, but bugs are unlikely to be fixed.
• httpd_monitor has been deprecated. The replacement is to use mod_status and make a request to a URL such as http://myhost/server-status?refresh=10.
• Apache now provides an effectively unbuffered connection for CGI scripts. This means that data will be sent to the client as soon as the CGI pauses or stops output; previously, Apache would buffer the output up to a fixed buffer size before sending, which could result in the user viewing an empty page until the CGI finished or output a complete buffer. It is no longer necessary to use an "nph-" CGI to get unbuffered output. Given that most CGIs are written in a language that by default does buffering (e.g. perl) this shouldn't have a detrimental effect on performance.

  "nph-" CGIs, which formerly provided a direct socket to the client without any server post-processing, were not fully compatible with HTTP/1.1 or SSL support. As such they would have had to implement the transport details, such as encryption or chunking, in order to work properly in certain situations. Now, the only difference between nph and non-nph scripts is "non-parsed headers".

• dbmmanage has been overhauled.

Apache HTTP Server Version 1.3