back to article Apache rules web server landscape

Apache is still top of the web server charts with just under half of the top 100 US websites running on the open source software. Researchers looked at the top 100 US websites, according to Alexa.com. By looking at the HTTP response headers they were able to identify the operating system for all but 11 of the websites. …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Up

    Seems like...

    ...20 companies have yet to see the light. The less I have to do with IIS, the happier I am.

  2. Ralph B
    Stop

    105,000 AOLservers in Poland, FFS?!?!?

    Can there be any possible legitimate reason for this? Please investigate and report back, ASAP.

  3. Rich Silver badge

    More?

    So, if half (49%) were positively identified as Apache, then I would guess that at least half of the unidentified 11 are also Apache.

    Which means Apache probably account for about 55% of the total.

    And why anyone would want to use IIS is beyond me.

  4. Geoff Mackenzie
    Joke

    IIS is being downplayed here ....

    I bet those 11 unidentified were IIS - just down at the time.

  5. Jared Earle

    US sites?

    What do we care about the US sites when they have UK and even Global lists? Is El Reg no longer a UK site?

  6. TeeCee Gold badge
    Coat

    "......... Sun's ONE Web Server had two each"

    Who was the other one? Presumably one of them is Sun.......

    <Leaves in a hail of Sun-branded merchandising tat.>

  7. Dave

    Not that accurate a survey

    As the article points out, some people change the headers for security, in fact, netcraft up www.ebuyer.com and you'll see that one of their servers is reported as:

    "Apache 2.0.59 ZX Spectrum 48k Rubber Keys"

    "Apache 2.0.59 MSX Toshiba HX-10"

    "Apache 2.0.59 CBM PET"

    There used to be others (like a Cray II), but they must have been replaced as they are all now reporting as

    "A Webserver running on A Machine"

  8. Anonymous Coward
    Boffin

    nothing wrong with IIS

    It's powerful, fast, and WorksForMe™

    Those who are bashing it probably never actually had to run hundreds of dynamic driven sites per server.

    In fact, those who are bashing it probably aren't IT professionals, and so understand that software is just to be used for the task in hand and not some kind of holy object that must be worshipped.

  9. John Sanders
    Linux

    Real servers use real headers... or so he thought.

    Perhaps the Apache guys should start a new marketing campaign that says:

    Be a man and show evil MS your headers.

  10. Matthew Glubb
    Stop

    Security...

    ...through obscurity.

    I've heard that before somewhere...

  11. Giles Jones Gold badge

    Re: nothing wrong with IIS

    If Apache was so bad then Micrsoft wouldn't be cloning it.

    Have a look at the new Apache and open source style features featured in the Server 2008 platform:

    http://port25.technet.com/archive/2008/02/27/opening-windows-server-2008.aspx

  12. John Latham
    Go

    @Matthew Glubb

    There's nothing wrong with "security through obscurity". The problem is with "security only through obscurity".

    I'm not a security expert, but surely defence in depth should include measures to hide your vulnerabilities, if it costs next to nothing.

    John

  13. Anonymous Coward
    Anonymous Coward

    The right tool for the right job

    I run both Apache and IIS, IIS for most things and apache for a web application written in python. Both web servers have their advantages and disadvantages, although I would say the half-xml, half-ini file approach of Apache's configuration files is dreadful and seems to me to indicate that two developers didn't agree.

  14. calagan

    IIS is heading in the right direction

    IIS7 is getting more and more similar to Apache: I like to be able to administer my server editing text file rather than clicking in a GUI (one could do it in IIS6, by editing the metabase, but that was risky), which is a pain to document. FastCGI support is also a huge bonus if you want PHP to perform decently.

  15. Anonymous Coward
    Go

    re: nothing wrong with IIS

    Did I say there was anything wrong with Apache? Use the right tool for the right job. If you want .net hosting, Apache is not your friend.

    If you want PHP hosting, Apache is your friend, however rapidly IIS is becoming just as friendly, and if you need asp.net *and* PHP, who you gonna call?

    I like the new development model for IIS7 - modularised features, released out of step with the main OS. The model is not exclusive to linux, and it's been picked up because it fits the requirements of the internet, which is rapid change.

  16. Anonymous Coward
    Heart

    re: IIS is heading in the right direction

    You could always configure IIS5 and 6 with command line tools if you wanted... or quickly write a tool that did the job you wanted. I've bashed out hundreds of quick scripts.

    However, it's harder to get IIS into a state where it just won't start or serve webpages than with the flat arcane configuration of apache2.

  17. Anonymous Coward
    Anonymous Coward

    Re: nothing wrong with IIS

    "In fact, those who are bashing it probably aren't IT professionals, and so understand that software is just to be used for the task in hand and not some kind of holy object that must be worshipped."

    Apart from the fact that IIS has traditionally been derided as a festering turd by anybody with half a brain, does being an "IT professional" (whatever that means) exclude you from allowing ethics to guide your decision-making?

    I chose not to shop at Tescos, drive an American 4x4 or eat at McDonalds. I also don't use software produced by Microsoft.

  18. Anonymous Coward
    Boffin

    @Ralph B: AOLservers in Poland

    It's probably www.onet.pl and their domain-parking service. It's unlikely to mean any growth, just the low base effect at work.

  19. Doug
    Alien

    justify the Microsoft product?

    "If you want PHP hosting, Apache is your friend, however rapidly IIS is becoming just as friendly, and if you need asp.net *and* PHP, who you gonna call?"

    Because using yesterdays technology in hopes the Lord Master(MS) will someday make it better is just what you want to bet your business on.

    FYI, Microsoft will most always be catching up since their policy is first to react to threats and secondly to re-react to threats. So what developers get from MS is typically attempts to catch up to what the current market leaders are doing. Is there risk going with Microsoft's late-to-the-table solutions? YES because it is often constantly changing and the goal typically is designed around developer and platform lockin.

    And why would someone attempt to justify the Microsoft product or platform? Are they being forced to use only Microsoft solutions so they must try to justify their caged existence? Very interesting indeed.

  20. Anonymous Coward
    Gates Horns

    Re: nothing wrong with IIS

    .net Who in their right mind would expose that to the Internet?

  21. David Cherry
    Joke

    IIS

    Is It Serving

    It Isn't Secure

    It Isn't Safe

    Internet Infected Server

  22. Anonymous Coward
    Anonymous Coward

    If GoDaddy didn't sell out...

    If GoDaddy and owner Bob Parsons didn't sell out rights to their domain parking system to Microsoft for millions of dollars and licensing breaks for hosting, Apache would still have the numbers (at least per netcraft). Unfortunately, management greed there succumbed to Microsoft's underhanded (but smart) tactics of waving money under their nose to migrate a web parking system that hosted millions of random domains on apache system to a (much larger and inefficient) IIS cluster. Overnight the landscape of webserver usage swung from Apache to IIS, hence giving the beast huge marketing rights to being the #1 webserver used across the Internet. Way to go Bob.

  23. Aristotles slow and dimwitted horse
    Happy

    Yaddah yaddah...

    Hi mum - look at me, I'm on the interweb!!!!

    As I know fuck all about Apache or IIS so I'm not going to comment.

  24. Martin Usher

    Its easier to make a bad IIS site

    You can tell an ASP site at a glance. It looks clunky and runs slowly.

    MSFT reminds me of a type of programmer that you probably all have met. This person is clever, too clever, and in fact is so clever that they want to do the whole project themselves because they're the only ones who know how to make things work. We all know what we usually end up -- a pile of idiosyncratic, invariably undocumented and always not quite working crap. I've taken to describing MSFT's technology as "oddball" and "non-standard" (they definitely seem to go out of their way to make it "incompatible"!).

  25. Tim Bates
    Boffin

    @AC with safety goggles warning sign like the one to my left

    Software may be a tool to complete the task at hand, but when one has to move a tonne of gravel 15km, do you choose a wheelbarrow, or a truck?

    IIS is like the wheelbarrow. It's easily operated by one person with extremely little training. Doesn't crash if it's configured incorrectly, and the controls are all obvious.

    A bit slow going though, and plenty of opportunity for someone to steal the wheelbarrow when you're resting from all the work.

    Apache is like the truck. More powerful, but if someone without some guidance tries to use it for the task, they could end up hurting things. But it's also more secure, because the doors lock.

  26. Anonymous Coward
    Anonymous Coward

    I'd like to be able

    ...To say the same about ethics.

    But I'm using an XP machine here.

    In mitigation, M'lord, please take into account that my browser is Firefox.

  27. Anonymous Coward
    Thumb Down

    Re: Re: nothing wrong with IIS

    I'm afraid that a major UK banking institution uses .net and IIS to run their online bank. From where I sit I can see the state of the web server farm and there is almost always at least one of them down...

  28. Robert Harrison
    Flame

    What would happen if

    An Apache box was configured to return IIS style headers and an IIS box was configured to return Apache style headers? Which one would get pwned first?

    Heck, do IIS admins reconfigure server headers to return Apache strings just to reduce hack attempts?

    You can always tell when you're dealing with an IIS box under load because it simply doesn't respond or returns something along the lines of 'too many users'.

This topic is closed for new posts.