1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
8 <title>Overview of new features in Apache HTTP Server 2.4 - Apache HTTP Server</title>
9 <link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
10 <link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
11 <link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="./style/css/prettify.css" />
12 <script src="./style/scripts/prettify.js" type="text/javascript">
15 <link href="./images/favicon.ico" rel="shortcut icon" /></head>
16 <body id="manual-page"><div id="page-header">
17 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p>
18 <p class="apache">Apache HTTP Server Version 2.5</p>
19 <img alt="" src="./images/feather.gif" /></div>
20 <div class="up"><a href="./"><img title="<-" alt="<-" src="./images/left.gif" /></a></div>
22 <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="./">Version 2.5</a></div><div id="page-content"><div id="preamble"><h1>Overview of new features in Apache HTTP Server 2.4</h1>
24 <p><span>Available Languages: </span><a href="./en/new_features_2_4.html" title="English"> en </a> |
25 <a href="./fr/new_features_2_4.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
26 <a href="./tr/new_features_2_4.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
29 <p>This document describes some of the major changes between the
30 2.2 and 2.4 versions of the Apache HTTP Server. For new features since
31 version 2.0, see the <a href="new_features_2_2.html">2.2 new features</a>
34 <div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#core">Core Enhancements</a></li>
35 <li><img alt="" src="./images/down.gif" /> <a href="#newmods">New Modules</a></li>
36 <li><img alt="" src="./images/down.gif" /> <a href="#module">Module Enhancements</a></li>
37 <li><img alt="" src="./images/down.gif" /> <a href="#programs">Program Enhancements</a></li>
38 <li><img alt="" src="./images/down.gif" /> <a href="#documentation">Documentation</a></li>
39 <li><img alt="" src="./images/down.gif" /> <a href="#developer">Module Developer Changes</a></li>
40 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
41 <div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
43 <h2><a name="core" id="core">Core Enhancements</a></h2>
46 <dt>Loadable MPMs</dt>
47 <dd>Multiple MPMs can now be built as loadable modules at compile time.
48 The MPM of choice can be configured at run time.</dd>
51 <dd>The Event MPM is no longer experimental but is now fully supported.</dd>
53 <dt>Asynchronous support</dt>
54 <dd>Better support for asynchronous read/write for supporting MPMs and
57 <dt>Per-module and per-directory LogLevel configuration</dt>
58 <dd>The <code class="directive"><a href="./mod/core.html#loglevel">LogLevel</a></code> can now be
59 configured per module and per directory. New levels <code>trace1</code>
60 to <code>trace8</code> have been added above the <code>debug</code> log
63 <dt>Per-request configuration sections</dt>
64 <dd><code class="directive"><a href="./mod/core.html#if"><If></a></code>,
65 <code class="directive"><a href="./mod/core.html#elseif"><ElseIf></a></code>,
66 and <code class="directive"><a href="./mod/core.html#else"><Else></a></code>
67 sections can be used to set the configuration based on per-request
70 <dt>General-purpose expression parser</dt>
71 <dd>A new expression parser allows to specify
72 <a href="expr.html">complex conditions</a> using a common syntax
74 <code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code>,
75 <code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code>,
76 <code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code>,
77 <code class="directive"><a href="./mod/core.html#if"><If></a></code>,
81 <dt>KeepAliveTimeout in milliseconds</dt>
82 <dd>It is now possible to specify <code class="directive"><a href="./mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code> in milliseconds.
85 <dt>NameVirtualHost directive</dt>
86 <dd>No longer needed and is now deprecated.</dd>
88 <dt>Override Configuration</dt>
89 <dd>The new <code class="directive"><a href="./mod/core.html#allowoverridelist">AllowOverrideList</a></code>
90 directive allows more fine grained control which directives are
91 allowed in <code>.htaccess</code> files. </dd>
93 <dt>Config file variables</dt>
94 <dd>It is now possible to <code class="directive"><a href="./mod/core.html#define">Define</a></code>
95 variables in the configuration, allowing a clearer representation
96 if the same value is used at many places in the configuration.
99 <dt>Reduced memory usage</dt>
100 <dd>Despite many new features, 2.4.x tends to use less memory than
104 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
105 <div class="section">
106 <h2><a name="newmods" id="newmods">New Modules</a></h2>
109 <dt><code class="module"><a href="./mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code></dt>
110 <dd>FastCGI Protocol backend for <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code></dd>
112 <dt><code class="module"><a href="./mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code></dt>
113 <dd>SCGI Protocol backend for <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code></dd>
115 <dt><code class="module"><a href="./mod/mod_proxy_express.html">mod_proxy_express</a></code></dt>
116 <dd>Provides dynamically configured mass reverse proxies for
117 <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code></dd>
119 <dt><code class="module"><a href="./mod/mod_remoteip.html">mod_remoteip</a></code></dt>
120 <dd>Replaces the apparent client remote IP address and hostname for the request
121 with the IP address list presented by a proxies or a load balancer via
122 the request headers.</dd>
124 <dt><code class="module"><a href="./mod/mod_heartmonitor.html">mod_heartmonitor</a></code>,
125 <code class="module"><a href="./mod/mod_lbmethod_heartbeat.html">mod_lbmethod_heartbeat</a></code></dt>
126 <dd>Allow <code class="module"><a href="./mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code> to base loadbalancing decisions
127 on the number of active connections on the backend servers.</dd>
129 <dt><code class="module"><a href="./mod/mod_proxy_html.html">mod_proxy_html</a></code></dt>
130 <dd>Formerly a third-party module, this supports fixing of HTML
131 links in a reverse proxy situation, where the backend generates
132 URLs that are not valid for the proxy's clients.</dd>
134 <dt><code class="module"><a href="./mod/mod_sed.html">mod_sed</a></code></dt>
135 <dd>An advanced replacement of <code class="module"><a href="./mod/mod_substitute.html">mod_substitute</a></code>, allows
136 to edit the response body with the full power of sed.</dd>
138 <dt><code class="module"><a href="./mod/mod_auth_form.html">mod_auth_form</a></code></dt>
139 <dd>Allows to do form-based authentication.</dd>
141 <dt><code class="module"><a href="./mod/mod_session.html">mod_session</a></code></dt>
142 <dd>Allows to keep session state for clients, using cookie or
143 database storage.</dd>
145 <dt><code class="module"><a href="./mod/mod_allowmethods.html">mod_allowmethods</a></code></dt>
146 <dd>New module to restrict certain HTTP methods without interfering with
147 authentication or authorization.</dd>
149 <dt><code class="module"><a href="./mod/mod_lua.html">mod_lua</a></code></dt>
150 <dd>Embeds the <a href="http://www.lua.org/">Lua</a> language into httpd,
151 for configuration and small business logic functions. (Experimental)</dd>
153 <dt><code class="module"><a href="./mod/mod_log_debug.html">mod_log_debug</a></code></dt>
154 <dd>Allows to add customizable debug logging at different phases of the
155 request processing.</dd>
157 <dt><code class="module"><a href="./mod/mod_buffer.html">mod_buffer</a></code></dt>
158 <dd>Provides for buffering the input and output filter stacks</dd>
160 <dt><code class="module"><a href="./mod/mod_data.html">mod_data</a></code></dt>
161 <dd>Convert response body into an RFC2397 data URL</dd>
163 <dt><code class="module"><a href="./mod/mod_ratelimit.html">mod_ratelimit</a></code></dt>
164 <dd>Provides Bandwidth Rate Limiting for Clients</dd>
166 <dt><code class="module"><a href="./mod/mod_request.html">mod_request</a></code></dt>
167 <dd>Provides Filters to handle and make available HTTP request bodies</dd>
169 <dt><code class="module"><a href="./mod/mod_reflector.html">mod_reflector</a></code></dt>
170 <dd>Provides Reflection of a request body as a response via the output filter stack.</dd>
172 <dt><code class="module"><a href="./mod/mod_slotmem_shm.html">mod_slotmem_shm</a></code></dt>
173 <dd>Provides a Slot-based shared memory provider (ala the scoreboard).</dd>
175 <dt><code class="module"><a href="./mod/mod_xml2enc.html">mod_xml2enc</a></code></dt>
176 <dd>Formerly a third-party module, this supports internationalisation
177 in libxml2-based (markup-aware) filter modules.</dd>
180 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
181 <div class="section">
182 <h2><a name="module" id="module">Module Enhancements</a></h2>
185 <dt><code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code></dt>
187 <dd><code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code> can now be configured to use an
188 OCSP server to check the validation status of a client
189 certificate. The default responder is configurable, along with
190 the decision on whether to prefer the responder designated in
191 the client certificate itself.</dd>
193 <dd><code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code> now also supports OCSP stapling, where the
194 server pro-actively obtains an OCSP verification of its certificate and
195 transmits that to the client during the handshake. </dd>
197 <dd><code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code> can now be configured to share SSL Session
198 data between servers through memcached</dd>
200 <dd>EC keys are now supported in addition to RSA and DSA.</dd>
202 <dt><code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code></dt>
204 <dd>The <code class="directive"><a href="./mod/mod_proxy.html#proxypass">ProxyPass</a></code> directive
205 is now most optimally configured within a
206 <code class="directive"><a href="./mod/core.html#location">Location</a></code> or
207 <code class="directive"><a href="./mod/core.html#locationmatch">LocationMatch</a></code>
208 block, and offers a significant performance advantage over the traditional
209 two-parameter syntax when present in large numbers.</dd>
210 <dd>The source address used for proxy requests is now configurable.</dd>
212 <dt><code class="module"><a href="./mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></dt>
214 <dd>More runtime configuration changes for BalancerMembers via balancer-manager</dd>
216 <dd>Additional BalancerMembers can be added at runtime via balancer-manager</dd>
218 <dd>Runtime configuration of a subset of Balancer parameters</dd>
220 <dd>BalancerMembers can be set to 'Drain' so that they only respond to existing sticky
221 sessions, allowing them to be taken gracefully offline.</dd>
223 <dd>Balancer settings can be persistent after restarts.</dd>
225 <dt><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code></dt>
227 <dd>The <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> CACHE filter can be optionally inserted
228 at a given point in the filter chain to provide fine control over caching.
231 <dd><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> can now cache HEAD requests.</dd>
233 <dd>Where possible, <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> directives can now be set
234 per directory, instead of per server.</dd>
236 <dd>The base URL of cached URLs can be customised, so that a cluster of
237 caches can share the same endpoint URL prefix.</dd>
239 <dd><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> is now capable of serving stale cached
240 data when a backend is unavailable (error 5xx).</dd>
242 <dd><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> can now insert HIT/MISS/REVALIDATE into
243 an X-Cache header.</dd>
245 <dt><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></dt>
246 <dd>Support for the 'onerror' attribute within an 'include' element,
247 allowing an error document to be served on error instead of the default
250 <dt><code class="module"><a href="./mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>,
251 <code class="module"><a href="./mod/mod_isapi.html">mod_isapi</a></code>, ...</dt>
252 <dd>Translation of headers to environment variables is more strict than
253 before to mitigate some possible cross-site-scripting attacks via header
254 injection. Headers containing invalid characters (including underscores)
255 are now silently dropped. <a href="env.html">Environment Variables
256 in Apache</a> has some pointers on how to work around broken legacy
257 clients which require such headers. (This affects all modules which
258 use these environment variables.)</dd>
260 <dt><code class="module"><a href="./mod/mod_authz_core.html">mod_authz_core</a></code> Authorization Logic Containers</dt>
262 <dd>Advanced authorization logic may now be specified using the
263 <code class="directive"><a href="./mod/mod_authz_core.html#require">Require</a></code> directive
264 and the related container directives, such as
265 <code class="directive"><a href="./mod/mod_authz_core.html#requireall"><RequireAll></a></code>.</dd>
267 <dt><code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code></dt>
268 <dd><code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code> adds the <code>[QSD]</code>
269 (Query String Discard) and <code>[END]</code> flags for
270 <code class="directive"><a href="./mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> to
271 simplify common rewriting scenarios.</dd>
272 <dd>Adds the possibility to use complex boolean expressions in <code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code>.</dd>
273 <dd>Allows to use SQL queries as <code class="directive"><a href="./mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> functions.</dd>
275 <dt><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code>, <code class="module"><a href="./mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></dt>
276 <dd><code class="module"><a href="./mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> adds support for nested groups.</dd>
277 <dd><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code> adds
278 <code class="directive"><a href="./mod/mod_ldap.html#ldapconnectionpoolttl">LDAPConnectionPoolTTL</a></code>,
279 <code class="directive"><a href="./mod/mod_ldap.html#ldaptimeout">LDAPTimeout</a></code>, and
280 other improvements in the handling of timeouts.
281 This is especially useful for setups where a
282 stateful firewall drops idle connections to the LDAP server.</dd>
283 <dd><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code> adds
284 <code class="directive"><a href="./mod/mod_ldap.html#ldaplibrarydebug">LDAPLibraryDebug</a></code> to log
285 debug information provided by the used LDAP toolkit.</dd>
287 <dt><code class="module"><a href="./mod/mod_info.html">mod_info</a></code></dt>
288 <dd><code class="module"><a href="./mod/mod_info.html">mod_info</a></code> can now dump the pre-parsed configuration
289 to stdout during server startup.</dd>
293 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
294 <div class="section">
295 <h2><a name="programs" id="programs">Program Enhancements</a></h2>
299 <dd>New FastCGI deamon starter utility</dd>
301 <dt>htcacheclean</dt>
302 <dd>Current cached URLs can now be listed, with optional metadata
304 <dd>Allow explicit deletion of individual cached URLs from the
306 <dd>File sizes can now be rounded up to the given block size, making
307 the size limits map more closely to the real size on disk.</dd>
308 <dd>Cache size can now be limited by the number of inodes, instead
309 of or in addition to being limited by the size of the files on
313 <dd>May now create a link to the current log file.</dd>
314 <dd>May now invoke a custom post-rotate script.</dd>
316 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
317 <div class="section">
318 <h2><a name="documentation" id="documentation">Documentation</a></h2>
322 <dd>The <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code> documentation has been
323 rearranged and almost completely rewritten, with a focus on
324 examples and common usage, as well as on showing you when other
325 solutions are more appropriate. The <a href="rewrite/">Rewrite
326 Guide</a> is now a top-level section with much more detail and
327 better organization.</dd>
330 <dd>The <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code> documentation has been greatly
331 enhanced, with more examples at the getting started level, in
332 addition to the previous focus on technical details.</dd>
334 <dt>Caching Guide</dt>
335 <dd>The <a href="caching.html">Caching Guide</a> has been rewritten
336 to properly distinguish between the RFC2616 HTTP/1.1 caching
337 features provided by <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code>, and the generic
338 key/value caching provided by the <a href="socache.html">socache</a>
339 interface, as well as to cover specialised caching provided by
340 mechanisms such as <code class="module"><a href="./mod/mod_file_cache.html">mod_file_cache</a></code>.</dd>
343 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
344 <div class="section">
345 <h2><a name="developer" id="developer">Module Developer Changes</a></h2>
348 <dt>Check Configuration Hook Added</dt>
350 <dd>A new hook, <code>check_config</code>, has been added which runs
351 between the <code>pre_config</code> and <code>open_logs</code>
352 hooks. It also runs before the <code>test_config</code> hook
353 when the <code>-t</code> option is passed to
354 <code class="program"><a href="./programs/httpd.html">httpd</a></code>. The <code>check_config</code> hook
355 allows modules to review interdependent configuration directive
356 values and adjust them while messages can still be logged to the
357 console. The user can thus be alerted to misconfiguration problems
358 before the core <code>open_logs</code> hook function redirects
359 console output to the error log.</dd>
361 <dt>Expression Parser Added</dt>
363 <dd>We now have a general-purpose expression parser, whose API is
364 exposed in <var>ap_expr.h</var>. This is adapted from the
365 expression parser previously implemented in
366 <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>.</dd>
368 <dt>Authorization Logic Containers</dt>
370 <dd>Authorization modules now register as a provider, via
371 ap_register_auth_provider(), to support advanced authorization logic,
372 such as <code class="directive"><a href="./mod/mod_authz_core.html#requireall"><RequireAll></a></code>.</dd>
374 <dt>Small-Object Caching Interface</dt>
376 <dd>The <var>ap_socache.h</var> header exposes a provider-based
377 interface for caching small data objects, based on the previous
378 implementation of the <code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code> session cache.
379 Providers using a shared-memory cyclic buffer, disk-based dbm
380 files, and a memcache distributed cache are currently
383 <dt>Cache Status Hook Added</dt>
385 <dd>The <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> module now includes a new
386 <code>cache_status</code> hook, which is called when the caching
387 decision becomes known. A default implementation is provided
388 which adds an optional <code>X-Cache</code> and
389 <code>X-Cache-Detail</code> header to the response.</dd>
392 <p>The developer documentation contains a
393 <a href="developer/new_api_2_4.html">detailed list of API changes</a>.</p>
395 <div class="bottomlang">
396 <p><span>Available Languages: </span><a href="./en/new_features_2_4.html" title="English"> en </a> |
397 <a href="./fr/new_features_2_4.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
398 <a href="./tr/new_features_2_4.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
399 </div><div class="top"><a href="#page-header"><img src="./images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>This section is experimental!</strong><br />Comments placed here should not be expected
400 to last beyond the testing phase of this system, nor do we in any way guarantee that we'll read them.</div>
401 <script type="text/javascript"><!--//--><![CDATA[//><!--
403 var disqus_shortname = 'httpd';
404 var disqus_identifier = window.location.href.replace(/(current|trunk)/, "2.4").replace(/\/[a-z]{2}\//, "/").replace(window.location.protocol, "http:") + '.' + lang;
405 if (disqus_identifier.indexOf("httpd.apache.org") == -1) {
406 document.write('<div id="disqus_thread">\n</div>');
408 var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
409 dsq.src = window.location.protocol + '//' + disqus_shortname + '.disqus.com/embed.js';
410 (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
413 document.write("Comments have been disabled for offline viewing.");
415 //--><!]]></script></div><div id="footer">
416 <p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
417 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
418 if (typeof(prettyPrint) !== undefined) {