Mention mod_heartmonitor/mod_lbmethod_heartbeat, mod_sed, mod_auth_form,

[apache] / docs / manual / new_features_2_4.xml

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
<!-- $LastChangedRevision$ -->

<!--
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
 this work for additional information regarding copyright ownership.
 The ASF licenses this file to You under the Apache License, Version 2.0
 (the "License"); you may not use this file except in compliance with
 the License.  You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
-->

<manualpage metafile="new_features_2_4.xml.meta">

<title>Overview of new features in Apache HTTP Server 2.4</title>

<summary>
  <p>This document describes some of the major changes between the
     2.2 and 2.4 versions of the Apache HTTP Server. For new features since
     version 2.0, see the <a href="new_features_2_2.html">2.2 new features</a>
     document.</p>
</summary>

  <section id="core">
    <title>Core Enhancements</title>
    <dl>
      <dt>KeepAliveTimeout in milliseconds</dt>
      <dd>It is now possible to specify <directive module="core"
      >KeepAliveTimeout</directive> in milliseconds.
      </dd>

      <dt>Loadable MPMs</dt>
      <dd>Multiple MPMs can now be built as loadable modules at compile time.
      The MPM of choice can be configured at run time.</dd>

      <dt>Per-module and per-directory LogLevel configuration</dt>
      <dd>The <directive module="core">LogLevel</directive> can now be
      configured per module and per directory.  New levels <code>trace1</code>
      to <code>trace8</code> have been added above the <code>debug</code> log
      level.</dd>

      <dt>Event MPM</dt>
      <dd>The Event MPM is no longer experimental but is now fully supported.</dd>

      <dt>Asynchronous support</dt>
      <dd>Better support for asynchronous read/write for supporting MPMs and
      platforms.</dd>

      <dt>Per-request configuration sections</dt>
      <dd>&lt;<directive module="core">If</directive>&gt; sections can be used to
      set the configuration based on per-request criteria</dd>

      <dt>General-purpose expression parser</dt>
      <dd>A new expression parser allows to specify
          <a href="expr.html">complex conditions</a> using a common syntax
          in directives like
          <directive module="mod_setenvif">SetEnvIfExpr</directive>,
          <directive module="mod_rewrite">RewriteCond</directive>,
          <directive module="mod_headers">Header</directive>,
          <directive module="mod_headers" type="section">If</directive>,
          and others.
      </dd>

      <dt>Reduced memory usage</dt>
      <dd>Despite many new features, 2.4.x tends to use less memory than
      2.2.x.</dd>

      <dt>NameVirtualHost directive</dt>
      <dd>No longer needed and is now deprecated.</dd>

    </dl>
  </section>

  <section id="newmods">
    <title>New Modules</title>
    <dl>
      <dt><module>mod_allowmethods</module></dt>
      <dd>New module to restrict certain HTTP methods without interfering with
      authentication or authorization.</dd>

      <dt><module>mod_buffer</module></dt>
      <dd>Provides for buffering the input and output filter stacks</dd>

      <dt><module>mod_data</module></dt>
      <dd>Convert response body into an RFC2397 data URL</dd>

      <dt><module>mod_lua</module></dt>
      <dd>Embeds the <a href="http://www.lua.org/">Lua</a> language into httpd,
      for configuration and small business logic functions. (Experimental)</dd>

      <dt><module>mod_proxy_express</module></dt>
      <dd>Provides dynamically configured mass reverse proxies for <module>mod_proxy</module></dd>

      <dt><module>mod_proxy_fcgi</module></dt>
      <dd>FastCGI Protocol backend for <module>mod_proxy</module></dd>

      <dt><module>mod_proxy_scgi</module></dt>
      <dd>SCGI Protocol backend for <module>mod_proxy</module></dd>

      <dt><module>mod_ratelimit</module></dt>
      <dd>Provides Bandwidth Rate Limiting for Clients</dd>

      <dt><module>mod_reflector</module></dt>
      <dd>Provides Reflection of a request body as a response via the output filter stack.</dd>

      <dt><module>mod_remoteip</module></dt>
      <dd>Replaces the apparent client remote IP address and hostname for the request
      with the IP address list presented by a proxies or a load balancer via
      the request headers.</dd>

      <dt><module>mod_request</module></dt>
      <dd>Provides Filters to handle and make available HTTP request bodies</dd>

      <dt><module>mod_slotmem_shm</module></dt>
      <dd>Provides a Slot-based shared memory provider (ala the scoreboard).</dd>

      <dt><module>mod_log_debug</module></dt>
      <dd>Allows to add customizable debug logging at different phases of the
      request processing.</dd>

      <dt><module>mod_xml2enc</module></dt>
      <dd>Formerly a third-party module, this supports internationalisation
      in libxml2-based (markup-aware) filter modules.</dd>

      <dt><module>mod_proxy_html</module></dt>
      <dd>Formerly a third-party module, this supports fixing of HTML
      links in a reverse proxy situation, where the backend generates
      URLs that are not valid for the proxy's clients.</dd>

      <dt><module>mod_heartmonitor</module>,
          <module>mod_lbmethod_heartbeat</module></dt>
      <dd>Allow <module>mod_proxy_balancer</module> to base loadbalancing decisions
      on the number of active connections on the backend servers.</dd>

      <dt><module>mod_sed</module></dt>
      <dd>An advanced replacement of <module>mod_substitute</module>, allows
      to edit the response body with the full power of sed.</dd>

      <dt><module>mod_auth_form</module></dt>
      <dd>Allows to do form-based authentication.</dd>

      <dt><module>mod_session</module></dt>
      <dd>Allows to keep session state for clients, using cookie or
      database storage.</dd>

    </dl>
  </section>

  <section id="module">
    <title>Module Enhancements</title>
    <dl>
      <dt><module>mod_ssl</module></dt>

      <dd><module>mod_ssl</module> can now be configured to use an
      OCSP server to check the validation status of a client
      certificate.  The default responder is configurable, along with
      the decision on whether to prefer the responder designated in
      the client certificate itself.</dd>

      <dd><module>mod_ssl</module> now also supports OCSP stapling, where the
      server pro-actively obtains an OCSP verification of its certificate and
      transmits that to the client during the handshake. </dd>

      <dd><module>mod_ssl</module> can now be configured to share SSL Session
      data between servers through memcached</dd>

      <dt><module>mod_proxy</module></dt>

      <dd>The <directive module="mod_proxy">ProxyPass</directive> directive
      is now most optimally configured within a
      <directive module="core">Location</directive> or
      <directive module="core">LocationMatch</directive>
      block, and offers a significant performance advantage over the traditional
      two-parameter syntax when present in large numbers.</dd>

      <dt><module>mod_proxy_balancer</module></dt>

      <dd>More runtime configuration changes for BalancerMembers via balancer-manager</dd>

      <dd>Additional BalancerMembers can be added at runtime via balancer-manager</dd>

      <dd>Runtime configuration of a subset of Balancer parameters</dd>

      <dd>BalancerMembers can be set to 'Drain' so that they only respond to existing sticky
      sessions, allowing them to be taken gracefully offline.</dd>

      <dd>Balancer settings can be persistent after restarts.</dd>

      <dt><module>mod_cache</module></dt>

      <dd><module>mod_cache</module> can now cache HEAD requests.</dd>

      <dd>Where possible, <module>mod_cache</module> directives can now be set
      per directory, instead of per server.</dd>

      <dd>The base URL of cached URLs can be customised, so that a cluster of
      caches can share the same endpoint URL prefix.</dd>

      <dd><module>mod_cache</module> is now capable of serving stale cached
      data when a backend is unavailable (error 5xx).</dd>

      <dd><module>mod_cache</module> can now insert HIT/MISS/REVALIDATE into
      an X-Cache header.</dd>

      <dt><module>mod_include</module></dt>
      <dd>Support for the 'onerror' attribute within an 'include' element,
      allowing an error document to be served on error instead of the default
      error string.</dd>

      <dt><module>mod_cgi</module>, <module>mod_include</module>,
          <module>mod_isapi</module>, ...</dt>
      <dd>Translation of headers to environment variables is more strict than
      before to mitigate some possible cross-site-scripting attacks via header
      injection. Headers containing invalid characters (including underscores)
      are now silently dropped. <a href="env.html">Environment Variables
      in Apache</a> has some pointers on how to work around broken legacy
      clients which require such headers. (This affects all modules which
      use these environment variables.)</dd>

      <dt><module>mod_authz_core</module> Authorization Logic Containers</dt>

      <dd>Advanced authorization logic may now be specified using the
          <directive module="mod_authz_core">Require</directive> directive
          and the related container directives, such as
          <directive module="mod_authz_core"
          type="section">RequireAll</directive>.</dd>

      <dt><module>mod_info</module></dt>
      <dd><module>mod_info</module> can now dump the pre-parsed configuration
          to stdout during server startup.</dd>

      <dt><module>mod_rewrite</module></dt>
      <dd><module>mod_rewrite</module> adds the <code>[QSD]</code>
          (Query String Discard) and <code>[END]</code> flags for
          <directive module="mod_rewrite">RewriteRule</directive> to
          simplify common rewriting scenarios.</dd>
      <dd>Adds the possibility to use complex boolean expressions in <directive
          module="mod_rewrite">RewriteCond</directive>.</dd>
      <dd>Allows to use SQL queries as <directive
          module="mod_rewrite">RewriteMap</directive> functions.</dd>

      <dt><module>mod_ldap</module>, <module>mod_authnz_ldap</module></dt>
      <dd><module>mod_authnz_ldap</module> adds support for nested groups.</dd>
      <dd><module>mod_ldap</module> adds
          <directive module="mod_ldap">LDAPConnectionPoolTTL</directive>,
          <directive module="mod_ldap">LDAPTimeout</directive>, and
          other improvements in the handling of timeouts.
          This is especially useful for setups where a
          stateful firewall drops idle connections to the LDAP server.</dd>
      <dd><module>mod_ldap</module> adds
          <directive module="mod_ldap">LDAPLibraryDebug</directive> to log
          debug information provided by the used LDAP toolkit.</dd>

    </dl>
  </section>

  <section id="programs">
    <title>Program Enhancements</title>
    <dl>
        <dt>fcgistarter</dt>
        <dd>FastCGI deamon starter utility</dd>
        <dt>htcacheclean</dt>
        <dd>Current cached URLs can now be listed, with optional metadata
        included.</dd>
        <dd>Allow explicit deletion of individual cached URLs from the
        cache.</dd>
        <dd>File sizes can now be rounded up to the given block size, making
        the size limits map more closely to the real size on disk.</dd>
        <dd>Cache size can now be limited by the number of inodes, instead
        of or in addition to being limited by the size of the files on
        disk.</dd>
    </dl>
  </section>

  <section id="developer">
    <title>Module Developer Changes</title>
    <dl>
      <dt>Check Configuration Hook Added</dt>

      <dd>A new hook, <code>check_config</code>, has been added which runs
          between the <code>pre_config</code> and <code>open_logs</code>
          hooks.  It also runs before the <code>test_config</code> hook
          when the <code>-t</code> option is passed to
          <program>httpd</program>.  The <code>check_config</code> hook
          allows modules to review interdependent configuration directive
          values and adjust them while messages can still be logged to the
          console.  The user can thus be alerted to misconfiguration problems
          before the core <code>open_logs</code> hook function redirects
          console output to the error log.</dd>

      <dt>Expression Parser Added</dt>

      <dd>We now have a general-purpose expression parser, whose API is
          exposed in <var>ap_expr.h</var>.  This is adapted from the
          expression parser previously implemented in
          <module>mod_ssl</module>.</dd>

      <dt>Authorization Logic Containers</dt>

      <dd>Authorization modules now register as a provider, via
      ap_register_auth_provider(), to support advanced authorization logic,
      such as <directive module="mod_authz_core" type="section"
      >RequireAll</directive>.</dd>

      <dt>Small-Object Caching Interface</dt>

      <dd>The <var>ap_socache.h</var> header exposes a provider-based
      interface for caching small data objects, based on the previous
      implementation of the <module>mod_ssl</module> session cache.
      Providers using a shared-memory cyclic buffer, disk-based dbm
      files, and a memcache distributed cache are currently
      supported.</dd>

      <dt>Cache Status Hook Added</dt>

      <dd>The <module>mod_cache</module> module now includes a new
      <code>cache_status</code> hook, which is called when the caching
      decision becomes known. A default implementation is provided
      which adds an optional <code>X-Cache</code> and
      <code>X-Cache-Detail</code> header to the response.</dd>
    </dl>

    <p>The developer documentation contains a
    <a href="developer/new_api_2_4.html">detailed list of API changes</a>.</p>
  </section>

</manualpage>