Functionality Differences Between Apache 1.3 and 2.0
During the planning of my proxypot, a crucial decision came up about the version of Apache which was going to be used. There are major fundamental differences between Apache 1.3 and 2.0.
Apache 1.3 has the majority of current market share due to its greater length of existence. The 2.0 version is gaining in popularity. There are many advancements in Apache 2.0 that not only improve Apache performance, but also has flexibility for security enhancements. The table below illustrates the main differences between Apache 1.3 and Apache 2.0
| Feature | Apache 1.3 | Apache 2.0 | |||
| IPv6 Capability | Unofficial Patches | Fully Supported | |||
| Multi-Processing Mudules/Threading | Less-scalable Multi-process model | Enhanced to support several models for better scalability | |||
| Build Configuration | APACI | GNU Autoconf | |||
| Server Configuration directives | Redundant directives | Streamlined to remove confusing | |||
| Platform Support (APR) | Limited and problematic | Expanded with Apache Portable Runtime | |||
| Multi-Protocol Support | None | Can create protocol modules | |||
| HTTP Proxy Support | HTTP 1.0 | HTTP 1.1 | |||
| Input/Output Filtering | None | Fully Supported | |||
| SSL Support OpenSSL's support | Unofficially supported | Supported through mod_sll, which uses OpenSSL's support | |||
There are a handful of features Apache 2.0 version that enable you to accomplish important security tasks. The most notable are the advanced proxy capability, improved header manipulation with mod_headers, and finally input/output filtering. There is also a really cool feature of the Mod_Security module called Output filtering that is only available if you are using Apache 2.0. So perhaps Apache 2.0 will be deployed for the proxypot !
