Slashdot Mirror

I prefer the figures of Securityspace.com

89,49% and still on the rise.

Web Server Survey
December 1st, 2003

Domain .de (Germany)

Market Share Change (Total servers: 848,896 )
Apache 761,340 89.69% 739,061 89.49% +0.20%
Microsoft 62,796 7.40% 62,771 7.60% -0.20%

On the web server this may be true. In Germany it is even > 89% Apache.

But Microsoft still is strong in the Desktop market. Soon KDE 3.2 will be released and as Linux quickly matures on the desktop I don't see a reason why it will not be the default plattform in the enterprise desktop market.

Only software patents can stop Linux now, but today software patents and patent privateers harm Microsoft (eolas, SPX ecc.). But Microsoft performs well in the armsraise.

Sure, Microsoft will die away. It's only a matter of time.

> But there are many surveys out there:
> http://www.securityspace.com/s_survey/data/200310/ index.html

This link is really interesting because it has surveys by tld.

As was mentioned earlier, no survey is perfect but they all have their value if you can compare them and understand what exactly they count.

A first look at securityspace shows huge differences:

- Apache lovers will love the .de figures, where it has almost 90%.

- Italy surprised me with 46% MS

- China is a strong MS supporter it seems: 63% (33% for Apache). Does it mean that price does play a role in the choice after all? In China, I suppose nobody actually pays MS. Or does MS have much better support for Chinese localization?

- The US military also seem to like MS (65%)

etc.

I'll try to find how they get their samples.

From our point of view, the list and the focus is vital to any good Web server survey. Netcraft's list is wide, and their highlighted conclusions are not qualified by their own methdology. Netcraft highlights the Apache/IIS divide and usually their uncorrected figures because that will help them sell more Web site data -- to corporate customers.

Port80 is in the business of making tools for IIS. True. And Port80's survey does highlight an area that MS is winning in: corporate Web servers of the Fortune 1000. I would hazard to guess that MS and IIS are also winning in another area of interest: the corporate extranet and intranet market. But there are many surveys out there:

http://www.securityspace.com/s_survey/data/200310/ index.html

http://www.alexa.com/site/ds/top_500

Each one makes different assumptions and has a different slant. The perfect Web server survey has yet to be attained, and the important point I think is that we are here, having this debate. Port80 plans to expland its surveys to different lists: more international lists, lists of qualified high traffic sites, and more. We will keep putting up the data and insighting debate.

As for Port80 Software and the Microsoft connection, remember that we are old open source advocates from way back. Port80's best ideas for improving the IIS Web server evolve from what has been accomplished with Apache and the mods culture of continuous tinkering, improvement and exploration.

Happy Turkey Day,

Chris @ Port80

The original netcraft article on the "Migration" to Windows Server 2003 hints at the fact that that most of the migration is occuring on hosted systems, where the hosting providers have received very favorable terms ( read as bribes ) to switch to Windows2003. Myhosting.com continues to be the top hoster of active Windows Server 2003 sites, and now has over 98% of their active sites migrated to Windows 2003. The month before, Myhosting.com was hosting 13,504 , in comparison to last months 32,810, an increase which accounts for the 5%. Yes, one provider.

What the Microsoft spin doctors do not mention is the continuing market share loss to Apache overall

Today, a new bunch of Microsoft advocates use the opposite argument as was used in September, by NOT counting deployments on hosting providers to spin the numbers in their favor.

Meanwhile the overall drop in Microsoft's share continues.

The surveys at securityspace.com attempt to weight webserver popularity by site popularity.

Isn't it funny how a methodology that mechanically counts every server heavily favors Apache, while a selective, manual, easily manipulated survey favors Windows?

There is another source, SecuritySpace, that mechanically counts sites, and its numbers tend to agree with Netcraft.

Though they haven't done it for a while, SecuritySpace also used to show server stats for the top 100, 500, and 1000 websites, as determined by popularity/traffic.

What I used to find interesting was that, for the top sites by popularity, SecuritySpace's numbers showed an even _greater_ dominance by Apache (around 80%).

Therefore, I call bullsh** on Port80's survey.

What's interesting about this one is that results can be viewed by domain. The highest proportion, and highest growth, of IIS seemed to be in the gov domain, where Apache is actually decreasing. IIS usage in education was also pretty high.

Use of Apache was particularly high in Germany .

What's interesting about this one is that results can be viewed by domain. The highest proportion, and highest growth, of IIS seemed to be in the gov domain, where Apache is actually decreasing. IIS usage in education was also pretty high.

Use of Apache was particularly high in Germany .

What's interesting about this one is that results can be viewed by domain. The highest proportion, and highest growth, of IIS seemed to be in the gov domain, where Apache is actually decreasing. IIS usage in education was also pretty high.

Use of Apache was particularly high in Germany .

What's interesting about this one is that results can be viewed by domain. The highest proportion, and highest growth, of IIS seemed to be in the gov domain, where Apache is actually decreasing. IIS usage in education was also pretty high.

Use of Apache was particularly high in Germany .

Read what the previous AC said. He's Magnus from Netcraft. Netcraft reads the HTTP server signature. Compare the Security Space October results by server sig and by over all share. (Looks like November is not yet up).

Besides stability (yes, non-Debian users, older is better), a bug issue is the lack of PHP support in Apache 2.0. Netcraft reports that PHP is the number one module in Apache. Sites that need PHP will stay with Apache 1.3 until PHP is tried tested and true in Apache 2.0.

And to repeat an earlier AC post by Magnus, it's Netcraft with a lower case "c".

Read what the previous AC said. He's Magnus from Netcraft. Netcraft reads the HTTP server signature. Compare the Security Space October results by server sig and by over all share. (Looks like November is not yet up).

Besides stability (yes, non-Debian users, older is better), a bug issue is the lack of PHP support in Apache 2.0. Netcraft reports that PHP is the number one module in Apache. Sites that need PHP will stay with Apache 1.3 until PHP is tried tested and true in Apache 2.0.

And to repeat an earlier AC post by Magnus, it's Netcraft with a lower case "c".

You're right. This is a "think tank", a mercanary. They write superficial reports and present them to the media as analyst reports.

Today tobacco, next time in favour of tanks, or against open source.

A think tank has no opinion. It produces opinions. Unlike politicians you cannot discuss with them. That's like convincing a media spokesman. The client is covered.

Open Source fuels the internet, > 66% of all web sites are hosted by Apache webservers. In Germany (.de domain) 89%!! (see Webserver market share .de

We all depend on Open Source. When we browse the web, when we use CMS, when we sent emails...

Guess it is not necessary to convince this mercanary organisation as the market and our society is convinced. Too late for mourning.

You're right. This is a "think tank", a mercanary. They write superficial reports and present them to the media as analyst reports.

Today tobacco, next time in favour of tanks, or against open source.

A think tank has no opinion. It produces opinions. Unlike politicians you cannot discuss with them. That's like convincing a media spokesman. The client is covered.

Open Source fuels the internet, > 66% of all web sites are hosted by Apache webservers. In Germany (.de domain) 89%!! (see Webserver market share .de

We all depend on Open Source. When we browse the web, when we use CMS, when we sent emails...

Guess it is not necessary to convince this mercanary organisation as the market and our society is convinced. Too late for mourning.

I know this article is about combining Java and PHP, but has anyone noticed that JSP has overtaken PHP at least from the standpoint of session cookie default names. It didn't used to be like that. PHP always points out the mod_php numbers, but there is no direct JSP Apache module, only mod_jk which is for any servlet container. I think that's interesting.

Security Space has an interesting breakdown of Websites by Area Code. It'd kind-of related to this, and is interesting on it's own. From the site:

The Website Distribution by Telephone Area Code Report details how sites are distributed based on the telephone numbers our crawlers find published on these sites. It is limited to sites with phone numbers matching the North American Numbering Plan (NANP), consisting of the format AAA-XXX-NNNN e.g, 1-800-799-4831 and (905) 331-2260.

On an unrelated note (but related to Security Space's web reports), has anyone noticed that JSP has overtaken PHP at least from the standpoint of session cookie default names. There is no direct JSP Apache module, only mod_jk which is for any servlet container. I think that's interesting.

If open source is getting stronger in government, why is IIS about to overtake apache in the .gov domain? Ad why is IIS still gaining market share in the .mil domain having long since dominated the market?

It seems the government is what's propping up MS in the webserver area. Why isn't this ever mentioned?

If open source is getting stronger in government, why is IIS about to overtake apache in the .gov domain? Ad why is IIS still gaining market share in the .mil domain having long since dominated the market?

It seems the government is what's propping up MS in the webserver area. Why isn't this ever mentioned?

Seems like you are not the only one:

stats

Also, the only company I know personally which did use IIS for something more complicated than static pages went belly-up 2 years ago...

If you look at some countries like Germany or Japan, IIS is already de-facto dead there. In those countries it's already quite hard to find a hoster that will even offer Windows, either you have to go to one of the few and very expensive hosters who offer Windows or you would have to do everything yourself.

In the USA, Microsoft's strategy to make their products as incompatible as possible might help them because there are enough MS-brainwashed people there, but everywhere else, their "designed for incompatibility" strategy is starting to hurt them a lot.

In many countries, a server equals Unix, so choosing .NET is just plain stupid because you won't find a good hoster for it. The same scenario is coming along with cellphones everywhere including the USA: Java runs, .NET doesn't. If you might ever want to do anything with cellphones, .NET isn't an option because Microsoft isn't even able to get a foot into that market.

If you choose .NET, you have significantly limited your possibilities and your flexibility. (Do you really know for sure that you won't do anything outside the MS-world in 10 years?)

With Java on the other hand, you have all your bases covered: Desktops, servers, browsers, PDAs, cellphones, embedded systems.

In the long run, Microsoft's refusal to cooperate with other technologies will hurt them also in the USA. In case you haven't noticed, the computing desktop isn't the hot thing anymore. A lot of new stuff comes out for cellphones, embedded devices and PDAs, which means no .NET, sorry.

Seems like you are not the only one:

stats

Also, the only company I know personally which did use IIS for something more complicated than static pages went belly-up 2 years ago...

If you look at some countries like Germany or Japan, IIS is already de-facto dead there. In those countries it's already quite hard to find a hoster that will even offer Windows, either you have to go to one of the few and very expensive hosters who offer Windows or you would have to do everything yourself.

In the USA, Microsoft's strategy to make their products as incompatible as possible might help them because there are enough MS-brainwashed people there, but everywhere else, their "designed for incompatibility" strategy is starting to hurt them a lot.

In many countries, a server equals Unix, so choosing .NET is just plain stupid because you won't find a good hoster for it. The same scenario is coming along with cellphones everywhere including the USA: Java runs, .NET doesn't. If you might ever want to do anything with cellphones, .NET isn't an option because Microsoft isn't even able to get a foot into that market.

If you choose .NET, you have significantly limited your possibilities and your flexibility. (Do you really know for sure that you won't do anything outside the MS-world in 10 years?)

With Java on the other hand, you have all your bases covered: Desktops, servers, browsers, PDAs, cellphones, embedded systems.

In the long run, Microsoft's refusal to cooperate with other technologies will hurt them also in the USA. In case you haven't noticed, the computing desktop isn't the hot thing anymore. A lot of new stuff comes out for cellphones, embedded devices and PDAs, which means no .NET, sorry.

Seems like you are not the only one:

stats

Also, the only company I know personally which did use IIS for something more complicated than static pages went belly-up 2 years ago...

If you look at some countries like Germany or Japan, IIS is already de-facto dead there. In those countries it's already quite hard to find a hoster that will even offer Windows, either you have to go to one of the few and very expensive hosters who offer Windows or you would have to do everything yourself.

In the USA, Microsoft's strategy to make their products as incompatible as possible might help them because there are enough MS-brainwashed people there, but everywhere else, their "designed for incompatibility" strategy is starting to hurt them a lot.

In many countries, a server equals Unix, so choosing .NET is just plain stupid because you won't find a good hoster for it. The same scenario is coming along with cellphones everywhere including the USA: Java runs, .NET doesn't. If you might ever want to do anything with cellphones, .NET isn't an option because Microsoft isn't even able to get a foot into that market.

If you choose .NET, you have significantly limited your possibilities and your flexibility. (Do you really know for sure that you won't do anything outside the MS-world in 10 years?)

With Java on the other hand, you have all your bases covered: Desktops, servers, browsers, PDAs, cellphones, embedded systems.

In the long run, Microsoft's refusal to cooperate with other technologies will hurt them also in the USA. In case you haven't noticed, the computing desktop isn't the hot thing anymore. A lot of new stuff comes out for cellphones, embedded devices and PDAs, which means no .NET, sorry.

I'd have to say that more than a few people are using PHP. In fact, of the available Apache modules, guess which one is the most popular? (Hint: it's not PyApache or even mod_perl by a long shot)

So that's why PHP is the most popular module for Apache!

If you're running a web server, use my painfully-earned experience and never trust a single source to tell you you're secure. (This includes you. Get someone else to double-check your servers for you. Otherwise, you will never know what you missed until it's too late.)

kneht

Take a look at recent Securityspace Webserver statistic or Netcraft.

Apache 5,852,747 64.79% 5,507,803 61.74% +3.05%

Link

In industrial countries where labour is expensive, like Germany and Japan, Linux is making inroads on desktops and has already marginalized Windows on Servers:

Japan
Germany

For developing countries, the cost of hiring many people to babysit Windows computers is no problem, but where labour cost is high, the switch to Linux can pay off already in the first year.

(Yes I know, that contradicts to Microsoft "Windows-TCO-is-low" propaganda, but so is reality.)

In industrial countries where labour is expensive, like Germany and Japan, Linux is making inroads on desktops and has already marginalized Windows on Servers:

Japan
Germany

For developing countries, the cost of hiring many people to babysit Windows computers is no problem, but where labour cost is high, the switch to Linux can pay off already in the first year.

(Yes I know, that contradicts to Microsoft "Windows-TCO-is-low" propaganda, but so is reality.)

Except Japan, where Microsoft is already dead on servers:

see here

I take this announcement much more seriously than all the announcements from China lately. The Japanese are able and willing to abandon Windows completely - unlike the Chinese.

It runs on all platforms, it is widely supported and deployed and you can get it at every webhoster.

And there are running more Apache servers with PHP module than IIS servers altogether:

securityspace

Apache/PHP is marginalizing IIS and all other servers.

Both Microsoft lovers and monopoly-whiners will hate it, but those are the facts.

*facepalms*

Gee, you think I've been spending too much time on webboards?

try this instead

It's obvious that you aren't either. According to the Apache Module Report PHP was down 4% in August whilst perl was up 20%.

> Sure, there may be millions of servers running Apache, but how much web traffic is handled by Apache? Of the most hit sites on the Internet (AOL, Microsoft, Dell, etc.) it seems like there's just as many IIS sites as Apache.

Ha ha. Nice try, but IIS fares even worse among the top sites than it does overall.

According to the Security Space Web Server Survey:

Of the 250 Most Popular Sites:

- 51% run Apache
- 15% run IIS
- _8% run Netscape-Enterprise

The rest run AOLserver, Stronghold, Zeus, other, or unknown.

Though i'm not sure how they got those numbers it does show an interesting trend. PHP has been on the decline this year.

Also this doesn't relate well to other non-apache based tech's like ASP or ColdFusion.

-Jon

This relevant

Actually, I wasn't proposing trying to *quit* GIFs altogether. If you have animated GIFs, just stick with the GIF. There really is currently no other reasonable, open standard for animated images that is supported by the major browsers. But I wasn't talking about patent issues at all..

Let me emphasize this: I wasn't advocating PNG because of the patent issues. I was advocating PNG out of entirely pragmatic concerns: a bandwidth saving on images of typically between 10 and 50 percent. This must surely make sense even to all the people out there who neither know nor care about the patent issues.

I was specifically only talking about non-animated GIFs, and primarily also GIFs with no transparency (due to some of the slightly older IE versions struggling with it). This is a totally rough thumbsuck guess, but I'm guessing that this is probably more than 30 % of the GIFs out there.

I do have an opinion on the patent issue, but that is entirely beside the point - I am simply trying to be practical, so I kept that issue completely out of my post. Most people are far more likely to be swayed by solid, practical arguments (such as bandwidth saving, faster downloads etc) than by moral or economic/financial concerns (such as the GIF patent).

Everyone seems to always be trying to convince webpage developers to switch over from GIF "due to patent issues", and seem to often forget that PNGs tend to actually also be smaller (or its added as an afterthought). Its no wonder people aren't interested. Most people don't give a crap about the patent issue.

So I say (to webpage developers), forget about the patent issues: use PNG because it just plain makes sense to do so. Smaller files = more space available on your host and less bandwidth used. Less bandwidth and space used by your host = lower prices on average for you (because your hosts b/w costs will be lower on average, and web-hosting is a competitive market) and faster downloads for your users. The tools to make PNGs are easily available, free, and quick and easy to use. Everybody wins.

Out of interest, related to this: SecuritySpace does web surveys that include what percentage of sites use which image formats etc: http://www.securityspace.com/s_survey/data/man.200 208/techpen.html. PNG is steadily growing, but very slowly.

The most powerful features of Apache based sites aren't features of Apache but of 3rd party modules. PHP, mod_perl, mod_dav, mod_throttle and even Microsoft Frontpage modules contribute significantly to the appeal of apache. There is an excellant Report on Apache Module Popularity by SecuritySpace.com. In considering this report, you should notice the month over month growth in the usage of modulees which have not yet been ported to Apache 2. The developers of these modules will most likely respond to customer demands for support of apache 2, which is dependant of the Apache Software Foundation's ability to convince customers of the benefits of upgrading to Apache 2. In this respect the marketing of Open Source Software mimics the marketing of treditional commercial software. Let's hope they don't adome the strategy of some commercial software vendors by simply refusing to provide security fixes or updates to Apache 1.3.x when needed.This would certainly outrage Apache users, but in the case of Open Source would have the secondary effect of promoting forking of the codebase. On the bright side customers do have a recourse in the case of Open Source, where, they're left twisting in the wind in the case of commercial products.

--CTH

The most powerful features of Apache based sites aren't features of Apache but of 3rd party modules. PHP, mod_perl, mod_dav, mod_throttle and even Microsoft Frontpage modules contribute significantly to the appeal of apache. There is an excellant Report on Apache Module Popularity by SecuritySpace.com. In considering this report, you should notice the month over month growth in the usage of modulees which have not yet been ported to Apache 2. The developers of these modules will most likely respond to customer demands for support of apache 2, which is dependant of the Apache Software Foundation's ability to convince customers of the benefits of upgrading to Apache 2. In this respect the marketing of Open Source Software mimics the marketing of treditional commercial software. Let's hope they don't adome the strategy of some commercial software vendors by simply refusing to provide security fixes or updates to Apache 1.3.x when needed.This would certainly outrage Apache users, but in the case of Open Source would have the secondary effect of promoting forking of the codebase. On the bright side customers do have a recourse in the case of Open Source, where, they're left twisting in the wind in the case of commercial products.

--CTH

http://www.securityspace.com/s_survey/data/man.2 00 208/apachemods.html

Seems to me that currently 38.59% of Apache servers run mod_php and 36.83%
run mod_perl. Not only that, but the number of mod_perl server is growing
(quickly!) and the number of mod_php is shrinking.

Trends and stats aren't worth the paper they are printed on, but it does
help to have something to back you up when you say it.

Regards,

{NULE}

There are a variety of techniques that make it possible to detect NAT usage, and it looks like certain ISPs (namely Comcast) even have entire departments dedicated to doing just that.

Even if every IIS server would utilize ASP (and they don't) it would still be less popular than PHP

stats here

It's more the other way around, 1/3 are NOT running Apache:

May 2002 stats

Whoops, you linked to the Japanese stats both times. Here's Germany.

The most interesting, though, is this breakdown that ranks sites in a Google-like manner. Apache and IIS both lose a little to Netscape and "other" (also Apache perhaps?), but I think that's the fairest way to compare market share.

Whoops, you linked to the Japanese stats both times. Here's Germany.

The most interesting, though, is this breakdown that ranks sites in a Google-like manner. Apache and IIS both lose a little to Netscape and "other" (also Apache perhaps?), but I think that's the fairest way to compare market share.

look for yourself

Nice is Japan and Germany

People who actually have to pay for IIS *are* switching to Apache, and only very few new companies start with IIS.

look for yourself

Nice is Japan and Germany

People who actually have to pay for IIS *are* switching to Apache, and only very few new companies start with IIS.

look for yourself

Nice is Japan and Germany

People who actually have to pay for IIS *are* switching to Apache, and only very few new companies start with IIS.

This data for *active* web servers (about 6 million total) seems to give a different picture---while apache lost 0.16% and IIS gained 0.40%, long-term (over the last year) apache grew, while IIS fell. Also, extrapolated future failure and growth rates seems to indicate that one is better off betting on apache than on IIS.

This data for *active* web servers (about 6 million total) seems to give a different picture---while apache lost 0.16% and IIS gained 0.40%, long-term (over the last year) apache grew, while IIS fell. Also, extrapolated future failure and growth rates seems to indicate that one is better off betting on apache than on IIS.