Slashdot Mirror
Netcraft Claims Apache Now Runs 2/3rds Of The Web
Mr Bill writes "According to NetCraft the Apache web server now owns over 2/3rds of the web. The jump of 2.8% since last month is mostly due to a number of large domain parking sites switching back to Apache from IIS. 'During 2001 and the first half of 2002 several companies hosting very large numbers of hostnames including Webjump, Namezero, Homestead, register.com and Network Solutions migrated to Microsoft-IIS. Subsequently these businesses have either failed, significantly changed their business model, or reverted to their previous platform, and Microsoft-IIS share is now in line with its long term pre-summer 2001 level of around 20%.' See the full report here."
Who would've believed that a non-proprietary and free webserver would be so popular when Microsoft gives you the opportunity to lock yourself into monopoly driven endless licensing upgrade cycle?
What the hell is this world coming to?
Numbers that are much harder to get but would be significantly more valuable would be the fraction of web traffic handled by the type of server. Just because I have a hosting company that has 3 sites doesn't mean that I'm getting traffic in the same amount that some other individuals. And MS(make that M$ so I don't get modded down) would tell you that there servers are deployed on the larger installations, the ones that need to higher performance.
(And, I'd expect that if we looked at a graph of traffic, you'd see the GWS getting a significant share.)
I demand a million helicopters and a DOLLAR!
that many large companies started using IIS.
I got a bit nervous, but looks like using IIS is the best cure.
It's like pi**ing against electric fences.
You'll never do it again.
This month, we found
Magnus at netcraft dot com
The yarn goes that MS products are not so badly written, that IS II is no worse that apache, that outlook is no worse than XXXX, its just that windows runs on 95% of the worlds computers so its a target and when its infected it gets noticed.
this apache story sort of gives a lie to this. if it runs 80% of the web servers it is the largest target by definition. Of course it does get attacked but you dont hear about this being a viral thing, spreading throught the mono crop.
I guess one can counter this argument by saying that bussinesses that run web servers maintain their patches better thsn the devil spawned endusers. But this doesn't really wash. If bussinesses had to patch as often as Windows users did they would be screaming bloody murder since while it only costs the end user free time, it cost the bussinesses actual operating expesnes.
Some drink at the fountain of knowledge. Others just gargle.
Problem with Zope is that it's often installed behind Apache which serves as proxy/urlrewriter and so Netcraft may only see Apache some times. (it correctly detects Zope for my own website though)
Votez ecolo : Chiez dans l'urne !
When I hosted some of my earlier sites, web hosting resellers were advocating Windows hosting. They charged more for it, and also most of the technical help they had was for Windows and IIS ...
... Finally one of the ladies confided ... "My techies are going nuts just keeping up with the patches after patches .. so please, go for Linux .... please .."
... .but I think very widespread ..
After the worm season of Microsoft, I actually had the same resellers begging me not to buy Windows hosting but go for Linux, even though it was cheaper (and hence their margins lower). Most of them were putting forward the reasoning that it was cheaper (but that was never a selling point earlier) and they said that there are so many free goodies available with it
It's anecdotal
To see a world in a grain of sand, and then to step back and see the beach where the sand lies
It might help a bit, but not a lot. Web servers that belong to a domain, say www.slashdot.com, are counted here, but when you have millions of home machines worldwide still running an open web service on windows, that can overwhelm the statistics.
.com
66% of 'real' websites may be apache driven, but when it comes to viral infection, Joe Normal's home windows box on his cable connection counts just as much an infectable web server as the business down the road that runs a real
But IIS usage is NOT going down though! The netcraft graph is a graph of relative usage of each system and adds up to 100%. If you look at the bottom the linked page at the second graph, you can see that IIS usage hasn't decreased at all - it's just that Apache usage has gone up quite a bit recently (ie, there are more total servers tested by Netcraft).
I would bet that a year ago someone at Microsoft came up with an idea to increase IIS standings at Netcraft: pay a couple of domain parking companies to switch. They probably paid them for a year only, and since the year has finished, the companies in question have decided to switch back, presumably because IIS had more expensive TCO than Apache. Microsoft's original idea would have been to gain momentum for IIS and indicate it was gaining rapidly over Apache, helping it's .Net initiative look like it was going somewhere.
I'd just add, that FreeBSD does the same thing.
When in doubt, go to the library. - Ron Weasley in Harry Potter and the Chamber of Secrets
Ummm, could it be because it's their Unix. Hp push Linux too, and their website runs HPUX. All vendors use their own OS to run their websites. Can you imagine all the flack they would get if they didn't?
;-)
Funnily enough SCO are the only ones that don't run their own OS on their webservers. The run Linux, whats wrong with OpenServer???
Who really stands behind their products?
IBM run IBM/Apache on AIX
HP run Apache on HP-UX
SGI run Netscape Enterprise on Irix
Sun run SunONE webserver on Solaris
Apple run Apache on MacOS-X
FreeBSD run Apache on FreeBSD
NetBSD run Apache on Net/OpenBSD
OpenBSD runs Apache on Solaris? I'm sure thats because a uni hosts it.
Microsoft got scared at the last worm outbreak and now hide
2003 behind a Linux webcache farm
The one to beat them all.............
SCO run Apache on Linux
Ummm I think you'll find thats wrong, ok the propotunate loss for IIS is worse, but they've had a notaciable numeric loss too.
in my life God comes first.... but Linux is pretty high after that
Francis Smit
This valuable informative post got modded down to -1 even though it is nothing but 100% informative, and I rarely ever post it. Therefore I will post it three times in case the apache-fanboy mods it down to -1 again
:
I in 400 SECURE servers is still a classic Mac Os host even cccording to netcraft !
Because no mac in the history of the internet hosting a web server has ever been rooted or defaced remotely.
Why?
Because not one version of Mac OS has ever had a single exploitable hole ever discovered. (classic mac os now up to version 9.2.2 on currenlty sold g4 tolwers). OpenBSD has had no less than 5 holes (not one) in the default install in the last two years. Mac OS has had ZERO in over 7 years, even when paired up with its preferred web server app.
The Army (www.army.mil) has used Webstar for years on macs for security.
In fact in the entire SecurityFocus (BugTraq) database history there has never been a Mac exploited over the internet remotely. Scan it yourself.
For years, except, for a couple months ago, the army has always used MacOS and has never had a break-in on a Mac. Unlike their other MS defacements.
http://uptime.netcraft.com/up/graph?site=www.arm y. mil
That is why the US Army gave up on MS IIS and got a Mac for a web server, sometimes it is a honeypot for OSX testing, and US ARmy use regular Mac OS on other internal servers
I am not talking about FreeBSD derived MacOS X (which already had a more than a 50 exploits and potential exploits in BugTraq database) I am talking about current Mac OS 9.x and earlier which are highly sophisticated abstract-OS models.
Why is is hack proof? These reasons
1> No command shell. No shell means no way to hook or intercept the flow of control with many various shell oriented tricks found in Unix or NT. Apple uses an object model for procces to process communication that is heavily typed and "pipe-less"
2> No Root user. All mac developers know their code is always running at root. Nothing is higher (except undocumented microkernel stufff where you pass Gary Davidian's birthday into certain registers and make a special call). By always being root there is no false sense of security, and programming is done carefully.
3> Pascal strings. ANSI C Strings are the number one way people exploit Linux and Wintel boxes. The mac avoids C strings historically in most of all of its OS. In fact even its roms originally used Pascal strings. As you know pascal strings are faster than C (because they have the length delimiter in the front and do not have to endlessly hunt for NULL), but the side effect is less buffer exploits. Individual 3rd party products may use C stings and bind to ANSI libraries, but many do not. In case you are not aware of what a "pascal string" is, it usually has no null byte terminator.
4> Macs running Webstar have ability to only run CGI placed in correct directory location and correctly file "typed" (not mere file name extension). File types on Macs are not easily settable by users, expecially remotely. Apache as you know has had many problems in earlier years preventing wayward execution.
5> Macs never run code ever merely based on how a file is named. ".exe" suffixes mean nothing! For example the file type is 4 characters of user-invisible attributes, along with many other invisible attributes, but these 4 bytes cannot be set by most tool oriented utilities that work with data files. For example file copy utilities preserve launchable file-types, but JPEG MPEG HTML TXT etc oriented tools are physically incapable by designof creating an executable file. The file type is not set to executable for hte hackers needs. In fact its even more secure than that. A mac cannot run a program unless it has TWO files. The second file is an invisible file associated with the data fork file and is called a resource fork. EVERY mac program has a resource fork file containing launch information. It needs t
Just because many don't complain doesn't mean they're not being disadvantaged. I could steal 10 pence a day from you and you probably wouldn't notice. Does that mean my theft would be permissible?
Impartial, informed observers have been saying for a very long time that Microsoft are a monopoly and illegally maintain this. That a major customer of theirs (HP, I believe) felt strongly enough that they disliked dealing with Microsoft sufficiently to go on record as stating that if they had alternative suppliers, they would deal with them instead, is surely a strong indication of Microsoft's nature. As is Microsoft feeling able to pressure IBM into dropping OS/2 and later SmartSuite through preferential pricing on Windows. Surely if there existed a sufficiently realistic competitive market in computer software, such tactics would have merely driven up sales of OS/2? It's not like it wasn't getting good reviews at the time.
Microsoft are a monopoly in the legal sense, and there can be no doubt that they have significantly abused this to the detriment of both consumers and the industry as a whole to anyone who followed the trial. That users are too apathetic and uninformed to understand they have lost out is not a defence against the monopoly charge, merely and indictment of the popular media and Microsoft's few remaining competitors.
Greg
(Inside a nuclear plant)
Aaaarrrggh! Run! The canary has mutated!