Slashdot Mirror
Why I Hate the Apache Web Server
schon writes "Today's the last day of ApacheCon Europe; There was a hilarious presentation entitled 'Why I Hate the Apache Web Server' for anyone who has expressed frustration with the various inconsistencies and nuances of the Internet's favourite config file. And yes, it includes a comparison to Sendmail."
I think the subject was supposed to read, "Why I hate PDF files."
"Simplify, simplify, simplify!" Thoreau
OK, so this is a PDF file that looks like a Powerpoint presentation and it is about how much he hates Apache. *head explodes*
Here is a html version, I doubt it will stay cached for very long though.
Could the on-duty-editor-at-the-moment PLEASE add small note after the links IF TFA is in fact A PDF file. Please? That is NOT too much to ask, I hope. Sorely hope.
And no, I didn't RTFA, which was in fact TFPDF.
-Is the meaning of life vanity, or is vanity the meaning of life?
Coincidence? I think not!
atleast a decent Apache install can keep on chugging along even when faced with a slashdotting.
- It runs acroread slowly, instead of loading in my already opened browser quickly
- Uses huge ugly fonts
- Has silly graphics that bring nothing to the point
- Acroread requires two clicks to close (one for the document, one for acroread)
- Yes, I want a pony
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
It's not the PDF format that sucks, it's Acrobat Reader. Use Preview or XPDF.
Complaining about PDFs is like complaining about HTTP cause you don't like IIS.
"Not yours."
News for Nerds
Wow, you ain't fuckin kidding, are ya?
-1 Uncomfortable Truth
If the presentation was Hilarious, I assume that in future Apache configuration will be easier.
Otherwise I'd define it "sadly realistic"...
aaargh
Apache is great but it could be *significantly* easier for beginning webmasters. And for companies to fund changes.
Sitting in #apache on freenode is actually fun sometimes. You'll actually see these common things bought up by many people every day. The PDF actually touches on only a few of the "problems" that the conf file has.
However, its the 2G file limit that makes me laugh. Sure, there's LFS (Configure 1.3 with CFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64", enabled by default in 2.0.53 (and higher) and in 2.1), but to be really honest, there are far better ways to send large files. HTTP isn't one of them. There's FTP and there's also torrents; Both of which have the advantage of being designed for files rather than 'hypertext', which by nature is normally text...
NeoThermic
Use my link above, or to view my server, NeoThermic.com
Don't be silly. PDF files are very useful to distribute printable materials, such as books, spec sheets, PR and corporate bullshit (ugh), brochures, etc... Remember that PDF is essentially Postscript wrapped in an Adobe straightjacket.
What does piss me off is:
- People who use PDFs to make read-only documents
- People who use PDFs where html or text is adequat and sufficient.
I don't see why they require me to lauch that hateful Acrobat Reader when a browser does a better job.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
I love Apache, but in the same way I love my wife: with some trepidation. Fast and stable, flexible and reliable, but make one little syntax error and you can lose your ass.
This isn't as much "normalization" as it is "don't take so many drugs when you're designing tables."
"PDF has no place on the Internet, thats why we use HTML , but that would interfere with Adobes buisness model"
Bullshit. Have you ever tried printing a PDF file?
PDF has its place, but I agree in this case it was silly.
"Derp de derp."
The basic auth logout: yes, people have been asking for it for years, but it's HTTP itself that doesn't provide a mechanism for logging out users, it's not Apache's fault.
The lax syntax: hell no. That sort of thing leads to security holes. If I make a typo, I'm perfectly capable of going back and fixing it, should Apache notify me immediately. But if it misinterprets a typo as meaning something I didn't want, I won't know about it until it bites me in the ass. There is nothing wrong with strict syntax for config files.
The rest are relatively sane complaints and ones I've said myself in the past. Even if they are contained in a godawful PDF.
NOT A FONT. ok? Repeat after me, Comic Sans Is Not a Font! In 1995 Microsoft released the font Comic Sans originally designed for comic book style talk bubbles containing informational help text. Since that time the typeface has been used in countless contexts from restaurant signage to college exams to medical information. These widespread abuses of printed type threaten to erode the very foundations upon which centuries of typographic history are built. While we recognize the font may be appropriate in a few specific instances, our position is that the only effective means of ending this epidemic of abuse is to completely ban Comic Sans. http://bancomicsans.com/home.html
I'm also a big fan of the "Grumpy Editor's Guide" series of articles at Linux Weekly News.
In the words of "Winston Churchill"...
"It has been said that democracy is the worst form of government except all the others that have been tried."
"It has been said that Apache is the worst web server except all the others that have been created"
-=Linsys=-
http://www.intrusionsec.com
This whole thread is about a humorous troll (I rtfa. Yeah, I know that is verboten here...), so in the spirit of the author's PDF, I offer you a cheeky response:
They ALWAYS lock up the browser and force a ctrl-alt-del to shut it down.
Not if you use a good OS, like Windows. (ducks)
HA! I just wasted some of your bandwidth with a frivolous sig!
-- Thou hast strayed far from the path of the Avatar.
He has some great points, and if some non-fan boys would catch things, he's an apache developer. He has the right to hate some things in apache.
I'm glad to see that someone who works with the project has some of the same frustrations I do:
mod_imap - why does anyone still need this?
http and https needing seperate entries in vhost
vhosting in general
And to those whining about PDFs would you rather to have this posted in a PPT file? Comic Sans probably means Powerpoint is at the root of this. And I'm guessing he didn't need to put the out there, so he picked a format everyone can read without resorting to PowerPoints horrible html conversion. I hate PDFs, and really hate them viewed in the browser, but that's what "save as" is for. And I'll bet you didn't have to go get a viewer just to read this. There is no pleasing the Slashbots who would rather whine about a PDF than take the criticism in stride, and with the humor it was presented in. If you have to whine about the delivery, then you're too childish to pay attention to the message. He may not have OpenOffice installed at his work (there are places who don't allow that), and this may have been the best he could do under reasonable effort.
I'd prefer his effort go into the server than in giving us an HTML page rendered just for us. He could use that time to fix some of the annoyances! Some have better things to do than to please everyone.
And I say we give him a pony!
I am, and always will be, an idiot. Karma: Coma (mostly effected by
Winston Churchill once said that "Democracy is the worst form of government .... except for all the rest."
s/Democracy/Apache/
No, I didn't skip the torrent suggestion, nor did I attack it.
I just pointed out that your argument - "there are far better ways to send large files. HTTP isn't one of them." - didn't justify your FTP suggestion at all.
HTTP has the ability to resume as well. I have never had problem resuming HTTP download. Some web browsers might not offer you this possibility for downloading (but might use it itself when requesting images on a page that were only partially downloaded at last visit). But then again, these browsers might not offer you resume download on ftp as well.
Anonymous login still doesn't qualify as "a better way" regarding large files. It's quite irrelevant regarding large files and only introduces more overhead. Not that overhead matters much as when the transfer is underway, the situation is the same whether you use HTTP or FTP.
I really can't find ground for your statement that you should be "unable to resume in most cases". I honestly can't recall this being an issue. I often download and resume large files from different HTTP servers.
- Peter Brodersen; professional nerd
Pardon the obvious comment I'm compelled to spew in Apache's defense:
Due to the Open Source nature of apache, anyone who is ready to actually improve apache (in ways that the apache people potentially don't like and won't accept into the code) can fork apache and make their own even-easier-to-configure web browser.
Also remember that functionality comes before user friendliness. It should be no suprise there are warts on the config syntax, just be glad the damn thing works at all! If you want a real taste of ugly, go use IIS or (shudder) Weblogic. You'll run back to apache so fast your legs will fly off.
As apache matures even more, no doubt these warts will eventually get addressed. Maybe some kind of little task force will even form with this goal in mind.
"abends"? My God, man! How old are you? Sheesh. I haven't heard that term since I worked on mainframes.
Wait ... how old am I?
I've never had a download from an FTP server ever fail. I've had *many* fail from HTTP served downloads that I really do try avoid downloading anything over about 3MB on HTTP.
I've downloaded many, many large files (e.g. ISOs) over HTTP with no problem and have done for years. If you are having problems downloading anything over 3MB, then I would guess that you are misconfiguring these computers. Really - you think the rest of the world is just putting up with flaky downloads?
TCP ensures an error-free connection for both FTP and HTTP. Neither FTP nor HTTP handle that part of the work. When you say "fail", what do you mean, exactly? Dropped connections? Corrupted files?
In any case, your personal experience and my personal experience is unimportant. That's what I was asking for stats. You are the one claiming that HTTP is unsuitable for large downloads; the burden of proof is on you to show that.
You keep skipping over torrents.
I think you are confusing me with somebody else.
Really, are you trying to attack one point by ignoring points you can't argue?
Er, what? I'm arguing that HTTP isn't as bad compared with FTP as you make it seem. BitTorrent doesn't factor into that argument whatsoever.
Or will you acknowledge that torrents can be far better than HTTP for downloads of large files?
I'll acknowledge that all three protocols have advantages and disadvantages. BitTorrent is not a silver bullet, the fact that users have to download and install additional software is a showstopper for many people, as is the fact that it's not simply a client downloading from a server (e.g. you have to open up ports and sacrifice upstream bandwidth to get a decent speed).
All three protocols "can be" far better than the other two. It depends on the circumstances. For large files, it depends on what servers are available, the update schedule, the bandwidth available, and so on. It's wrong to simply call one "far better" than another.
It takes almost no time to load. KDE 3.4.x has made me really happy to interface with PDF files, because the PDF integration is fast and slick.
It beats the shit out of Postscript files (I shouldn't have to install 5 separate packages for 1 file format!), and is highly preferable to a powerpoint doc on the other end of the hyper link (which I wouldn't be able to read anyways).
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
LOOK, you lot have missed one critical point. The guy is a committer to the apache httpd project itself. He's on the INSIDE. He knows more about apache than YOU.
He's just pointing out some of the sillyness to his own teammates that apache has that people that are involved with and use apache get used to. (And, even if it is documented, that doesn't mean it's not silly.)
mod_imap? Why is that still on by default, for example.
As for the PDF complaints, THIS IS A PRESENTATION AT A CONFERENCE. What would you have perferred? A PPS file? Those that complain about the fonts? Get over yourselves.
Why can't apache's configuration file be XML compliant? It would make life sooo much easier if it were.
It would be sooo much easier to parse and validate the configuration file if it actually conformed to SOME kind of standard.
For that matter, why not use some limited XSL syntax in order to handle conditions?
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
Did you miss the bullet point that said "Yes, I know. I wrote that line in the docs. It's still really irritating"? As an Apache project member that primarily contributes documentation, I think he has RTFM -- in fact, he has WTFM. ;)
1. Try this. Config file is XML, and it has a web-based configuration interface for those who don't like XML.
2. Try this. Modules are Pike (similar to C++) objects. They can be reloaded on the fly, don't need to be compiled before they're used, and do not require a restart of the server.
3. Try this. It supports threads just fine.
4. Try this. Support for PHO (for those who want it) as well as a built-in dynamic page generating language (RXML) - as well as pike scripts (if you want more power.)
5. Try this. Memory management is not an issue.
Caudium is a wonderful web server platform - it's faster, more powerful, and easier to use than Apache. Once you try it you won't go back.
Ok, make your pdf with 10pt text (though I personally find that annoying to read at a comfortable distance*) and people that read it can hit the little plus sign next to the magnification precentage. done.
PDF is a document specification container. The whole point of pdf is to make your document look good and once your document looks good, to make it look the same on every machine it's displayed on. Thus ensuring that it looks good (at least according to your definition of looking good) on every screen and when printed.
If you want viewers to be able to edit your files at the expense of looking the same, or even good across platforms (and you're willing to put up with images getting strewn about willy nilly) you might as well use a word document. It's not going to look any worse than html.
*If you're making your pdfs with LaTeX then you've probably read some of the docs. A good deal of typesetting knowledge went into the design of TeX and much of it is explained in the documentation. Those docs mention something about a recomended number of characters per line for maximum comfort reading. At 10pt, you're either going to have far to many characters or you're going to have huge margins and/or double-spaced text. At which point you've negated the benefits of your 10pt text.**
**ok you could use a multicolumn format to get around that ugly fact, but then your document looks like a cheesy newsletter.
Can you be Even More Awesome?!
'runs as user NOBODY'
Perchild MPM, which lets apache run as the user owning NN vhost has been all-but dropped.
A few other guys have (kind of) picked it back up again, and gotten it to (mostly) work, but it doesn't scale well, yet... (barfs at 256 hosts)
Why can't somebody get this to work? (I would, but I'm not a c coder)
I have no problem with your religion until you decide it's reason to deprive others of the truth.
So every time I start trying to hack together an Apache config file, then setup the .htaccess, and then...well, about that time I say awfuckit
and just grab one of those dusty old code nuggets
and roll my own. its actually faster to setup that way...and possibly more secure, since I hardwire the pages/images/etc.
Apache performance can't be beat ('cept maybe for the kernel-embedded HTTP server, can't recall the name), but the config process is way too damn difficult for something with such a simple protocol; hell, I can completely reconfig a UNIX kernel more reliably, and in less time, than configing Apache.
007: "Who are you?"
Pussy: "My name is Pussy Galore."
007: "I must be dreaming..."
For my own site, I wanted a rule that catches www.* and issues a permanent redirect to the browser, pointing them to the domain without the 'www' attached. Since I had two or three domains hosted on this box, I wanted to do it globally.
:/)
The only sane way to do this with Apache as it is today was:
RewriteCond %{HTTP_HOST} ^www.* [NC]
RewriteMap www prg:/etc/apache2/conf/rewrite/www.pl
RewriteRule (.*) http:///{www:%{HTTP_HOST}}$1 [R]
#!/usr/bin/perl
$| = 1;
while () {
$_ =~ s/^www\.//;
print $_;
}
RewriteCond %{HTTP_HOST} ^www(.*) [NC]
RewriteRule (.*) http:||%1$1 [R]
(Pipes instead of slashes for slashcode
(or UseCanonicalName?)
Anyone else notice that the PDF's file size is 666 KB?
If you mod me down, I shall become less powerful than you could possibly imagine.
LaTeX defaults to 10pt fonts and 1.5 inch margins, which look damn pretty. The optimal number of characters on a line is 66. Even if you scale your margins so that you have 66 characters per line at 12pts, you're going to have fewer total characters on a page than at 10pts because of vertical spacing issues. Moving up to 12pt tends to look awful. Then again, as long as I'm paid by the page instead of the word. . .
After all, I am strangely colored.
"Tcl/Tk front end?"
And for X-less webservers? Maybe something like the menuconfig frontend to kernel building would be neat.
I'm against picketing, but I don't know how to show it.
This problem is *everywhere*. Why are we still putting up with differently-designed config files for your webserver, your ftp server, your mailserver, your nameserver and heaven knows what else, all supported by their own pieces of custom code which, like Apache's, each have the possibility of growing up to be subtly wrong?
I know the Windows idea of a centralised registry sucks in too many ways (inscrutable binary is no match for human-readable text files), but there's one thing it's got right: all the apps which access their configuration use a consistent API to do so. Is it an impossible dream to hope that someone gets a bunch of large free software projects to agree on what needs to go into a libconfigparse, then implements it, and provides bindings for major languages? Then we might stand a chance of avoiding weird config file problems cropping up in Apache and everywhere else, slightly differently each time.
GROGGS: alive and well and living in
Man, the comments are way off the rails on PDF readers. Funny. So, back on topic... the PDF mentions one of my big problems with the current apache
2 GB file limit
Why, oh why? It's 2005! Makes throwing video around a bit limited. Please, good Apache people, make this a priority!
I've seen IIS sites handle a /.ing fine, I've seen Apache dragged to the dirt. Why? Well /.ing kills sites one of two ways:
/.ing isn't at all impressive, it's expected. Any webserver worth it's shit should be able to had out massive amounts of data with little resource usage. It's other processing like PERL scripts, DB requests, SSL, etc that kill it, or simply overtaxing the available bandwidth.
1) Bandwidth. Whatever if being offered is large enough that the line it's on becomes highly over saturated and thus requests are processed very slowly, if at all.
2) CPU load due to dynamic content. Sites that use databases, or scripts to create their pages or something get overwhelemed because they don't have enough CPU to support all the requests.
The webserver itself isn't the problem. Either Apache or IIS can easily saturate a 100mb link with static content, even on a fairly old server.
When I worked for the school paper and we were linked, it was no problem at all. The line was 10mb, and the content was fairly small (say 300-500k total) and all static. Despite being a P2 300 the server didn't even break a sweat, load average was below 1. When the department I now work at was receantly linked for a comet simulator, it killed out webserver, despite the content being about 2k and it being a fiarly fast SPARC machine. The reason was each request required computation, so our load average was about 100.
Apache being able to survive a
Bandwidth is actually fairly common, many servers are run on small lines. I have a couple servers in my closet on my 768k up line. That is plenty for normal usage, people find the sites quite zippy. However Slashdot would easily overwhelm that bandwidth.
This was at an apache conference. He's written documentation for Apache. Chances are he uses it and knows more about it than you ever will. Dumbass.
A good number of OSS zealots (of which a good number are found here) have the need to believe that OSS is always better, in every case, and part of that is not admitting faults. You admit faults, you admit the possibility something else could be done better.
I got in to that some time ago over audio apps in Linux. I mentioned that one of the reasons I run Windows is pro audio work, Linux just doens't have the tools. I was told ya it does, so I asked like what? I mean hey, maybe they know something I don't, I'm always looking for new tools. No, I get pointed to the same ones I've tried. So I talk about what is wrong with them, why I don't like them. In response basically every flaw is downloayed, denied, blamed on me, or declared to be "a better way of doing things".
Zealots, of whatever type, want to believe their product/way of life/whatever is the best there is. Thus when presented with real criticism, they are likely to either ignore it, or try and change the argument to something else.
The attitude that so many have of "If you don't like it, fix it yorself!" That's a very harmful attitude to take, it's very abrasive and turns many people off to OSS.
I mean you have to remember, that most of the people in the world CAN'T, even if they want to, because they aren't coders. The majority of the population, well over 90%, does not know how to program. It's stupid to say they should learn how to. The whole point of specialization of labour is that peopel dont' ahve to do everything. Coders code, other peopel use what they make.
Then, of the few that can code, most don't have the time. It's a serious undertaking to make major changes to make major changes to a codebase, and it's really har dwhen it's not yours. You have to spend a lot of time just in learning what the fuck is going on and hwo it all works, before you can start making changes. Well, most coders can't do that, espically for every product they happen to use. There a fixed amount of time, and most of us have most of it taken up by more important things (like a paying job, family time, housework, etc).
Then, even if you do have the ability and time, it's not always easy. I'd not the guy that gave this presentation is an Apache developer, so he IS putting his money where his mouth is. It's just pretty clear that making tha fixes isn't some little 1 hour coding job, it's some major work that needs to happen.
So really, people who want to push OSS shouldn't take this isntantly hostile "Well fix it yourself!" attitude. Problems should be listend to, and should be fixed when possible. When it's not, the reasons should be explained why, and the person should be helped to figure out how ot work with what they have as best as possible.
Oh, and having configured both IIS and Apache, IIS wins hands down. Easy GUI config, options do what you think they do, plenty of context sensitive documentation. That's not to say it's a better web server, and sure as hell not more secure, but when it comes to configuration, that's just no contest.
Seriously though, for a lot of tasks these days I use the more lightweight thttpd daemon. Uber-simple config files, very low overhead, supports per-URL throttling out of the box. It's superb for image servers, or pretty much any application where you don't need dynamic pages - and believe me, there are still plenty of places you don't need dynamic code.
Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.
Are you using a browser to download files over HTTP? Most browsers have horrible resume support. Try something like GetRight (for Windows) or even wget -c. I've never run into a problem with those but I wouldn't trust Firefox to handle a large download correctly.
Torrents are pretty nifty, but they're more complicated to support (need a seeder, etc) and much less reliable over slow connections. Generating SHA1 hashes for a 2GB file takes a while, so you can't just drop a file in the web directory and serve it immediately.
Cool. I'll add them here.
What part of "gestalt" don't you understand?
First, we have this.
And a quote from the default config file:OK. So I'll define as follows:Then, we have this.
OK, so I have some legacy documents, so I'll just define as follows in <HEAD>:And let's try it out... WTF?? It does not work! My browser thinks it is UTF-8.
Oh wait, it actually works, if I'll define this instead of that above:Brilliant! So if the AddDefaultCharset is defined in httpd.conf, the Content-Type encoding of the actual document must be defined in lowercase, or it'll be ingnored! Now, where the f*** this is documented??! Examples at w3.org specifically uses uppercase. Apache permits uppercase in httpd.conf.
Apache messed it up again.
“Wait for Hurd if you want something real” –Linus
God I don't understand what the whole issue is about opening up a PDF.
I started reading the thread to hear other people's experiences with Apache and all I'm reading is this goddam issue with PDFs.
I don't get it. Am I an idiot or geekdom is having a period?
As it turns out this isn't the whole truth (there can be heuristics) but what you are doing is rather dicey (read as: may give different results in different browsers or in the future). Make your charsets agree or you might cause yourself problems.
I don't want to detract from your main point (which is that configuration is hard) but can't they pay someone else to do the forking? Who says that everyone has to be programmer in order to have their own fork?
Having formerly dealt with MS IIS servers I've come to embrace the granularity of configuring an Apache server.
Virtual Hosts, Redirects, etc. are easy if you read throught he config file. Granted, it is getting a little long and should be separated into different config area files.
Here is a, uh, rather ambivalent look at Comic Sans by its designer, Vincent Connare.
Apparently, he saw Times New Roman used as the font for speech balloons in Microsoft Bob, which he thought was a terrible misuse of the font. So he designed a new font, Comic Sans, for those speech balloons. From the article:
For the record, the talk was created in Keynote, which will export to a variety of formats. PDF seemed like the least problematic of those formats. I don't use PowerPoint.
Thanks for all the great feedback from folks about my complaints and examples. Yes, it was more than a little tongue-in-cheek, and several of these problems have in fact already been fixed - a couple of them right there are the conference.
And, I'm not *just* complaining. I fixed the "Require User" case sensitivity thing, and I'm rewriting the mod_rewrite docs.
Apache guy, Open Source enthusiast, runner
yeah, and have the other httpd people were in the room: nobody disagreed. It was one of the funniest and best presentations all week.