Small web servers are out there apart from Apache?

Contributed by jose on 2002-07-31 from the port-80 dept.

"I like apache. It can do naything or nothing, whatever you request. But what, if you just demand a low-bandwidth, static-only, http-server running under OpenBSD? It should hopefully be way easier to make that one secure. Does anyone of you now such beast? "

Well, I do know of wn and thttpd . Does anyone have any experiences in long term use of these compared to Apache? Do they fit the bill? Are there others worth looking at?

(Comments are closed)

Comments

By Anonymous Coward () on 2002-08-01 01:17

publicfile. http://cr.yp.to/publicfile.html
By Anonymous Coward () on 2002-08-01 01:20

were you very tired posting that? :P
By Anonymous Coward () on 2002-08-01 01:31

I know the person hosting http://www.packetninja.net/ has been using thttpd for about as long as I can remember and last time I checked he thought it was great.
By Jesper Louis Andersen () jlouis@diku.dk on 2002-08-01 01:36 mailto:jlouis@diku.dk

There are publicfile by DJB, but the code is a mess and quite unreadable, so that makes it unuseable to me.

thttpd has had security bugs. Considering this is OpenBSD it might not be the best thing to have had. What do we win by a fast program with errors?

mathopd is a good one. As far as I know, it has no security bugs and is quite fast. http://www.mathopd.org
By Anonymous Coward () on 2002-08-01 01:46

http://www.eterna.com.au/bozohttpd/

It's all configured on the command line, so even the complexity of configuration files is missing.

1 .c file, 2111 lines of code. Code isn't a mess. Small enough that you could audit it yourself and feel comfortable with the result.

If you wanted a small web server that does HTTP 1.1, with minimal functionality, this has got to be a good candidate.
By Matt Liggett () mml@pobox.com on 2002-07-31 15:38 http://pobox.com/~mml

The code is short, simple and easy to understand. It can do CGI if you want it to. mathopd is shorter still, and thttpd is faster, but boa works for me.

http://www.boa.org/
By W () on 2002-07-31 16:23

publicfile is GREAT ! It's secure, fast and stable, and it's a thrill (easy) to use.
You can also check out http://www.publicfile.org/ for some neat add-ons, in particular the custom error messages and directory redirection patch.
By Anonymous Coward () on 2002-07-31 18:16

http://www.fefe.de/fnord/
By Anonymous Coward () on 2002-07-31 19:02

http://uts.cc.utexas.edu/~foxx/dhttpd/

old, but simply serves static pages
By Anonymous Coward () on 2002-07-31 20:24

I discovered this cute and lightweight server ages ago, precisely because I had decided that Apache was overkill. It's very nice C++ and only does one thing and does it well: it serves documents from /var/www; no CGI support, no home directory escapes; nothing but sending images and text from locations relative to /var/www.
dhttpd homepage (no longer developped)
newer version by Debian package maintainer
By paul nendick () pnendick@yahoo.com on 2002-07-31 23:41 mailto:pnendick@yahoo.com

I've never used it, but there is: also webfs .
By John () jhedditc@physics.adelaide.edu.au on 2002-08-01 13:25 http://www.physics.adelaide.edu.au/~jhedditc/

This is a v. simple, v. secure webserver - I've
had a look through all of the code and didn't see
anything, and it's very easy to configure.
By jolan () on 2002-08-01 07:10

Apache in -current runs unpriveleged in a chroot environment, which pretty much means that you can only serve static pages.
By bengt kleberg () eleberg@cbe.ericsson.se on 2002-08-01 08:33 mailto:eleberg@cbe.ericsson.se

http://yaws.hyber.org/
By Anonymous Coward () on 2002-08-01 09:07

You could write a usable HTTP server in a day or two that serves static pages. I know this because I did this. My HTTP server is a commercial product that is quite simple, and does CGI. This did require reading some RFC documents to get to this stage, but that doesn't take long.
By RC () on 2002-08-01 11:11

Why does HTTP get used for everything? I understand HTTP/1.0 was simple, but it's rather ineffecient, and doesn't even have basic control messages (you can't tell if a connection ended properly, or got cut off). HTTP/1.1 looses the simplicity aspect as well.

What I think we need is something like a simlified SMTP (message numbers at the beginning and end of section only). Less overhead means more data going over the lines, quicker.

At best, HTTP is kludgy. Why can't anyone put together a single simple and effecient protocol? Something to at least challenge HTTP.

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (10)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]