apache 2

Well our #1 reason for going to Apache 2.x (when we can) is that it has no issues with logs over 2 gb.

Frank

 

Probably one of the reasons is when you need a feature or module only available in apache 2.xx. A good example is Free web hosts who want to use mod_ext_filter which is available under apache 2.xx but not under 1.xx. I am reluctant to upgrade and I am trying to use mod_layout (available for apache 1.xx) which is good and does the same job to insert forced ads in free hosted sites, but in our case and for one of our sites htttp://www.freeonlinehost.com , we are still testing as it has issues with php scripts using compression (ob_start, ob_gzhandler, zlib...).

I am sure I'll find a way rather than upgrading to Apache 2.xx which is still edge release and dodgy. Of course there are more reasons for upgrading depending on your needs, but the above reason is the reason I would upgrade if I don't find a fix. Overall, when apache 2.xx is stable, it's a must for most I think.

Main reason to stay with Apache 1.xx is almost all software releases are tried, tested and stable under 1.xx and some software is either not available under 2.xx or was never tested.

 

The reasons for going to Apache 2 are far too numerous to list and
the the advantages far outweigh any disadvantages and go way, way
beyond just having mod_ext_filter available.

The memory and resource management alone makes it worthwhile!

Not to mention the increases in security. I hope you realize that the
time it takes me to hack and / or crash sites running Apache 1.3.x
is in a matter of mere seconds and I really would not recommend
anyone using Apache 1.x anymore.

Apache 2 has been out for a great many years and Cpanel is by far
the slowest in terms of developing support for it. In contrast,
Plesk moved over to Apache 2 more than 2 1/2 years ago!

The problem here is that Cpanel only supports Apache 2 currently
in the Edge tree only and you are afraid of going to Edge. I really
wouldn't worry about it so much as the bugs in Edge currently are
all really minor trivial things that only take about 5 seconds to fix
and Cpanel could fix them themselves if they woke up!

The only thing I would be a little concerned over at the moment is running
updates once you get it working. Most of the updates the past 2 months
have served to break things more than fix them so once you get everything
working, you probably want to just turn off Cpanel updates and not do any
updates anymore until you really have to.

(With all that said, I had Apache 2 working perfectly with Cpanel back in 2004
but got tired of Cpanel constantly replacing my Apache with older versions
so I just gave up and waited for them to add it themselves finally now in Edge.
Irony is that it took them 2 years to only begin to make progress on
what I had already solved 2 years ago)

 

Quite right Spiral, I merely pointed out one of the reasons I would upgrade, quote" Of course there are more reasons for upgrading depending on your needs "unquote.

I actually run apache 2.xx on my local machine and tested every possible software, no problems, it just when it comes to production cPanel seem to be somehow slow like you said.
Apache 1.xx is less reliable on security than 2.xx, but >>"time it takes me to hack and / or crash sites running Apache 1.3.x is in a matter of mere seconds"<< is an over statement, don't forget there are patches in place besides all available security modules such as mod_security and all other measures outside of apache. Apache 2.xx would be the same if you leave your server on a vanilla basis as well.

 

Could you give us examples on how you can hack sites running on apache 1.3 in seconds and where/how apache 2 would make these methods impossible?

 

Hacking apache 1.3x servers and crashing them in seconds I find a bit metaphoric, may be in minutes if the server is completely open. If Spiral gives you examples, he/she will be inviting every script kiddie lurking round here to have a go. Speaking generally is probably safer or PM him/her about that.
Majority of large companies and sites are still using apache 1.3x and doing fine, I say for large production sites there is a reason to still be running under 1.3xx.

 

If he is aware of current exploits in apache 1.3 that don't exist in apache 2 I'm sure more people are interested in knowing.

I am not asking for howto's, just for the methods that he is referring to.