This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
Original author(s) | Hugo Leisink |
---|---|
Developer(s) | Hugo Leisink |
Initial release | 2002 |
Stable release | |
Repository | |
Written in | C [2] |
Operating system | FreeBSD, Haiku os, HP-UX, IBM AIX, Linux, OpenBSD, OS X, QNX, Solaris, Unix-like and Windows [3] |
Platform | POSIX, Cross-platform |
Available in | English |
Type | Web server |
License | GPL-2.0-only |
Website | hiawatha |
Hiawatha was a free and open source cross-platform web server developed by Hugo Leisink. [4]
Hiawatha development began in January 2002 as a web server. Leisink, a computer science student at the time, initially created it to support internet servers based in student houses in South Holland and the Netherlands, with security as its focus.
The January 2009 edition of Linux Magazine included an article on the Hiawatha web server, describing it as "a light web server with good performance and some innovative security functions." [5] In 2015 Hiawatha was cited as a lightweight alternative to Apache, as it prioritized the installation experience and reduced storage over adding other features. [6] [7] [8]
In February 2019 Leisink announced the end of major development. [9] Releases since then have focused on fixing bugs, and keeping components up to date. [10]
As of December 2023, Leisink has continued to publish bug fixes and small improvement releases. [10]
The Hiawatha web server featured:
Hiawatha aimed to prevent SQL-injection, cross-site scripting (XSS), Cross-site request forgery (CSRF), and denial-of-service attacks. It allowed banning of potential hackers and had an option to limit the runtime of CGI applications. [14] RFC3546 support was included with version 8.6, which was developed with PolarSSLv1.2.
In 2012, a performance test was carried out by an independent researcher (SaltwaterC). They found that Hiawatha was faster than ten other servers with Drupal static content, but performed comparably to the rest in other metrics. [15]
Hiawatha has supported load-balanced FastCGI and the PHP project's FastCGI Process Manager (PHP-FPM). [16]
The Apache HTTP Server is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation.
GNU Wget is a computer program that retrieves content from web servers. It is part of the GNU Project. Its name derives from "World Wide Web" and "get". It supports downloading via HTTP, HTTPS, and FTP.
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.
cURL is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL".
OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
netcat is a computer networking utility for reading from and writing to network connections using TCP or UDP. The command is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.
FileZilla is a free and open-source, cross-platform FTP application, consisting of FileZilla Client and FileZilla Server. Clients are available for Windows, Linux, and macOS. Both server and client support FTP and FTPS, while the client can in addition connect to SFTP servers. FileZilla's source code is hosted on SourceForge.
lighttpd is an open-source web server optimized for speed-critical environments while remaining standards-compliant, secure and flexible. It was originally written by Jan Kneschke as a proof-of-concept of the c10k problem – how to handle 10,000 connections in parallel on one server, but has gained worldwide popularity. Its name is a portmanteau of "light" and "httpd".
Web server software allows computers to act as web servers. The first web servers supported only static files, such as HTML, but now they commonly allow embedding of server side applications.
Pound is a lightweight open source reverse proxy program and application firewall suitable to be used as a web server load balancing solution. Originally developed by an IT security company, it has a strong emphasis on security. The original intent on developing Pound was to allow distributing the load among several Zope servers running on top of ZEO. However, Pound is not limited to Zope-based installations. Using regular expression matching on the requested URLs, Pound can pass different kinds of requests to different backend server groups. A few more of its most important features:
Secure Socket Tunneling Protocol (SSTP) is a form of virtual private network (VPN) tunnel that provides a mechanism to transport PPP traffic through an SSL/TLS channel. SSL/TLS provides transport-level security with key negotiation, encryption and traffic integrity checking. The use of SSL/TLS over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies.
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Russian developer Igor Sysoev and publicly released in 2004. Nginx is free and open-source software, released under the terms of the 2-clause BSD license. A large fraction of web servers use Nginx, often as a load balancer.
Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546
WeeChat is a free and open-source Internet Relay Chat client that is designed to be light and fast. It is released under the terms of the GNU GPL-3.0-or-later and has been developed since 2003.
Mbed TLS is an implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. It is distributed under the Apache License version 2.0. Stated on the website is that Mbed TLS aims to be "easy to understand, use, integrate and expand".
Cherokee is an open-source cross-platform web server that runs on Linux, BSD variants, Solaris, OS X, and Windows. It is a lightweight, high-performance web server/reverse proxy licensed under the GNU General Public License. Its goal is to be fast and fully functional yet still light. Major features of Cherokee include a graphical administration interface named cherokee-admin, and a modular light-weight design.
FastCGI is a binary protocol for interfacing interactive programs with a web server. It is a variation on the earlier Common Gateway Interface (CGI). FastCGI's main aim is to reduce the overhead related to interfacing between web server and CGI programs, allowing a server to handle more web page requests per unit of time.
In computer networking, TCP Fast Open (TFO) is an extension to speed up the opening of successive Transmission Control Protocol (TCP) connections between two endpoints. It works by using a TFO cookie, which is a cryptographic cookie stored on the client and set upon the initial connection with the server. When the client later reconnects, it sends the initial SYN packet along with the TFO cookie data to authenticate itself. If successful, the server may start sending data to the client even before the reception of the final ACK packet of the three-way handshake, thus skipping a round-trip delay and lowering the latency in the start of data transmission.
ProFTPD is an FTP server. ProFTPD is Free and open-source software, compatible with Unix-like systems and Microsoft Windows . Along with vsftpd and Pure-FTPd, ProFTPD is among the most popular FTP servers in Unix-like environments today. Compared to those, which focus e.g. on simplicity, speed or security, ProFTPD's primary design goal is to be a highly feature rich FTP server, exposing a large amount of configuration options to the user.
LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0. The OpenBSD project forked LibreSSL from OpenSSL 1.0.1g in April 2014 as a response to the Heartbleed security vulnerability, with the goals of modernizing the codebase, improving security, and applying development best practices.