Welcome
Welcome to the website of the Hiawatha webserver, the world's most secure and advanced webserver.News
I have a son!!! This morning, at 6:50, my son was born. His name is Pepijn. He and his mother are doing very well.
I've been awake for more than 30 hours, so I'm a little tired. Please, be patient if I don't respond to forum posts as quickly as I normally do.
"Yesterday, an interesting HTTP DoS tool has been released. The tool performs a Denial of Service attack on Apache (and some other) servers by exhausting available connections. While there are a lot of DoS tools available today, this one is particularly interesting because it holds the connection open while sending incomplete HTTP requests to the server." [sans.org]
I know for a long time that this vulnerability is present in Apache. It surprises me that nobody has implemented an exploit sooner. Another thing in Apache that bothers me: the runtime of a CGI. A CGI process can run forever under Apache. A single CGI script can DoS a webserver. A system administrator is needed to kill the script. And what about a client that keeps on guessing passwords for HTTP authentication?
These kind of Apache issues inspired me to create Hiawatha, with settings for maximum request sending time, maximum CGI run time, client banning, etc. Features that, in my opinion, every daemon should have.
Recently, I discovered that the january 2009 edition of Linux Magazin contained an article about the Hiawatha webserver. For anybody who can read German, the article can be found here.
I've updated the HOWTO page. It contains more information and I've restructured the information so it's easier to read.
- Hiawatha 6.14.1 has been released. It contains a fix in wigwam, the configuration file checker.
- Several bugfixes and improvements have been made in Hiawatha 6.14, which has been released today. In the previous news message, I stated that I was busy implementing RFC3646. But OpenSSL is not very well documented, specially the part which concerns RFC3546. So, I decided to make the bugfixes and improvements I made to Hiawatha in the meantime already available via this release. Hopefully 6.15 will have support for RFC3546.
