Last checked and updated on 03 Jun 2026
What Is New in Apache HTTP Server 2.0
Apache HTTP Server 2.0 is a major architectural overhaul of the 1.3 series, introducing pluggable Multi-Processing Modules (MPMs), a rebuilt module API, native SSL/TLS support, content filtering, and a dramatically simplified configuration model. Teams running Apache 1.3 in production should expect both significant capability gains and a non-trivial migration effort -- third-party modules in particular require recompilation and likely code changes.
| Category | Highlights |
|---|---|
| New Features | Multi-Processing Modules (MPMs) with hybrid threading on Unix; Apache Portable Runtime (APR); native mod_ssl (OpenSSL); mod_dav (WebDAV); mod_deflate (gzip compression); content filtering pipeline; mod_auth_ldap with connection pooling; IPv6 support; PCRE regular expressions; UTF-8 filename encoding on Windows NT; mod_file_cache; mod_charset_lite |
| Improvements | Completely rewritten mod_proxy with HTTP/1.1 compliance; per-hook module ordering replaces global priority lists; mod_headers can now modify request headers and conditionally set response headers; mod_autoindex HTML table output with version sorting; mod_auth_digest shared-memory session caching; ForceLanguagePriority in mod_negotiation; autoconf/libtool-based build system; multilanguage error responses |
| Breaking Changes | Port and BindAddress directives removed (use Listen); ServerType directive removed; AccessConfig and ResourceConfig removed (use Include); AddModule and ClearModuleList removed; FancyIndexing directive removed (use IndexOptions FancyIndexing); <Directory proxy:...> blocks replaced by <Proxy> blocks; ErrorDocument text messages now require double quotes; CacheNegotiatedDocs requires explicit "on"/"off" argument; PATH_INFO handling changed for filter-based modules; ErrorHeader merged into Header directive (since 2.0.51) |
| Deprecations | mod_log_agent and mod_log_referer removed (AgentLog, RefererLog, RefererIgnore replaced by CustomLog); mod_mmap_static replaced by mod_file_cache; Apache 1.3 module API entirely incompatible -- all third-party modules must be rewritten |
How Do Multi-Processing Modules Change Apache's Architecture in 2.0?
Multi-Processing Modules (MPMs) are the single most architecturally significant change in Apache 2.0 -- they move the core request-handling model out of the server binary and into swappable, compile-time-selectable modules.
In Apache 1.3, the process model was hardcoded: Unix used a prefork model, and other platforms used platform-specific hacks. In 2.0, the MPM you select at build time determines how the server manages processes and threads. The three most important MPMs are:
- prefork -- A non-threaded, pure multi-process model. Closest in behavior to Apache 1.3. Choose this if you rely on non-thread-safe libraries (notably older PHP builds).
- worker -- A hybrid multi-process, multi-threaded model. Each child process spawns multiple threads. This dramatically reduces memory footprint under load and is the preferred choice for most modern deployments.
- winnt -- The native MPM for Windows, which uses a single control process and a pool of worker threads backed by Windows I/O completion ports.
In practice, directives like MaxClients, StartServers, and ThreadsPerChild now live in the MPM module rather than the core server. If you are migrating an httpd.conf from 1.3, check every process/thread tuning directive against the MPM documentation for your chosen model -- many 1.3 directives simply do not exist in worker or event MPMs.
# Example: worker MPM tuning block in httpd.conf
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>Watch out for the Unix threading model: on systems with POSIX thread support, Apache 2.0 can run in hybrid mode, but this only improves scalability for I/O-bound workloads. CPU-bound workloads with blocking C extensions still benefit more from prefork isolation.
What Does the New Content Filtering Pipeline Enable in Apache 2.0?
Apache 2.0 introduces a formal content filtering pipeline, allowing modules to register as filters that transform the stream of request or response data as it passes through the server -- a capability that did not exist as a first-class concept in 1.3.
This matters for several common real-world use cases:
- Output compression -- mod_deflate hooks into the output filter chain and compresses responses on the fly for browsers that send
Accept-Encoding: gzip. In 1.3, this required third-party patches or external wrappers. - CGI post-processing -- CGI script output can now be piped through the INCLUDES filter in mod_include, enabling SSI directives inside dynamically generated content.
- External filter programs -- mod_ext_filter lets you plug any external program (a shell script, Python process, etc.) into the filter chain, similar to how CGI programs act as handlers.
- Proxy transformation -- The rewritten mod_proxy uses the filter infrastructure internally, enabling more reliable and extensible proxying behavior.
One important behavior change to be aware of: modules that were handlers in 1.3 but are now implemented as filters (including the INCLUDES filter and PHP) no longer accept requests with PATH_INFO by default. If your application relies on PATH_INFO in SSI or PHP requests, add AcceptPathInfo On to restore the prior behavior.
# Enable gzip compression via mod_deflate filter
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>What New Modules Ship With Apache 2.0 and What Do They Replace?
Apache 2.0 bundles several modules that were previously third-party add-ons, patches, or experimental code, making a much broader feature set available without additional compilation overhead.
mod_ssl is the headline addition -- a full OpenSSL-backed SSL/TLS implementation that was previously only available through the separate mod_ssl.org patch against Apache 1.3. For most production deployments, this alone justifies the upgrade, as it eliminates maintaining a patched Apache tree just to get HTTPS support.
mod_dav adds WebDAV support (HTTP-based distributed authoring and versioning), enabling clients to directly read, write, copy, and move files on the server via HTTP. This matters if you are running content management workflows or version-controlled web deployments.
mod_auth_ldap (added in 2.0.41) provides LDAP-backed HTTP Basic Authentication, paired with mod_ldap which supplies connection pooling and result caching to prevent authentication requests from hammering your directory server.
The following table summarizes module changes at a glance:
| Module | Status in 2.0 | Notes |
|---|---|---|
| mod_ssl | New (bundled) | Previously required a separate patch; OpenSSL interface for SSL/TLS |
| mod_dav | New | WebDAV support for HTTP-based file management |
| mod_deflate | New | Replaces third-party gzip solutions; uses filter pipeline |
| mod_auth_ldap | New (2.0.41+) | LDAP-backed Basic Auth; requires mod_ldap for pooling/caching |
| mod_file_cache | New | Replaces experimental mod_mmap_static; extends caching capabilities |
| mod_charset_lite | New (experimental) | Character set translation and recoding |
| mod_auth_digest | Promoted from experimental | Now standard; adds shared-memory cross-process session caching |
| mod_proxy | Completely rewritten | HTTP/1.1 compliant; split into proxy_connect, proxy_ftp, proxy_http |
| mod_log_agent / mod_log_referer | Removed | Use CustomLog with mod_log_config instead |
| mod_mmap_static | Removed | Replaced by mod_file_cache |
What Configuration Directives Are Removed or Changed in Apache 2.0?
Apache 2.0 removes or renames a significant number of 1.3 directives -- this is the most common source of startup errors when migrating an existing httpd.conf, and reviewing every removed directive before your first 2.0 startup will save considerable troubleshooting time.
The most impactful removals affecting day-to-day configuration are:
- Port and BindAddress removed -- Replace both with the
Listendirective. TheServerNamedirective now accepts a hostname:port syntax for self-referential URLs. - AccessConfig and ResourceConfig removed -- Replace with explicit
Includedirectives. If you relied on the defaults (conf/access.conf and conf/srm.conf), add them explicitly to your httpd.conf. - ServerType removed -- The request-handling model is now entirely determined by your selected MPM. There is no inetd-launched MPM in 2.0.
- AddModule and ClearModuleList removed -- The new API allows modules to declare their own ordering explicitly via per-hook priority, making these directives unnecessary.
- FancyIndexing directive removed -- Use
IndexOptions FancyIndexinginstead. - ErrorDocument text syntax changed -- Text messages must now be enclosed in double quotes:
ErrorDocument 403 "Forbidden". - CacheNegotiatedDocs now requires an argument -- Change bare
CacheNegotiatedDocstoCacheNegotiatedDocs on.
# Apache 1.3 -- DOES NOT WORK in 2.0
BindAddress 192.168.1.1
Port 80
ServerType standalone
AccessConfig conf/access.conf
ResourceConfig conf/srm.conf
ErrorDocument 403 "Access Denied
CacheNegotiatedDocs
# Apache 2.0 -- corrected equivalents
Listen 192.168.1.1:80
ServerName www.example.com:80
Include conf/access.conf
Include conf/srm.conf
ErrorDocument 403 "Access Denied"
CacheNegotiatedDocs onAlso note: the proxy module now uses <Proxy> blocks for access control, not <Directory proxy:...>. If you run a reverse proxy, this configuration section must be rewritten. Most teams underestimate the configuration migration effort -- budget time to diff your 1.3 httpd.conf against the 2.0 defaults line by line.
Frequently Asked Questions about Apache HTTP Server 2.0
Will Apache 1.3 configuration files work directly in Apache 2.0?
Most 1.3 configuration files will not work without modification because several directives have been removed or changed, including Port, BindAddress, ServerType, AccessConfig, ResourceConfig, AddModule, ClearModuleList, and FancyIndexing -- all of which cause startup failures in 2.0 and must be replaced with their 2.0 equivalents before the server will start.
Do Apache 1.3 third-party modules work in Apache 2.0?
No. The module API changed extensively between 1.3 and 2.0, and all third-party modules compiled against the 1.3 API must be rewritten and recompiled for 2.0. There is no binary or source compatibility between the two APIs.
Which MPM should I choose when migrating from Apache 1.3 on Unix?
If you need maximum behavioral compatibility with 1.3 -- for example, if you run non-thread-safe PHP extensions or other non-reentrant libraries -- choose the prefork MPM. For new deployments or those using thread-safe libraries, the worker MPM offers significantly better performance and lower memory use under concurrent load.
How do I enable SSL/TLS in Apache 2.0 now that mod_ssl is bundled?
Compile Apache with mod_ssl enabled using --enable-ssl and --with-ssl pointing to your OpenSSL installation, then load it in httpd.conf with LoadModule ssl_module modules/mod_ssl.so, include the ssl.conf configuration, and configure SSLCertificateFile, SSLCertificateKeyFile, and SSLEngine on inside your VirtualHost block -- no separate patch or external distribution is required as was the case with Apache 1.3.
What replaced the AgentLog and RefererLog directives removed in Apache 2.0?
Both directives, previously provided by the removed mod_log_agent and mod_log_referer modules, are now handled through the CustomLog directive in mod_log_config using the format specifiers %{User-agent}i and %{Referer}i respectively.
Does Apache 2.0 support IPv6?
Yes. On systems where the Apache Portable Runtime supports IPv6, Apache 2.0 opens IPv6 listening sockets by default, and the Listen, NameVirtualHost, and VirtualHost directives all accept IPv6 numeric address strings in bracket notation such as Listen [2001:db8::1]:8080.