Apache supports a variety of features, many implemented as
compiled modules which extend the core functionality. These can range from
authentication schemes to supporting
server-side programming languages such as
Perl,
Python,
Tcl and
PHP. Popular authentication modules include mod_access, mod_auth, mod_digest, and mod_auth_digest, the successor to mod_digest. A sample of other features include
Secure Sockets Layer and
Transport Layer Security support (
mod_ssl), a
proxy module (
mod_proxy), a
URL rewriting module (mod_rewrite), custom log files (mod_log_config), and filtering support (mod_include and mod_ext_filter). Popular compression methods on Apache include the external extension module, mod_gzip, implemented to help with reduction of the size (weight) of web pages served over
HTTP.
ModSecurity is an open source intrusion detection and prevention engine for Web applications. Apache logs can be analyzed through a Web browser using free scripts, such as
AWStats/
W3Perl or Visitors.
Virtual hosting allows one Apache installation to serve many different
websites. For example, one computer with one Apache installation could simultaneously serve example.com, example.org, test47.test-server.example.edu, etc. Apache features configurable error messages,
DBMS-based authentication databases,
content negotiation and supports several
graphical user interfaces (GUIs). It supports password authentication and
digital certificate authentication. Because the source code is freely available, anyone can adapt the server for specific needs, and there is a large public library of Apache add-ons. A more detailed list of features is provided below: • Loadable Dynamic Modules • Multiple Request Processing modes (MPMs) including
Event-based/Async, Threaded and Prefork. • Highly scalable (easily handles
more than 10,000 simultaneous connections) • Handling of static files, index files, auto-indexing and content negotiation • .htaccess per-directory configuration support •
Reverse proxy with caching •
Load balancing with in-band health checks • Multiple load balancing mechanisms •
Fault tolerance and Failover with automatic recovery •
WebSocket,
FastCGI,
SCGI,
AJP and
uWSGI support with caching • Dynamic configuration •
TLS/SSL with
SNI and
OCSP stapling support, via
OpenSSL or
wolfSSL. • Name- and IP address-based virtual servers •
IPv6-compatible •
HTTP/2 support • Fine-grained authentication and authorization access control •
gzip compression and decompression • URL rewriting • Headers and content rewriting • Custom logging with rotation • Concurrent connection limiting • Request processing rate limiting •
Bandwidth throttling •
Server Side Includes •
IP address-based
geolocation • User and Session tracking •
WebDAV • Embedded
Perl,
PHP and
Lua scripting •
CGI support • public_html per-user web-pages • Generic expression parser • Real-time status views •
FTP support (by a separate module) ==Performance==