Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Don’t duck at the latest mention of Apache: ...

A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security researchers, and at least one U.S. state government has issued an emergency ...

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.

Please Note: Web Services does not support the applications listed below. These instructions are provided for your convenience. If you are having issues with these ...

My buddy Rich tweeted a terse message yesterday afternoon: “Happy Birthday Apache Web Server, started 15 years ago today!” I had meant to write up the story then, but forgot it about it. Consider this ...

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...

Don't run Tomcat through Apache httpd if you can avoid it It is advisable to run Tomcat standalone, not connected through Apache httpd, because you will lose at least 50% of Tomcat’s response ...

1 This can be done with an .htgroup file maintained and deployed to each tier by the developer (preferred) or as a static list maintained by Web Services. 2 Contact Web Services for assistance. I want ...