Hiawatha is a
web server
A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initi ...
available for multiple platforms. It has been developed by
Hugo Leisink
Hugo or HUGO may refer to:
Arts and entertainment
* ''Hugo'' (film), a 2011 film directed by Martin Scorsese
* Hugo Award, a science fiction and fantasy award named after Hugo Gernsback
* Hugo (franchise), a children's media franchise based on a ...
since 2002.
History
Hiawatha started in January 2002 as a small web server, suitable for servers with old hardware. Leisink, a computer science student at the time, initially created the server to support Internet servers in student houses in
Delft
Delft () is a city and municipality in the province of South Holland, Netherlands. It is located between Rotterdam, to the southeast, and The Hague, to the northwest. Together with them, it is part of both the Rotterdam–The Hague metropolitan ...
of
South Holland
South Holland ( nl, Zuid-Holland ) is a province of the Netherlands with a population of over 3.7 million as of October 2021 and a population density of about , making it the country's most populous province and one of the world's most densely ...
, the
Netherlands
)
, anthem = ( en, "William of Nassau")
, image_map =
, map_caption =
, subdivision_type = Sovereign state
, subdivision_name = Kingdom of the Netherlands
, established_title = Before independence
, established_date = Spanish Netherl ...
. As the server was designed with improved security as its focus, Leisink states that "there are a lot of security features in Hiawatha you won't find in any other webserver."
The author has said "I know for a long time that vulnerabilities
xist in other web servers.
ne thingthat bothers me: the runtime of a CGI. A CGI process
nder other web servers Nder may refer to:
* Alioune Mbaye Nder (born 1969), Senegalese singer
* N'Der, also spelled Nder, town in northern Senegal
{{dab ...
can run forever. A single CGI script can DoS a webserver. A system administrator is needed to kill the script. And what about a client
r hackerthat keeps on guessing passwords for HTTP authentication? These kind of issues inspired me to create Hiawatha, with settings for maximum request sending time, maximum CGI run time, client banning, etc. Features that, in my opinion, every daemon should have."
The January 2009 edition of ''
Linux Magazine
''Linux Magazine'' is an international magazine for Linux software enthusiasts and professionals. It is published by the former Linux New Media division of the German media company Medialinx AG.
The magazine was first published in German in 19 ...
'' included an article on the Hiawatha web server, describing it as "a light web server with good performance and some innovative security functions". Hiawatha is frequently cited as a lightweight alternative to
Apache, as it prioritizes easy installation and reduced storage over including many other additional features.
;Important releases:
* 1.0: September 2002. A basic but functional web server.
* 2.0: March 2004. Use of multithreading instead of forking.
* 3.0: September 2004. SSL support.
* 4.0: December 2005. A CGI-wrapper for improved security was included.
* 5.0: October 2006.
FastCGI
FastCGI is a binary protocol for interfacing interactive programs with a web server. It is a variation on the earlier Common Gateway Interface (CGI). FastCGI's main aim is to reduce the overhead related to interfacing between web server and CGI p ...
support for improved CGI speed.
* 5.2: November 2006. First-time integration to the
FreeBSD Ports
The FreeBSD Ports collection is a package management system for the FreeBSD operating system, providing an easy and consistent way of installing software packages. As of February 2020, there are over 38,487 ports available in the collection. It h ...
system at version 5.2 in December 2006, to the
OpenBSD
OpenBSD is a security-focused operating system, security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking N ...
ports tree at version 5.7 in March 2007.
* 5.12: August 2007. URL rewriting support.
* 6.0: October 2007.
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. I ...
support.
* 6.6: April 2008.
XSLT
XSLT (Extensible Stylesheet Language Transformations) is a language originally designed for transforming XML documents into other XML documents, or other formats such as HTML for web pages, plain text or XSL Formatting Objects, which may subse ...
support.
* 6.10 : October 2008. Prevent cross-site request forgery added.
* 7.0: February 2010. Remote monitoring support.
* 8.0: January 2012.
Autoconf
GNU Autoconf is a tool for producing configure scripts for building, installing, and packaging software on computer systems where a Bourne shell is available.
Autoconf is agnostic about the programming languages used, but it is often used for ...
replaced with
CMake
In software development, CMake is cross-platform free and open-source software for build automation, testing, packaging and installation of software by using a compiler-independent method. CMake is not a build system itself; it generates ano ...
,
OpenSSL
OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HT ...
replaced with
PolarSSL.
* 9.0: March 2013. Clients handled via thread pool instead of creating threads on the fly.
* 10.0: November 2015. Streamlined handling of Directory sections in server configuration.
* 10.9: February 2019. Last major developed release.
In February 2019 Leisink simultaneously announced the release of version 10.9 and the end of major development in a pair of blog posts.
Features
Hiawatha web server implements all important functions of a modern web server, such as:
*
CGI and
load balancing FastCGI
FastCGI is a binary protocol for interfacing interactive programs with a web server. It is a variation on the earlier Common Gateway Interface (CGI). FastCGI's main aim is to reduce the overhead related to interfacing between web server and CGI p ...
support
* Large file support
*
Reverse proxy
In computer networks, a reverse proxy is the application that sits in front of back-end applications and forwards client (e.g. browser) requests to those applications. Reverse proxies help increase scalability, performance, resilience and securi ...
functionality
*
Chroot
A chroot on Unix and Unix-like operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normall ...
support
* URL toolkit which supports
URL rewriting
In web applications, a rewrite engine is a software component that performs rewriting on URLs (Uniform Resource Locators), modifying their appearance. This modification is called URL rewriting. It is a way of implementing URL mapping or routing ...
*
SSL SSL may refer to:
Entertainment
* RoboCup Small Size League, robotics football competition
* ''Sesame Street Live'', a touring version of the children's television show
* StarCraft II StarLeague, a Korean league in the video game
Natural language ...
and
TLS support
* Basic and digest HTTP
authentication
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicat ...
* Upload speed control by
traffic shaping
Traffic shaping is a bandwidth management technique used on computer networks which delays some or all datagrams to bring them into compliance with a desired ''traffic profile''. Traffic shaping is used to optimize or guarantee performance, imp ...
* Internal file caching
*
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. I ...
support
*
HTTP compression
HTTP compression is a capability that can be built into web servers and web clients to improve transfer speed and bandwidth utilization.
HTTP data is compressed before it is sent from the server: compliant browsers will announce what methods ar ...
using
gzip
gzip is a file format and a software application used for file compression and decompression. The program was created by Jean-loup Gailly and Mark Adler as a free software replacement for the compress program used in early Unix systems, and ...
*
Virtual hosting
* Support for
WebDAV
WebDAV (Web Distributed Authoring and Versioning) is a set of extensions to the Hypertext Transfer Protocol (HTTP), which allows user agents to collaboratively author contents ''directly'' in an HTTP web server by providing facilities for concu ...
applications
* Support for
Server Name Indication
Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server ...
included in v8.6
Hiawatha has many security features that no other web server has, like preventing
SQL-injection, cross-site scripting (
XSS),
Cross-site request forgery
Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced ''sea-surf'') or XSRF, is a type of malicious exploit of a website or web application where unauthorized commands are submitt ...
(CSRF) prevention,
denial-of-service
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
protection, control external image linking, banning of potential hackers and limiting the runtime of
CGI applications. The author worked on
RFC3546 support, but "the OpenSSL documentation
n this subject
N, or n, is the fourteenth letter in the Latin alphabet, used in the modern English alphabet, the alphabets of other western European languages and others worldwide. Its name in English is ''en'' (pronounced ), plural ''ens''.
History
...
is just extremely poor" so progress was difficult. Although,
RFC3546 support has been included since v8.6 version which is developed with
PolarSSLv1.2.
Performance
Although security is the main focus, Hiawatha users also speak highly of its speed and performance. According to a performance test carried out by an independent researcher (SaltwaterC), Hiawatha is faster than the ten other servers tested for Drupal static content, while performing comparably to the rest in other metrics.
PHP_web_serving_study
Hiawatha supports load-balanced FastCGI
FastCGI is a binary protocol for interfacing interactive programs with a web server. It is a variation on the earlier Common Gateway Interface (CGI). FastCGI's main aim is to reduce the overhead related to interfacing between web server and CGI p ...
and had its own PHP-FastCGI utility, although the latter has been deprecated and replaced with the PHP project's FastCGI Process Manager (PHP-FPM).
See also
* Comparison of web server software
Web server software allows computers to act as web servers. The first web servers supported only static files, such as HTML (and images), but now they commonly allow embedding of server side applications.
Some web application frameworks include s ...
References
External links
*
* ( Unix blog )
*
{{Web server software
Free web server software
Free software programmed in C
Cross-platform free software
Unix network-related software
Reverse proxy
Web server software for Linux