What’s new in Apache 2.4?
Apache 2.4 is here, and it comes with enhancements and new features! This guide is for LCN web hosting and WordPress hosting customers and covers what’s new in Apache 2.4 and the changes you need to be aware of as a website administrator.
Let’s get started…
What’s new?
Our Quantum shared hosting platform has now been upgraded to use Apache 2.4. This new version claims to be faster and use less memory than its predecessor. There have been many improvements to the current modules of apache as well as some new ones. We won’t get into the technical stuff here; however, you can find out about all the new modules here.
What changes do I need to be aware of?
The most apparent change in Apache 2.4 is an update to the access control directives. In Apache 2.2 access control to specific hostnames and IP’s was done using the directives Order, Allow, Deny and Satisfy. You may have seen these directives being used in your .htaccess file to restrict access. An example would be:
ErrorDocument 403 /specific_page.htmlOrder Allow,DenyAllow from 111.222.333.444
In Apache 2.4, such access control is done in the same way as other authorisation checks, using the new module mod_authz_host. It is recommended that old access control rules should be replaced by the new authentication mechanisms.
Here are some examples of old and new ways to do the same access control.
In this example, there is no authentication and all requests are denied.
2.2 configuration:Order deny,allowDeny from all
2.4 configuration:Require all denied
In this example, there is no authentication and all requests are allowed.
2.2 configuration:Order allow,denyAllow from all
2.4 configuration:Require all granted
In the following example, there is no authentication and all hosts in the example.org domain are allowed access; all other hosts are denied access.
2.2 configuration:Order Deny,AllowDeny from allAllow from example.org
2.4 configuration:Require host example.org
Please note: A module has been installed to ensure that you can still use the older 2.2 configurations. However, it is not recommended to mix the old and new directives within your .htaccess file. It is technically possible to mix these directives; however, issues have been known to arise when doing so.
That’s it! You now know everything needed to update your .htaccess access control rules.