Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
The Internet

AOLServer Open Sourced 87

Quite a number of people have written in with the news that AOLServer has been open-sourced under a GPLish looking license. You can grab the source or the documentation.
This discussion has been archived. No new comments can be posted.

AOLServer Open Sourced

Comments Filter:
  • by Anonymous Coward
    It's not just you, this is REALLY old and dumb. Too bad the moderators have some mistaken impression that this is in any way funny.

  • The name might imply it's the software AOL uses to serve its clients. The documentation seems to say it's a combination web server and HTTP application server. The site uses AOL trademarks without prominent attribution. It all looks fishy to me. Can someone please clue me in?
  • I hope they don't run their own software on that site; if so it not a good advert be, hmm?
  • The server isn't dead, it seems they've blocked all ICMP, including ICMP_FRAG_NEEDED, which is rather critical for path MTU discovery if you have strange MTUs between you and them, like I do.

    I wouldn't use software from people this clueless.
  • ICMP_ECHO and ICMP_ECHOREPLY are diagnostics which can be safely disabled. Indeed, sometimes it is sensible to disable or limit them.

    ICMP_FRAG_NEEDED is *vital* for correct functioning of a TCP/IP stack. Without it, many people will simply not be able to communicate with the host. I certainly can't.
  • Okay, I sort of see your point. On the other hand, if their personnel department happily hire people who don't know enough about to TCP/IP networks to administer one, what's to stop them hiring poor programmers? Admittedly the comments about this particular piece of software have been good.

    I'm just amazed the number of people out there who think they know enough about TCP/IP to set up firewalls and networks, when they're clearly clueless.
  • ICMP is vital to a correctly functioning IPv4 host. ICMP ECHO & ECHOREPLY aren't, but they are two out of many different ICMP packet types which are sent for good reasons.

    Perhaps you should learn something about TCP/IP before you start shooting your mouth off.
  • ...of course. Mozilla Public License v 1.1 according to the site.
  • either you're a clueless troller or you're being sarcastic. Due to the way you're writing, I suspect the latter as not too many people write that way normally (even if they speak that way). Either way, kind of funny.
  • Any chance they could open up TiK (the UNIX/LINUX version of AIM)? would be nice to expand the feature set a bit.
  • by jabbo ( 860 )
    I change my mind on whether Java sucks or rules about once a week, but it would be nice for the Jakarta product (i.e. Apache-Jserv Part Too) to work with AOLserver. I've been waiting around to find out whether Sun will provide its classes or whether I "get to" write those for Jakarta... maybe I should think about how to make the next version of Apache-Jserv work with AOLserver, as it is going to be my webserver of choice now that its source is open (at least until Apache 2.0 comes out).

    On the other hand, smart guys like William Crawford routinely turn up on Philip's discussion boards, so someone else may have already started doing this. I don't know (or care) how servlets worked in the old nsdynamo implementation, but Apache-Jserv is a very nice tool, as it makes load-balancing and distributed execution trivial. Jakarta/Apache-Jserv 1.2 plus AOLserver would be very pleasant to work with for platform-agnostic geeks... there are many things to recommend Java (that evil, slow, strongly-typed, bad-for-the-web language from Sun Proprietary Products, Inc and Alan Baratz... "it's just a reference implementation, we can't be held responsible!").


  • This just isn't true. Sure, the press reports that things are found now and then, and there may have been problems in the past, but his posting about the so-called "client-based security model" is just plain incorrect, wrong, and downright clueless.

    One: this one never got into the press.
    Two: I'm afraid it's quite true. It was true then, and it's true now. If you have an old copy of AOL 2.6 I believe I still have the patch lying around; the patch is useless now (though I'd imagine it would still run, but what's the point?) but I'll show you if you like.
    Three: You're right, a client-based security model is incorrect, wrong, and downright clueless. But remember who we're talking about here.

    If he really knew what he was talking about, he'd have been able to exploit any security hole --which he admits he was not able to do.

    This was years ago, before I knew how to program (much less hack Mac program code using nothing but ResEdit). Just because I know how a program works doesn't mean I can write a program to exploit security holes, much less hack another program to do it. Especially when I don't know how to program, which I didn't back then.

    Look, I know what I saw; I used this program for a while, in fact. And I don't appreciate being called clueless for bringing up an old AOL hack which likely invokes nostalgia in more than one Slashdotter.

    Besides, what does it have to do with AOLserver at all?

    Directly, nothing. But consider the following: one, the server's name is confusingly worded, such that people often think it's the server for AOL's content. Two, people have been clamoring for AOL to Open-Source their stuff. Three, AOL can't do this, and there's actually a damn good reason for it, namely bad software design (which I suppose isn't a good reason, but it's a valid one nonetheless).
  • Maybe, at some point in the past, in a much older version of the client and server software that no longer run anymore, this was true. Maybe.

    Perhaps in an older version of the client software that no longer ran anymore, this would be true.

    Just one problem: all versions of the AOL software still run. I believe I still have the oldest AOL frontend (version 1.0 for MacOS; it should be noted that AOL was originally Mac-only unless you count Q-Link which was C64-only). Last time I ran it, it worked fine (and allowed you to enter fake credit card numbers as long as they were theoretically valid, yet another security hole).

    That's just it. Perhaps in the 4.0 version, some of these security holes were closed up. But AOL prides itself on its backward-compatibility, and all of the security holes present in the older versions are still valid. There's a price to pay for the exploits: you miss out on the features of the new software. But they all still run fine.
  • by Millennium ( 2451 ) on Thursday July 08, 1999 @06:22PM (#1812157)
    I always forget that it's a web server, not their own content server. I get my hopes up that AOL's gone Open-Source, and then it's a big letdown.

    Then again, AOL can't Open-Source its stuff; if it did it would die withim days. No, this is not anti-Open-Source FUD: let me explain. You see, most (if not all) of AOL's security features are implemented solely in the client. This means that if you figure out how to access AOL via a terminal (it IS possible, but exceedingly difficult; I've never managed it myself) you essentially have admin access, minus the pretty icons and such, no matter what screen name you use. You still can't get other people's passwords, but who cares; other than that it's more or less like having root access to AOL (if such a thing existed).

    In other words, if you Open-Source the client, it's a trivial matter to remove all of the readblocks in the client, recompile, and have an "instant admin" client. And you know all of the AOL lamers would have a field day with that.

    The Mac (or former Mac users) here who used to be on AOL might remember a program called AOL4Free (made by a guy calling himself Happy Hardcore). This nifty little hack undid one of these locks in the client... the one which told the AOL server to bill the user (this was back in the days before AOL went flat-rate). The way it did this, however, tended to overload the server with a certain kind of packet. When the program got popular, the server eventually ground to a chronic halt; although AOL doesn't like people to know about it this was the real reason AOL was so slow until their server upgrade of a few years back; Mac users were getting free time and flooding the server as a side effect (I don't think a Windoze equivalent was ever made).

    The program eventually started undoing other locks, allowing the user access to admin-only areas (such as the fabled "Center of the Earth" chatroom, which at the time had double the capacity of normal chatrooms). The guides eventually had to move out of that chatroom, and went to one called "Wonderland"; Hardcore cracked that one too, and I don't even know where the guides hang out now.

    So you see, in AOL's case, Open-Sourcing the client really does mean death. But they have only themselves to blame for not designing their software right in the first place.
  • It's a web-server with integrated TCL scripting, and database connectivity, that AOL bought at some point in the past.
    -- []
    Whole Pop Magazine Online - Pop Culture
  • My first ever AOL bill was for $725.34, next month it was $27 :) The windows version of AOL4Free was AOLHELL. If some real good programers started to mess with AOL im sure they could realy screw things up. 99% of the AOL proggies are in VB and are buggy has hell.
    And in the real early versions I know you CAN enter fake CC#'s and that still works to this day.

  • by Bruce Perens ( 3872 ) <> on Thursday July 08, 1999 @06:53PM (#1812160) Homepage Journal
    The program is dual-licensed with the GPL and a NPL variant. The GPL is, of course, already accepted as an Open Source license. The NPL variant is probably Open Source too, but I haven't done a detailed audit and thus can't say for sure.

    This is the same AOL that some unauthorized character at Sun told us was thinking of giving up the Mozilla license. We already knew that report was bogus, but this is just more evidence.



  • Note: That's the wrong URL. The real one is: urvey?surveyid=1
    or, you can just click Here. []


    Comics: [] - It rocks my nads.
  • Funny, I just got done reading a chapter on different webservers in Philip Greenspun's [] new book "Philip and Alex's Guide to Web Publishing," which incidentally I bought after reading the review here on Slashdot []. This guy loves AOLServer, and claims to have rolled out over two hundred sites using it. His main knock against it is that it's not open source, but I guess that's a moot point now. Anyways, if you're a TCL wizard (I'm not), after reading a couple hundred pages of him praising this thing like it was the greatest invention since sliced bread, I can't help but recommend that you go and check it out [].

  • Is it just me, or is this generic joke getting really old.
  • by Palisade ( 6391 ) on Thursday July 08, 1999 @08:46PM (#1812164)
    I've looked over the code with my legal eye and see a few imperfections. It seems like AOL is trying very hard to understand, and in my opinion they're doing very well. I congratulate them on this license, yet I think by version 1.2 they could fix a few of the obvious problems very easily.

    My disection follows:

    AOL is using the Mozilla license with some amendments following, having never read the Mozilla license before I did notice some problems with it itself. I knew the MPL wasn't completely perfect, but it is a very well written license that closely follows what I consider a good open source/free software license standard.

    Enough with the psychobabble, and onto the legalbabble.

    Everything looked okay until I arrived at Section 2.2 Contributer Grant. Section 2.2.a gives the contributer exactly the same rights the "Initial Developer" (in this case, AOL) has. However, Section 2.2.c denies these rights and makes both Section 2.2.a and 2.2.b invalid if the contributer does not use the "Covered Code" (all code including original code and modified code) commercially. It is quite obvious that hobby programmers will be screwed legally, having inherited absolutely no rights whatsoever in the agreeing to this license. This also means a hobbyist developer isn't allowed to modify or redistribute the code.

    Section 3.1 denies the contributer the right to sub-license the code. (Does this mean AOL isn't allowed to make amendments? No. Section 6.3 claims you can create your own license using the MPL but you must show significant differences and use a name not related to Mozilla or Netscape in any way. Would having left sections 6.1 - 6.3 unmodified be deemed inproper modification? These sections contain sentances stating the license is controlled by Netscape/Mozilla and related to them, otherwise they are important parts of the license and should stay the way they are.)

    The rest of the MPL seemed ok, now onto AOL's amendments:

    Amendment IV basically says AOL has the right to add proprietary code to the AOL/MPL'ed code.

    Amendment V is intentionally omitted?!?!?!?

    Exhibit A which is an external part of the license implies that the provisions of the AOL/MPL license can be swapped with the provisions of the GPL license... Anyone confused yet? ;-)

    Nelson Rush

  • Wow. Sounds like a great httpd, I'm surprised AOL turned that out.
    Oh wait. AOL bought it. :D
  • Save yourself the trouble of downloading the AOL source:

    #include "makemoneyfast.h"
    #include "spam.h"
    #include "lawsuit.h"

    void main()
    printf("You've got mail!\n");

    printf("We're not responsible, honest!\n");
    printf("Problem fixed!\n");



  • Let's be reasonable, here.

    First, AOLpress has been dead for almost two years. If you're still using it, you're clueless.

    Server-side includes are simply the wrong way to publish web content when you have ADP's, which give you Tcl scripting right in your web page. Once more, if you still cry for SSI's, you're clueless.

    Java servlets were not dropped, they were always an optional object. The code for that is merely a cgi-like proxy to the Java Web Server and anyone can write his own version. Once more, you're clueless.

    Virtual FTP was nice (it was a feature I championed) but there are other things that do it much better.

    If you pine for web-based administration, it's time to get with the program. The control port interface gives you extensive control that you just can't achieve on web pages.

    And, of course, the rest of the missing features of 2.3 can be re-implemented by anyone, you know, and you can even make great new features yourself.

    AOLserver has always had an extensive C API which let you add shared objects. It's still there, of course. Why not use it to add the features you liked?

    Kriston J. Rehberg []

  • It helps to understand the difference between a software development organization and a network operations organization. Your complaints have nothing to do with the software.

    Kriston J. Rehberg []

  • You mean to tell me you can't tell the difference between a firewall and a web server? What makes you think that opening up hosts in the world's largest network to DoS attacks is advantageous?

    *shakes head in disbelief*

    Kriston J. Rehberg []

  • Philip Greenspun's reasons are more well-stated than mine were. Having said that, all of the removed features can be replaced by folks who have the initiative to do so. After all, this is beta 1 of the product. If this is a reason to drop advocacy of the server, the potential to add features in the Open Source effort is a better reason to advocate it.

    Kriston J. Rehberg []

  • This just isn't true. Sure, the press reports that things are found now and then, and there may have been problems in the past, but his posting about the so-called "client-based security model" is just plain incorrect, wrong, and downright clueless. If he really knew what he was talking about, he'd have been able to exploit any security hole -- which he admits he was not able to do.
    How such an obviously wrong posting gets a score of "4: Interesting" is beyond me. Besides, what does it have to do with AOLserver at all?

    Kriston J. Rehberg []

  • Probably. Lawyers will be lawyers, after all. Most corporations have a Legal department which handles all of these types of issues. They'd like to keep themselves employed, so farming out a duty that they're capable of performing is rather silly, to them. Further, this is the way licensing has worked in the "Real World" for a long time. The idea that many many unrelated developers would all use the same license must seem very strange. Yet there's the GPL. I wouldn't worry - RMS and Perens' respective organizations should be able to jump on non-open-source licenses masquerading as such. There are many ways to accomplish the same purpose...
  • I just went to one of Phil's lectures here at MIT and he told us that was the one that negotiated the open sourcing of AOLServer. He said that the negotiations took place on Instant Messenger.
  • No, Apache isn't, but aolserver has the option to be used under the GPL. Due to the GPL's viral nature, the Apache group would probably not accept patches containing GPLed code, but the Apache license permits you to do what you want as long as you give due credit. So aolserver can steal from Apache, but not vice versa.
  • by Beethoven ( 9076 ) on Thursday July 08, 1999 @06:31PM (#1812176) Homepage

    I built it on Debian and it works!

    If AOLServer is half as good as Greenspun says [], it will be serious competition indeed for Apache. With its GPL, people can rip out chunks of Apache wholesale and stick them in aolserver. A mod_perl interface would be my first suggestion.

  • It's just a webserver..
    more details at

  • by phazer ( 9089 ) on Thursday July 08, 1999 @06:03PM (#1812178)
    More info about the AOLserver can be found at []

  • So has anyone ever benchmarked this versus Apache? Tests to look at would be at the very least:
    • Static web page serving (the MS favorite)
    • Lots of dynamic content and CGI requests

    It might be from AOL, but it'd be interesting to see what it is capable of.

  • Would be AOHell, I think. It was all over the newsgroups a few years back.
  • Keep in mind the number of users that AOL serves.

    AOLserver (a www server) has to be fairly decent.
  • He gave HP and AOLServer a ringing endorsement in his first book, and they paid him back by supplying him with his spiffy new hardware []. They also bought a bunch of copies of his book to distribute to their employees.

    All of this is described in an entirely above-board way in his books.

    Now, I will admit to being a little puzzled at his hardware - by that donation, he upgraded his system from a desktop system that I think was about a SPARC 5 class straight to a four-processor, 4GB RAM, 200GB hard drive space monster You could run a good-sized corporation with that thing. I'm not sure how much it has accomplished - his pages were among the fastest on the net when he was running the old HP server, and - no big shock here - they remain some of the fastest pages on the net now.

    Still, I'm sure it's nice to have. I just wonder how HP justified the magnitude of the donation when a much smaller machine would have done everything he'd ever need to do.

    Finally, hefty hardware or no, I'd defend Phillip Greenspun to the death - he's a fantastic writer and you certainly can't accuse him of mamby-pamby corpspeak. We need more like him.

  • No, MPL 1.1 with some ammendments, creating the AOLServer Public License. The ammendments are similar to those in the NPL.
  • I invite anyone wanting to discuss the Mozilla Public License on over to news:// cense

    You have completely misunderstood the patent grant section. The whole point is to prevent people from contributing stuff they own a patent on and later on saying "gotcha" to everyone using their contribution. If you distribute the code then you've granted rights for people to use it, at least as part of the package they distributed.

    2.2c says if they keep their changes internal they haven't granted any patent rights just because it touched MPL code.

    2.2d is to keep paranoid lawyers happy. Let's say A violates B's patent in some obscure stuff that B doesn't notice. B then contributes other code in a completely different part of the product. Some lawyers worried (University of California, for one, with lots of patents and lots of programmers that don't know anything about most of them) that under the MozPL 1.0 language B's contribution makes A's violation legal. 2.2d limits grants from B only to stuff B has contributed themselves.

    Section 3.1 says code under this license has to stay under this license. You can create a "Larger Work" by adding stuff under a different license, but you can't change the license on what was there when you got it. Free MPL code will never become non-free. (Unlike GPL, however, it can be combined with non-free code which might make a particular binary version impossible to improve or modify.)

    6.3 governs the copyright grant for the license itself "which you may only do in order to apply it to code which is not already Covered Code governed by this License". That is, stuff you add to create a "Larger Work", or maybe you just like the license but want to tweak it for your own terms -- Just as AOLServer has nothing to do with Mozilla but liked the basic license and made a few changes.

    The amendments that make up the AOLServer license are patterned after the amendments in the Netscape Public License (also a variant of the MozPL). NPL has 5 amendments, thus the strange "Amendment V is intentionally omitted".

    Amendment IV is just AOL lawyerly ass-covering, copied from Netscape lawyerly ass-covering in the Netscape PL. The license itself allows you to add proprietary code as long as you don't change the existing source in order to do so. As a practical matter this means even if someone does so the rest of us at least get some hooks to plug in equivalent free functionality if it's cool and useful. Amendment IV allows them to hide the hooks for PRE-EXISTING licensed 3rd party stuff. Oh boy, what a biggie.

    Why does the Exhibit A grant of dual-licensing confuse you? Lots of software is dual-licensed -- perl for example. GPL doesn't get along with proprietary code, but the MPL does. But by not being GPL then MPL code can't be used in GPL projects. Dual-licensing allows the code to co-exist in both environments. Contributions probably won't be accepted back into the main tree if they are not also dual-licensed. You're free to fork the codebase GPL-only, but it's not a good idea. For one it'll slow progress on both forks, and two it'll discourage other corporations who are considering going open-source in a GPL-friendly way.
  • That's hilarious! What's up with the -1 score? Do people honestly think this is a troll?

    "In case you couldn't tell, I was being sarcastic"
    --Homer Simpson
  • I know. The new features reads like a removed features. They dropped the web admin, and the ability to handle page permissions via aolpress (great for novices), and the server-side includes.

    And dropped, java servlets, the virtual ftp, aliases
    And the autodatabase forms.

    Damn, what's left. I guess the high load server.

    Now the question becomes does it serve STATIC pages fast with its new FASTPATH module?
  • Ah, come on, he likes high reliability, and is willing to pay for support. Something that was not available for linux until a couple of months ago (You don't say in a newsgroup, telnet to my site, and see if you can fix it). He'd rather do the apps and hack the web backend.

    His writing is never like a manual. It's always flowing. It's more of a diary, than a manual.
  • too bad the story wasn't posted in the middle of the day. Could have asked to have the web logs looked at.
  • kriston, I thought well of you until I read your reply. You may not have noticed, but I've been advocating AOLserver. Don't flame your advocates.

    As I said, it reads like a removed feature list. (config:13 dropped, vs 6 changed, 3 new; DB all removed) You point out that these things can be done, but new things say removed.

    I am clueless about the latest version of AOLserver. I handed off the admin tasks to someone who installed apache, because everyone uses it.

    Even though AOLpress/AOLserver combination is dead, lets get real. It showed the real potential of the web. In concept, it was the best of breed. In implementation, well...

    And creating SSI equvilents in ADP may be basic, but it need to be shown, and not left up to the potential users. Or you will have no users (as will flaming advocates)
  • id=000Vt4

    Date: Thu, 24 Jun 1999 22:24:53 -0400
    From: Philip Greenspun
    Subject: speculation on why AOL ripped out so much stuff
    It is fun to speculate on why AOL ripped out so much stuff from 3.0.
    Here are my favorites from recent mailing list:

    features. I wonder if there are third party licensing concerns or security issues behind these ommisions? Any one of these ommisions would provide a good reason not to move to 3.0 and yet they provide a whole list!

    I suspect a lot of code was removed because AOL didn't want it to become Open Source.

    I've been working with AOL since December to open-source the thing. Thetruth is much simpler than some of you guys might suppose:

    1) they waited for 3.0 to open source the server because they were a bit embarrassed by some of the cruft that had accumulated over four years in Navi/GNN/AOLserver

    2) they ripped out a bunch of features because (a) they don't use them on AOL's high-volume sites (like DigitalCity), (b) they complicate maintenance and extension of the server code base, and (c) they think they could be done in modules outside of the server core

    This is actually pretty common in the world of complex software. It eventually gets too complex for anyone to understand so people do a leaner meaner rewrite.

    Don't cry too hard for your lost feature bloat. Be assured that four years from now AOLserver will be just as bloated with new and even weirder features.

    I also know that AOL itself is working on making Tcl 8.1 part of the server. They just couldn't get it done in time and sensibly decided to release an improvement. Jim Davidson, the original NaviServer architect, worked a lot on 3.0. He is a tasteful thoughtful guy and 3.0 is the best Web server for his needs (i.e., heavy and reliable support
    for Tcl, databases, ADP; clean and fast static file serving; easyconfiguration).

  • Dynamic Page scripting (using a tested language, TCL), Autoindexing, Archiving, with a c-API.

    Oh, yea, and the first to use HTTP PUT to create web pages. Using version 2 of AOLpress, the publishing of material to the server was/is transparent. A web server was treated just like a local directory.

    Best designed server/web publishing system. It just lost out to money, and bigger development budgets (and a slow browser/publisher). Most of the admin interface was done in TCl, so you could modify it.
  • Lots of sites have their routers block ICMP packets because so many DoS attacks use ICMP, and you don't generally need ICMP for anything besides ping and traceroute, so they don't lose much of any functionality. Blocking ICMP is actually a reasonably intelligent solution if you're stuck using products that don't fix their vulnerabilities for months (gee, who might I be talking about there?).
  • Linux + AOLServer == something to be PHEARED!!!
  • Are they not developing a network service? You're right there is a difference, they should know a helluva lot more than your average network engineer.
  • Well damnit I think I'm gonna have to go ahead and call bullshit on this whole mess. Let's see, you want us to believe that AOL implemented ALL of its security in the client AND some Macintosh guy haxored the shit and released an exploit only for the Mac? Somehow I doubt this, oh and the fact that he calls himself hardcore really doesn't help. This is a farce, the fact that it is moderated to 3 as of this writing is even more of a farce.
  • The AOL4Free Legend is all very true. I remember the days of connecting to AOL all night long being a Warez D00D downloading M$ Excel via the 9600 modem... all 26 diskettes worth, just to find out in the morning disk #24 was corrupted.. All for free thanks to AOL4Free...

    Then there were the alternative versions of AOL with their "hacked" graphics (thanks to simple Graphic editing in ResEdit) but also the ability to get into all the secret Admin areas and Chat rooms.. it's true.

    As a quick side note, since eWorld was built upon AOL software it was not too long before all the same things were going on on eWorld, as I was there too...
  • One thing about AOL that has always got on my nerves is the fact that they do not allow you to use your favourite e-mail client. It would be nice for POP3 support being added to the AOL services and along with any other Internet standard technology.
  • AOL proper isn't HTML based. It uses a proprietary markup language named "Rainman". So, the # of people that AOL servers in a day really can't be taken as an indication of how good their web server is.
  • AOLServer is, as far as I can tell, a web server & ftp server.
    Enthusiastically endorsed by Philip Greenspun (who wrote Philip and Alex's Guide to Web Publishing, reviewed here a few days back), it seems to be pretty darn good. I haven't used it myself, so take all this with a bucket of salt, but Greenspun seems to think it's fast, efficient, plays nicely with databases and TCL, etc. etc. etc. So apparently open sourcing this is quite good news.
    I got this from
  • May be you are wrong. I read his book. It's nice. The only things that I really did not like about his methods are:

    1) He ditched Perl in favor of a broken thing known as tcl. Perl, the language that is loved and successfully used by so many. When he talks about perl or C, is usually to remind us how much both of them suck and how much Lisp rules over them..

    2) On one of his lectures (in California) he mentioned that Apache is not really supported and no one distributes it in binary form. He also mentioned that back in 1993 he could no compile apache.. but come on, compiling linux and gcc back in 1993 was not much fun either. But today, apache and gcc will compile and install on any unix box with simple "./configure;make;make install" from the source directory as long as you have a C compiler, C header files and make.. and there are also lots of places where you can find compiled binaried ( comes to mind) All linux distributions come with binary apache packages, MacOSX, etc.

    3) He ditched vi in favor of emacs. That hurt my feelings :-)
  • You must remember AOL probably serves up more web hits in a day than anyone.

  • Server-side includes are simply the wrong way to publish web content when you have ADP's, which give you Tcl scripting right in your web page. Once more, if you still cry for SSI's, you're clueless.

    What? Hmm, silly me, would have never though I would have to convert all my exising HTML pages to some TCL (I hate TCL) based stuff. Why not leave in SSIs? I can hardly think of a web server that does not support SSI.

    If you pine for web-based administration, it's time to get with the program. The control port interface gives you extensive control that you just can't achieve on web pages.

    Aw come on, I've see some nice web admins, besides this is no excuse for removing what was there. Why not give a 'simpleton' web based admin and then let the hackers work with the new and improved TCL based config file for the nitty-gritty config?

    And, of course, the rest of the missing features of 2.3 can be re-implemented by anyone

    Yeeessss, but why reinvent the wheel? They were already present, tested and working.

    I pray 2.3 will be around for a while b/c it is IMPOSSIBLE for me to upgrade to 3.0 without a TON of work. I might as well convert to thttpd or some other threads based web server.


  • Whatever, you still have not produced:

    - Any reasoning on why these features were removed. Maybe b/c of the whole Netscape thing?

    - Valid reasoning why SSI are no longer needed in a web server environment, you just say the are 1994 technology. Blah...whatever.

    - Valid reasoning why there is no easy upgrade path, every time I upgrade Apache it is pretty much a no brainer. Any other web server I've ever upgraded needs very little tweaking to upgrade.

    - I don't see how removing the web based admin is a 'huge leap' forward in usibility and was only useful back in, say 1994. Whatever...

    If that is all you have to say about why these features were removed then just keep quiet :o) Your posts have been useless....

    BTW, I can code in TCL and it sucks.

    Jim 'who cannot speel'
  • by microbob ( 29155 ) on Thursday July 08, 1999 @05:38PM (#1812204)
    We really like the 2.3 version, nice fast multi-threaded server. Web based admin (nuked in 3.0) was really slick, very configurable server.

    We serve over 1.5M hits per day with ease, never taking more than 8% CPU or more than 12M of RAM. Sometimes we'll take 25-35 hits per sec....

    Unfortunately no mod_perl/velocigen backend, seems to lean towards TCL.

  • actually, "fastpath" has always been there - just not publically referred to that name until now. (the source file, fastpath.c, was called that because it was a highly optimized path for serving static pages.)
  • AOLserver handles about 28,000 web hits a second (many of them database-backed)
  • Maybe they were having trouble open sourcing those?
  • ...but you can re-release under the GPL only, if you so desire.

  • Why do I get the feeling that all this licenses splintering from GPL are just an attempt of the lawyers to be able to control the license. This does make sense (then your lawyers know *exactly* what *they* wrote in the license and can't be stabbed in the back by some obscure clause), but it is really going overboard. Is *every* company going to make a new license for *every* product?
  • Check out the explanation for the de-featuring on the AOLServer development forum here []
  • If mod_php is ported .. I might think at looking at it ! :o))
  • Part of it is bullshit.
    The exploit did exist, it did have a windows equivalent, its useless now.
    I'm sure that once upon a time, a portion of the security was left up to the client software. Nowadays, however, this is not only unlikely, but unconcievable.
  • The HP Unix group did not give me a box because I wrote something nice about them in my first book! HP has been giving MIT various kinds of support for four decades or so. The server was given because we were (and still are) going to do an experiment with lots of user-uploaded photos. They were also interested in FlashPix (something HP has since abandoned). Anyway, the folks with whom I was working had nothing to do with HP-UX marketing.

    The K460 is a bit oversized for, but remember that what you see as a static URL (with a .html extension) is actually hitting Oracle several times (to find out if there are comments and links on a page), REGEXPing, etc. We also use it to serve and about 20 more sites (including where you can look at and download all of our source code).

    As for America Online, they've not given me anything. They serve 28,000 hits/second with AOLserver and aren't all that interested in whether the rest of the world likes it. It works for them...
  • Ummmm. No.

    That's all that needs to be said.

    Maybe, at some point in the past, in a much older version of the client and server software that no longer run anymore, this was true. Maybe.

    But as for what exists today, you're just wrong.


The relative importance of files depends on their cost in terms of the human effort needed to regenerate them. -- T.A. Dolotta