Hiawatha: a secure and advanced webserver
Hiawatha is a secure, full-featured and lightweight web server, licensed under GPL 2. Features are:
- Access/connection control
- Banning
- CGI support (including PHP)
- CGI wrapper (run CGI under a diffrerent uid/gid in a secure way)
- Chunked Transfer-encoding
- CommandChannel (control Hiawatha by telnetting to a special port)
- Cookie support
- Cross-site scripting prevention
- Customizable ServerString
- Directory listing with customizable stylesheet
- DoS/flooding protection
- FastCGI support (load-balanced)
- GZip Content-Encoding support
- HTTP authentication (basic and digest)
- If-(Un)Modified-Since header field
- Interface binding control
- Internal file caching
- IPv6 support
- Keep-alive connections
- Large file support
- Logging
- Request pipelining
- Range header field (single range support)
- Referer control for images (prevent external image linking)
- Rootjail
- SSL support
- SQL injection prevention
- Traffic throttling/shaping (control uploadspeed)
- URL rewriting via regular expressions
- Userdirectory support
- Virtual host support
- Volatile object support (for frequently changing objects, like webcam pictures)
- XSLT support
Very interesting are the bolded security features and the build in XSLT support. It does not seem to be in the official repositories of the linux distributions.
Compile and run tests of Hiawatha have successfully been done (by me or others) on Debian, Ubuntu, Gentoo, Fedora, Slackware, FreeBSD, OpenBSD, NetBSD, MacOS X, Solaris and Cygwin. Because of the use of autoconf, it’s very likely that Hiawatha will compile and run on other Unix-clones as well.
A package/port is available for the following operating systems: ArchLinux, Debian, Fedora, FreeBSD, MacOS X, OpenBSD, SUSE and Windows.