This commit is contained in:
Harald G. Mueller 2023-01-12 22:41:17 +01:00
parent f5bd4988ca
commit 9506b4b981
19 changed files with 67 additions and 11905 deletions

View File

@ -1,135 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link href="/css/apsite.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<meta name="author" content="Documentation Group" /><meta name="email" content="docs@httpd.apache.org" />
<title>Welcome! - The Apache HTTP Server Project</title>
<style>
.headerlink {
visibility: hidden;
}
h1:hover > .headerlink, h2:hover > .headerlink, h3:hover > .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, h6:hover > .headerlink, li:hover > .headerlink {
visibility: visible
}
</style>
</head>
<body>
<div id="page-header">
<p class="menu">&nbsp;</p>
<p class="apache">&nbsp;</p>
<a href="/">
<img alt="" width="800" height="72" src="/images/httpd_logo_wide_new.png" />
</a>
<a class="badge" href="https://www.apache.org/foundation/contributing.html">
<img src="https://www.apache.org/images/SupportApache-small.png">
</a>
</div>
<div id="apmenu">
<script type="text/javascript" src="https://www.apachecon.com/event-images/snippet.js"></script>
<p style="margin-top: -10px;">
<!-- Apachecon! -->
<a class="acevent" data-format="wide" data-mode="light" data-width="160"></a>
</p>
<h1 id="essentials">Essentials<a class="headerlink" href="#essentials" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/download.cgi">Download!</a></li>
<li><a href="/ABOUT_APACHE.html">About</a></li>
<li><a href="https://www.apache.org/licenses/">License</a></li>
<li><a href="https://wiki.apache.org/httpd/FAQ">FAQ</a></li>
<li><a href="/security_report.html">Security Reports</a></li>
</ul>
<h1 id="source-repositories">Source Repositories<a class="headerlink" href="#source-repositories" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/dev/devnotes.html">General Information</a></li>
<li><a href="https://svn.apache.org/viewvc/httpd/httpd/trunk/">Trunk</a></li>
<li><a href="https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/">2.4</a></li>
</ul>
<h1 id="documentation"><a href="/docs/">Documentation</a><a class="headerlink" href="#documentation" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/docs/2.4/">Version 2.4</a></li>
<li><a href="/docs/trunk/">Trunk (dev)</a></li>
<li><a href="https://wiki.apache.org/httpd/">Wiki</a></li>
</ul>
<h1 id="get-involved"><a href="/contribute/">Get Involved</a><a class="headerlink" href="#get-involved" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/lists.html">Mailing Lists</a></li>
<li><a href="/bug_report.html">Bug Reports</a></li>
<li><a href="/dev/">Developer Info</a></li>
<li><a href="/support.html">User Support</a></li>
</ul>
<h1 id="subprojects">Subprojects<a class="headerlink" href="#subprojects" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/docs-project/">Docs</a></li>
<li><a href="/test/">Test</a></li>
<li><a href="/test/flood/">Flood</a></li>
<li><a href="/apreq/">libapreq</a></li>
<li><a href="/modules">Modules</a></li>
<li><a href="/mod_fcgid/">mod_fcgid</a></li>
<li><a href="/mod_ftp/">mod_ftp</a></li>
</ul>
<h1 id="related-projects">Related Projects<a class="headerlink" href="#related-projects" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="https://trafficserver.apache.org/">Apache Traffic Server</a></li>
<li><a href="https://trafficcontrol.apache.org/">Apache Traffic Control</a></li>
<li><a href="https://tomcat.apache.org/">Tomcat</a></li>
<li><a href="https://apr.apache.org/">APR</a></li>
<li><a href="http://perl.apache.org/">mod_perl</a></li>
</ul>
<h1 id="miscellaneous"><a href="/info/">Miscellaneous</a><a class="headerlink" href="#miscellaneous" title="Permanent link">&para;</a></h1>
<ul>
<li><a href="/contributors/">Contributors</a></li>
<li><a href="https://www.apache.org/foundation/thanks.html">Thanks!</a></li>
<li><a href="https://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
</ul>
</div>
<!-- RIGHT SIDE INFORMATION -->
<div id="apcontents">
<h1 id="the-number-one-http-server-on-the-internet">The Number One HTTP Server On The Internet<a class="headerlink" href="#the-number-one-http-server-on-the-internet" title="Permalink">&para;</a></h1>
<p>The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for modern operating systems including UNIX and
Windows. The goal of this project is to provide a secure, efficient and
extensible server that provides HTTP services in sync with the current HTTP
standards.</p>
<p>The Apache HTTP Server ("httpd") was launched in 1995 and it has been the most popular web server on the Internet since
April 1996. It has celebrated its 25th birthday as a project in February 2020.</p>
<p>The Apache HTTP Server is a project of <a href="http://www.apache.org/">The Apache Software
Foundation</a>.</p>
<h1 id="apache-httpd-2454-released-2022-06-08">Apache httpd 2.4.54 Released <span>2022-06-08</span><a class="headerlink" href="#apache-httpd-2454-released-2022-06-08" title="Permalink">&para;</a></h1>
<p>The Apache Software Foundation and the Apache HTTP Server Project are
pleased to
<a href="http://downloads.apache.org/httpd/Announcement2.4.html">announce</a> the
release of version 2.4.54 of the Apache HTTP Server ("httpd").</p>
<p>This latest release from the 2.4.x stable branch represents the best available
version of Apache HTTP Server.</p>
<p>Apache HTTP Server version 2.<span>4</span>.43 or newer is required in order to operate a TLS 1.3 web server with OpenSSL 1.1.1.</p>
<p class="centered"><a href="download.cgi#apache24">Download</a> | <a href="http://downloads.apache.org/httpd/CHANGES_2.4.54">ChangeLog for
2.4.54</a> | <a href="http://downloads.apache.org/httpd/CHANGES_2.4">Complete ChangeLog for
2.4</a> | <a href="docs/trunk/new_features_2_4.html">New Features in httpd
2.4</a></p>
<h1 id="apache-httpd-22-end-of-life-2018-01-01">Apache httpd 2.2 End-of-Life <span>2018-01-01</span><a class="headerlink" href="#apache-httpd-22-end-of-life-2018-01-01" title="Permalink">&para;</a></h1>
<p>As previously announced, the Apache HTTP Server Project has discontinued
all development and patch review of the 2.2.x series of releases.</p>
<p>The Apache HTTP Server Project had long committed to provide maintenance
releases of the 2.2.x flavor through June of 2017. The final release 2.2.34
was published in July 2017, and no further evaluation of bug reports or
security risks will be considered or published for 2.2.x releases.</p>
<h1 id="want-to-try-out-the-apache-http-server">Want to try out the Apache HTTP Server?<a class="headerlink" href="#want-to-try-out-the-apache-http-server" title="Permalink">&para;</a></h1>
<p>Great! We have updated our <a href="/download.cgi">download page</a> in an effort to
better utilize our mirrors. We hope that by making it easier to use our mirrors, we will be able to provide a better download experience.</p>
<p>Please ensure that you <a href="/download.cgi#verify">verify</a> your downloads using
PGP or MD5 signatures.</p>
<h1 id="want-to-contribute-to-the-apache-http-server">Want to contribute to the Apache HTTP Server?<a class="headerlink" href="#want-to-contribute-to-the-apache-http-server" title="Permalink">&para;</a></h1>
<p>Awesome! Have a look at our current 'Help Wanted' listings then:</p>
<div description="the Apache HTTP Server Project" project="httpd" style="width: 100%; margin-left: 0px; margin-right: 0px;" type="helpwanted"></div>
<script src="https://helpwanted.apache.org/widget.js" type="text/javascript"></script>
<!-- FOOTER -->
<div id="footer">
<p>Copyright &copy; 1997-2022 The Apache Software Foundation.<br />
Apache HTTP Server, Apache, and the Apache feather logo are trademarks of The Apache Software Foundation.</p>
</div>
</div>
</body>
</html>

View File

@ -1,360 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>ab - Apache HTTP server benchmarking tool - Apache HTTP Server Version 2.4</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
<script src="../style/scripts/prettify.min.js" type="text/javascript">
</script>
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body id="manual-page"><div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.4</p>
<img alt="" src="../images/feather.png" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.4</a> &gt; <a href="./">Programs</a></div><div id="page-content"><div id="preamble"><h1>ab - Apache HTTP server benchmarking tool</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/programs/ab.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../fr/programs/ab.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
<a href="../ko/programs/ab.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
<a href="../tr/programs/ab.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
</div>
<p><code>ab</code> is a tool for benchmarking your Apache Hypertext
Transfer Protocol (HTTP) server. It is designed to give you an impression
of how your current Apache installation performs. This especially shows
you how many requests per second your Apache installation is capable of
serving.</p>
</div>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#synopsis">Synopsis</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#options">Options</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#output">Output</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#bugs">Bugs</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="program"><a href="../programs/httpd.html">httpd</a></code></li><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="synopsis" id="synopsis">Synopsis</a></h2>
<p><code><strong>ab</strong>
[ -<strong>A</strong> <var>auth-username</var>:<var>password</var> ]
[ -<strong>b</strong> <var>windowsize</var> ]
[ -<strong>B</strong> <var>local-address</var> ]
[ -<strong>c</strong> <var>concurrency</var> ]
[ -<strong>C</strong> <var>cookie-name</var>=<var>value</var> ]
[ -<strong>d</strong> ]
[ -<strong>e</strong> <var>csv-file</var> ]
[ -<strong>E</strong> <var>client-certificate file</var> ]
[ -<strong>f</strong> <var>protocol</var> ]
[ -<strong>g</strong> <var>gnuplot-file</var> ]
[ -<strong>h</strong> ]
[ -<strong>H</strong> <var>custom-header</var> ]
[ -<strong>i</strong> ]
[ -<strong>k</strong> ]
[ -<strong>l</strong> ]
[ -<strong>m</strong> <var>HTTP-method</var> ]
[ -<strong>n</strong> <var>requests</var> ]
[ -<strong>p</strong> <var>POST-file</var> ]
[ -<strong>P</strong> <var>proxy-auth-username</var>:<var>password</var> ]
[ -<strong>q</strong> ]
[ -<strong>r</strong> ]
[ -<strong>s</strong> <var>timeout</var> ]
[ -<strong>S</strong> ]
[ -<strong>t</strong> <var>timelimit</var> ]
[ -<strong>T</strong> <var>content-type</var> ]
[ -<strong>u</strong> <var>PUT-file</var> ]
[ -<strong>v</strong> <var>verbosity</var>]
[ -<strong>V</strong> ]
[ -<strong>w</strong> ]
[ -<strong>x</strong> <var>&lt;table&gt;-attributes</var> ]
[ -<strong>X</strong> <var>proxy</var>[:<var>port</var>] ]
[ -<strong>y</strong> <var>&lt;tr&gt;-attributes</var> ]
[ -<strong>z</strong> <var>&lt;td&gt;-attributes</var> ]
[ -<strong>Z</strong> <var>ciphersuite</var> ]
[http[s]://]<var>hostname</var>[:<var>port</var>]/<var>path</var></code></p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="options" id="options">Options</a></h2>
<dl>
<dt><code>-A <var>auth-username</var>:<var>password</var></code></dt>
<dd>Supply BASIC Authentication credentials to the server. The username and
password are separated by a single <code>:</code> and sent on the wire
base64 encoded. The string is sent regardless of whether the server needs
it (<em>i.e.</em>, has sent an 401 authentication needed).</dd>
<dt><code>-b <var>windowsize</var></code></dt>
<dd>Size of TCP send/receive buffer, in bytes.</dd>
<dt><code>-B <var>local-address</var></code></dt>
<dd>Address to bind to when making outgoing connections.</dd>
<dt><code>-c <var>concurrency</var></code></dt>
<dd>Number of multiple requests to perform at a time. Default is one
request at a time.</dd>
<dt><code>-C <var>cookie-name</var>=<var>value</var></code></dt>
<dd>Add a <code>Cookie:</code> line to the request. The argument is
typically in the form of a <code><var>name</var>=<var>value</var></code>
pair. This field is repeatable.</dd>
<dt><code>-d</code></dt>
<dd>Do not display the "percentage served within XX [ms] table". (legacy
support).</dd>
<dt><code>-e <var>csv-file</var></code></dt>
<dd>Write a Comma separated value (CSV) file which contains for each
percentage (from 1% to 100%) the time (in milliseconds) it took to serve
that percentage of the requests. This is usually more useful than the
'gnuplot' file; as the results are already 'binned'.</dd>
<dt><code>-E <var>client-certificate-file</var></code></dt>
<dd>When connecting to an SSL website, use the provided client certificate
in PEM format to authenticate with the server. The file is expected to
contain the client certificate, followed by intermediate certificates,
followed by the private key. Available in 2.4.36 and later.</dd>
<dt><code>-f <var>protocol</var></code></dt>
<dd>Specify SSL/TLS protocol (SSL2, SSL3, TLS1, TLS1.1, TLS1.2, or ALL).
TLS1.1 and TLS1.2 support available in 2.4.4 and later.</dd>
<dt><code>-g <var>gnuplot-file</var></code></dt>
<dd>Write all measured values out as a 'gnuplot' or TSV (Tab separate
values) file. This file can easily be imported into packages like Gnuplot,
IDL, Mathematica, Igor or even Excel. The labels are on the first line of
the file. </dd>
<dt><code>-h</code></dt>
<dd>Display usage information.</dd>
<dt><code>-H <var>custom-header</var></code></dt>
<dd>Append extra headers to the request. The argument is typically in
the form of a valid header line, containing a colon-separated field-value
pair (<em>i.e.</em>, <code>"Accept-Encoding: zip/zop;8bit"</code>).</dd>
<dt><code>-i</code></dt>
<dd>Do <code>HEAD</code> requests instead of <code>GET</code>.</dd>
<dt><code>-k</code></dt>
<dd>Enable the HTTP KeepAlive feature, <em>i.e.</em>, perform multiple
requests within one HTTP session. Default is no KeepAlive.</dd>
<dt><code>-l</code></dt>
<dd>Do not report errors if the length of the responses is not constant. This
can be useful for dynamic pages.
Available in 2.4.7 and later.
</dd>
<dt><code>-m <var>HTTP-method</var></code></dt>
<dd>Custom HTTP method for the requests.
Available in 2.4.10 and later.</dd>
<dt><code>-n <var>requests</var></code></dt>
<dd>Number of requests to perform for the benchmarking session. The default
is to just perform a single request which usually leads to
non-representative benchmarking results.</dd>
<dt><code>-p <var>POST-file</var></code></dt>
<dd>File containing data to POST. Remember to also set <code>-T</code>.</dd>
<dt><code>-P <var>proxy-auth-username</var>:<var>password</var></code></dt>
<dd>Supply BASIC Authentication credentials to a proxy en-route. The
username and password are separated by a single <code>:</code> and sent on
the wire base64 encoded. The string is sent regardless of whether the
proxy needs it (<em>i.e.</em>, has sent an 407 proxy authentication
needed).</dd>
<dt><code>-q</code></dt>
<dd>When processing more than 150 requests, <code>ab</code> outputs a
progress count on <code>stderr</code> every 10% or 100 requests or so. The
<code>-q</code> flag will suppress these messages.</dd>
<dt><code>-r</code></dt>
<dd>Don't exit on socket receive errors.</dd>
<dt><code>-s <var>timeout</var></code></dt>
<dd>Maximum number of seconds to wait before the socket times out.
Default is 30 seconds.
Available in 2.4.4 and later.</dd>
<dt><code>-S</code></dt>
<dd>Do not display the median and standard deviation values, nor display
the warning/error messages when the average and median are more than
one or two times the standard deviation apart. And default to the
min/avg/max values. (legacy support).</dd>
<dt><code>-t <var>timelimit</var></code></dt>
<dd>Maximum number of seconds to spend for benchmarking. This implies a
<code>-n 50000</code> internally. Use this to benchmark the server within a
fixed total amount of time. Per default there is no timelimit.</dd>
<dt><code>-T <var>content-type</var></code></dt>
<dd>Content-type header to use for POST/PUT data, eg.
<code>application/x-www-form-urlencoded</code>.
Default is <code>text/plain</code>.</dd>
<dt><code>-u <var>PUT-file</var></code></dt>
<dd>File containing data to PUT. Remember to also set <code>-T</code>.</dd>
<dt><code>-v <var>verbosity</var></code></dt>
<dd>Set verbosity level - <code>4</code> and above prints information on
headers, <code>3</code> and above prints response codes (404, 200, etc.),
<code>2</code> and above prints warnings and info.</dd>
<dt><code>-V</code></dt>
<dd>Display version number and exit.</dd>
<dt><code>-w</code></dt>
<dd>Print out results in HTML tables. Default table is two columns wide,
with a white background.</dd>
<dt><code>-x <var>&lt;table&gt;-attributes</var></code></dt>
<dd>String to use as attributes for <code>&lt;table&gt;</code>. Attributes
are inserted <code>&lt;table <var>here</var> &gt;</code>.</dd>
<dt><code>-X <var>proxy</var>[:<var>port</var>]</code></dt>
<dd>Use a proxy server for the requests.</dd>
<dt><code>-y <var>&lt;tr&gt;-attributes</var></code></dt>
<dd>String to use as attributes for <code>&lt;tr&gt;</code>.</dd>
<dt><code>-z <var>&lt;td&gt;-attributes</var></code></dt>
<dd>String to use as attributes for <code>&lt;td&gt;</code>.</dd>
<dt><code>-Z <var>ciphersuite</var></code></dt>
<dd>Specify SSL/TLS cipher suite (See openssl ciphers)</dd>
</dl>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="output" id="output">Output</a></h2>
<p>The following list describes the values returned by <code>ab</code>:
</p>
<dl>
<dt>Server Software</dt>
<dd>The value, if any, returned in the <var>server</var> HTTP header
of the first successful response. This includes all characters in the
header from beginning to the point a character with decimal value of 32
(most notably: a space or CR/LF) is detected.</dd>
<dt>Server Hostname</dt>
<dd>The DNS or IP address given on the command line</dd>
<dt>Server Port</dt>
<dd>The port to which ab is connecting. If no port is given on the
command line, this will default to 80 for http and 443 for
https.</dd>
<dt>SSL/TLS Protocol</dt>
<dd>The protocol parameters negotiated between the client and server.
This will only be printed if SSL is used.</dd>
<dt>Document Path</dt>
<dd>The request URI parsed from the command line string.</dd>
<dt>Document Length</dt>
<dd>This is the size in bytes of the first successfully returned document.
If the document length changes during testing, the response is
considered an error.</dd>
<dt>Concurrency Level</dt>
<dd>The number of concurrent clients used during the test</dd>
<dt>Time taken for tests</dt>
<dd>This is the time taken from the moment the first socket connection
is created to the moment the last response is received</dd>
<dt>Complete requests</dt>
<dd>The number of successful responses received</dd>
<dt>Failed requests</dt>
<dd>The number of requests that were considered a failure. If the
number is greater than zero, another line will be printed showing the
number of requests that failed due to connecting, reading, incorrect
content length, or exceptions.</dd>
<dt>Write errors</dt>
<dd>The number of errors that failed during write (broken pipe).</dd>
<dt>Non-2xx responses</dt>
<dd>The number of responses that were not in the 200 series of response
codes. If all responses were 200, this field is not printed.</dd>
<dt>Keep-Alive requests</dt>
<dd>The number of connections that resulted in Keep-Alive requests</dd>
<dt>Total body sent</dt>
<dd>If configured to send data as part of the test, this is the total
number of bytes sent during the tests. This field is omitted if the test
did not include a body to send.</dd>
<dt>Total transferred</dt>
<dd>The total number of bytes received from the server. This number
is essentially the number of bytes sent over the wire.</dd>
<dt>HTML transferred</dt>
<dd>The total number of document bytes received from the server. This
number excludes bytes received in HTTP headers</dd>
<dt>Requests per second</dt>
<dd>This is the number of requests per second. This value is the result
of dividing the number of requests by the total time taken</dd>
<dt>Time per request</dt>
<dd>The average time spent per request. The first value is calculated
with the formula <code>concurrency * timetaken * 1000 / done</code>
while the second value is calculated with the formula
<code>timetaken * 1000 / done</code></dd>
<dt>Transfer rate</dt>
<dd>The rate of transfer as calculated by the formula
<code>totalread / 1024 / timetaken</code></dd>
</dl>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="bugs" id="bugs">Bugs</a></h2>
<p>There are various statically declared buffers of fixed length. Combined
with the lazy parsing of the command line arguments, the response headers
from the server and other external inputs, this might bite you.</p>
<p>It does not implement HTTP/1.x fully; only accepts some 'expected' forms
of responses. The rather heavy use of <code>strstr(3)</code> shows up top
in profile, which might indicate a performance problem; <em>i.e.</em>, you
would measure the <code>ab</code> performance rather than the server's.</p>
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/programs/ab.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../fr/programs/ab.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
<a href="../ko/programs/ab.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> |
<a href="../tr/programs/ab.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/programs/ab.html';
(function(w, d) {
if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
d.write('<div id="comments_thread"><\/div>');
var s = d.createElement('script');
s.type = 'text/javascript';
s.async = true;
s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
(d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
}
else {
d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
}
})(window, document);
//--><!]]></script></div><div id="footer">
<p class="apache">Copyright 2022 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
}
//--><!]]></script>
</body></html>

View File

@ -1,380 +0,0 @@
<!DOCTYPE HTML>
<!--[if IE 7]><html class="ie7" lang="en"><![endif]-->
<!--[if IE 8]><html class="ie8" lang="en"><![endif]-->
<!--[if gt IE 8]><!-->
<html lang="en">
<!--<![endif]-->
<head>
<!-- build date: Tue, 20 Dec 2022 12:34:40 GMT -->
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=10,chrome=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>
Home
:
The Official Microsoft IIS Site
</title>
<!--[if IE]><script src='https://www-iis.azureedge.net/v-2022-12-20-01/scripts-bundle/html5.js'></script><![endif]-->
<meta name="description" content="Learn, download, &amp; discuss IIS7 and more on the official Microsoft IIS site for the IIS.NET development community." />
<link rel="shortcut icon" type="image/ico" href="/favicon.ico">
<link rel="apple-touch-icon-precomposed" href="/touch-icon-iphone-precomposed.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="/touch-icon-ipad-precomposed.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="/touch-icon-iphone4-precomposed.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="/touch-icon-ipad3-precomposed.png" />
<meta name="application-name" content="The Official Microsoft IIS Site" />
<meta name="msapplication-TileColor" content="#474747" />
<meta name="msapplication-TileImage" content='https://www-iis.azureedge.net/v-2022-12-20-01/images/iis_tile.png' />
<!-- Anti-Clickjacking script -->
<style id="antiClickjack">
body {
display: none !important;
}
</style>
<script type="text/javascript">if (self === top) { var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack) } else top.location = self.location;</script>
<script>var antiForgeryToken = "MTzdUJGdK5LdNbwUfpP1kvmx4vFGvepaSCzHGqFGj19UEB-QYM--zhCdPvCKqd5AvpbP17QVeeup76eNrE-Elnyaggs1:FHh33DfjzUPaIc_jM9iBTXktmTaGEgORw3ZnS3nL3Brq2Bg65qScQpWavOFehPVm6YrsLY-CyFhVONDeAB_HetBB8TI1";</script>
<link href='https://www-iis.azureedge.net/v-2022-12-20-01/css-bundle/home.css' rel="stylesheet" type="text/css" media="all" />
<script type="text/javascript">var isConsentAdvertising = true;</script>
<script src="https://consentdeliveryfd.azurefd.net/mscc/lib/v2/wcp-consent.js"></script>
<script>
var siteConsent = null;
window.addEventListener('DOMContentLoaded', function () {
function onConsentChanged(categoryPreferences) { console.log("onConsentChanged", categoryPreferences); }
WcpConsent.init("en-US", "cookie-banner", function (err, _siteConsent) {
if (err != undefined) {
return error;
} else {
siteConsent = _siteConsent; //siteConsent is used to get the current consent
}
});
if (siteConsent.isConsentRequired) {
isConsentAdvertising = siteConsent.getConsentFor(WcpConsent.consentCategories.Advertising);
document.getElementsByClassName('manageCookieChoice')[0].style.display = 'inline-block';
}
else {
//$(".manageCookieChoice").css("display", "none");
document.getElementsByClassName('manageCookieChoice')[0].style.display = 'none';
isConsentAdvertising = true;
}
siteConsent.onConsentChanged(watchConsentChanges);
if (siteConsent.getConsentFor(WcpConsent.consentCategories.Analytics)) {
(function (i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r; i[r] = i[r] || function () {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date(); a = s.createElement(o),
m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m)
})(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-61337531-2', {
'cookieExpires': 60 * 60 * 24 * 365
});
ga('send', 'pageview');
}
else {
dropAnalyticsCookies();
}
//console.log(siteConsent.getConsentFor(WcpConsent.consentCategories.))
function watchConsentChanges(consents) {
manageNonAdvertise();
//scan through the categories and take action based on user consent.
if (siteConsent.getConsentFor(WcpConsent.consentCategories.Analytics)) {
(function (i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r; i[r] = i[r] || function () {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date(); a = s.createElement(o),
m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m)
})(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-61337531-2', {
'cookieExpires': 60 * 60 * 24 * 365
});
ga('send', 'pageview');
}
else {
dropAnalyticsCookies();
}
}
function getUserConsent() {
var userConsent = siteConsent.getConsent();
//response will look like this
//{"Required":true,"Analytics":true,"SocialMedia":false,"Advertising":false}
}
function dropSocialMediaCookies() {
if (siteConsent.getConsentFor(WcpConsent.consentCategories.SocialMedia)) {
//Drop social media cookies
}
}
manageNonAdvertise();
});
function manageConsent() {
if (siteConsent.isConsentRequired) {
siteConsent.manageConsent();
}
}
function dropAnalyticsCookies() {
var domainVal = document.domain.replace("www", "");
clearCookie('_ga', domainVal, '/');
clearCookie('_gid', domainVal, '/');
clearCookie('_gat', domainVal, '/');
clearCookie('_ga', document.domain, '/');
clearCookie('_gid', document.domain, '/');
clearCookie('_gat', document.domain, '/');
}
function manageNonAdvertise() {
var userDocument = document.getElementsByTagName("body");
if (siteConsent.getConsentFor(WcpConsent.consentCategories.Advertising)) {
$(userDocument).removeClass("no-ad");
}
else {
$(userDocument).addClass("no-ad");
}
}
function clearCookie(name, domain, path) {
try {
function Get_Cookie(check_name) {
// first we'll split this cookie up into name/value pairs
// note: document.cookie only returns name=value, not the other components
var a_all_cookies = document.cookie.split(';'),
a_temp_cookie = '',
cookie_name = '',
cookie_value = '',
b_cookie_found = false;
for (i = 0; i < a_all_cookies.length; i++) {
// now we'll split apart each name=value pair
a_temp_cookie = a_all_cookies[i].split('=');
// and trim left/right whitespace while we're at it
cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
// if the extracted name matches passed check_name
if (cookie_name == check_name) {
b_cookie_found = true;
// we need to handle case where cookie has no value but exists (no = sign, that is):
if (a_temp_cookie.length > 1) {
cookie_value = unescape(a_temp_cookie[1].replace(/^\s+|\s+$/g, ''));
}
// note that in cases where cookie is initialized but no value, null is returned
return cookie_value;
break;
}
a_temp_cookie = null;
cookie_name = '';
}
if (!b_cookie_found) {
return null;
}
}
if (Get_Cookie(name)) {
var domain = domain || document.domain;
var path = path || "/";
var today = new Date();
var expiryDate = new Date();
expiryDate.setDate(today.getDate() - 2);
document.cookie = name + "=; expires=" + expiryDate + "; domain=" + domain + "; path=" + path;
}
}
catch (err) { }
};
</script>
</head>
<body class=''>
<div id="cookie-banner"></div>
<div id="skiptocontent"><a href="#hero" class="skip-content">skip to main content</a></div>
<div style="background-color: #672D79;padding:10px;font-size:16px;text-align:center;color:#fff;">We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. <a href="https://forums.iis.net/t/1252649.aspx?IIS+NET+Forums+are+Moving+to+Microsoft+Q+A" style="color:#fff;">Learn more &gt;</a></div>
<header id="header-site" class='full-width single-nav'>
<div class="ms-logo"><a href="javascript:0" class="icon-menu" aria-label="Expand to view navigation menu"><span class="icon-bar" /><span class="icon-bar" /><span class="icon-bar" /></a><a id="logo" href="https://www.microsoft.com">Microsoft</a></div><p id="search-site"><input type="text" name="search" id="txt-search" placeholder="Search all of IIS.NET" aria-label="Search through site content" /><button type="submit" id="btn-search-submit" aria-label="Search"><svg version="1.1" width="16" height="16" id="Layer_1" x="0px" y="0px" viewBox="0 0 18 18" enable-background="new 0 0 18 18" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<path fill="#FFFFFF" stroke="#FFFFFF" stroke-width="1.5" d="M5.89,11.594c1.32,0,2.532-0.461,3.49-1.229l7.267,7.268c0.122,0.119,0.28,0.182,0.439,0.182s0.319-0.063,0.44-0.182c0.242-0.244,0.242-0.639,0-0.881L10.26,9.486c0.767-0.958,1.229-2.17,1.229-3.49c0-3.087-2.511-5.598-5.599-5.598c-3.087,0-5.598,2.511-5.598,5.598S2.803,11.594,5.89,11.594 M5.89,1.642c2.401,0,4.354,1.953,4.354,4.354S8.291,10.35,5.89,10.35c-2.4,0-4.354-1.953-4.354-4.354S3.489,1.642,5.89,1.642" /></svg></button></p>
<script type="text/javascript">
var currentUsername = '';
</script><ul id="nav-user"><li><a href="https://login.iis.net/login/signin.aspx?ReturnUrl=https://www.iis.net/">Sign In</a></li></ul>
<nav id="nav-primary" aria-label="Primary navigation menu"><a href="https://www.iis.net/" class="iis-logo">IIS</a><ul class="menu"><li><a href="https://www.iis.net/" class="current">
Home
</a></li><li><a href="https://docs.microsoft.com/en-us/IIS-Administration/">
Manage
</a></li><li><a href="https://www.iis.net/downloads">
Downloads
</a>
</li><li><a href="https://www.iis.net/learn">
Learn
</a></li><li><a href="https://www.iis.net/configreference">
Reference
</a></li>
<li id="solutions-menu"><a href="javascript:;" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Solutions <span></span></a>
<div>
<ul>
<li>Technologies</li>
<li><a href="https://www.microsoft.com/net">.NET Framework</a></li>
<li><a href="//www.asp.net">ASP.NET</a></li>
<li><a href="https://php.iis.net/">PHP</a></li>
<li><a href="https://www.microsoft.com/en-us/cloud-platform/windows-server">Windows Server</a></li>
<li><a href="https://www.microsoft.com/en-us/sql-server/">SQL Server</a></li>
<li><a href="https://webgallery.microsoft.com/gallery">Web App Gallery</a></li>
<li><a href="https://azure.microsoft.com/">Microsoft Azure</a></li>
</ul>
<ul>
<li>Tools</li>
<li><a href="https://visualstudio.microsoft.com/">Visual Studio</a></li>
<li><a href="https://code.visualstudio.com/">Visual Studio Code</a></li>
<li><a href="https://www.microsoft.com/web/downloads/platform.aspx">Web Platform Installer</a></li>
</ul>
<ul>
<li>Get Help:</li>
<li><a href="https://forums.iis.net/">Ask a Question in our Forums</a></li>
<li><a href="https://www.iis.net/contact">More Help Resources</a></li>
</ul>
</div>
</li>
<li><a href="https://blogs.iis.net/">
Blogs
</a></li><li class="last-child"><a href="https://forums.iis.net/">Forums</a></li></ul></nav>
</header>
<div class="full-width">
<section id="hero" class="hero-home">
<header>
<h1>A flexible &amp; easy-to-manage web server...</h1>
</header>
<p>Internet Information Services (IIS) for Windows&reg; Server is a flexible, secure and manageable Web server for hosting anything on the Web. From media streaming to web applications, IIS's scalable and open architecture is ready to handle the most demanding tasks.</p>
<p class="actions"><a class="btn" href="/overview">Get Started with IIS</a> <a class="btn" href="https://manage.iis.net">Manage IIS</a></p>
</section>
<div id="parentDiv">
<div id="headerContentDiv1">
<div id="HHS1" data-adzoneid="668682" class="ad-home" data-adwidth="320px" data-adheight="55px" style="width: 320px; height: 55px;">
<iframe title="advertisement" width="320" height="55" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/668682/0/vh?z=effectus&dim=668296&kw=&click=">
<script type="text/javascript" language="JavaScript" src="https://effectus.nui.media/pipeline/668682/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe"></script>
<noscript>
<a href="https://effectus.nui.media/pipeline/668682/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/668682/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe" width="320" height="55" alt="" border="0"></a>
</noscript>
</iframe>
</div>
</div>
<div id="headerContentDiv2">
<div id="HHS2" data-adzoneid="680043" class="ad-home" data-adwidth="320px" data-adheight="55px" style="width: 320px; height: 55px;">
<iframe title="advertisement" width="320" height="55" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/680043/0/vh?z=effectus&dim=668296&kw=&click=">
<script type="text/javascript" language="JavaScript" src="https://effectus.nui.media/pipeline/680043/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe"></script>
<noscript>
<a href="https://effectus.nui.media/pipeline/680043/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/680043/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe" width="320" height="55" alt="" border="0"></a>
</noscript>
</iframe>
</div>
</div>
<div id="headerContentDiv3">
<div id="HHS3" data-adzoneid="680044" class="ad-home" data-adwidth="320px" data-adheight="55px" style="width: 320px; height: 55px;">
<iframe title="advertisement" width="320" height="55" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/680044/0/vh?z=effectus&dim=668296&kw=&click=">
<script type="text/javascript" language="JavaScript" src="https://effectus.nui.media/pipeline/680044/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe"></script>
<noscript><a href="https://effectus.nui.media/pipeline/680044/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/680044/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe" width="320" height="55" alt="" border="0"></a></noscript>
</iframe>
</div>
</div>
</div>
<section class="announcments"><strong>ANNOUNCEMENTS:</strong><ul><li><a href="https://www.iis.net/downloads/microsoft/iis-compression">IIS Compression module released</a></li><li><a href="https://blogs.iis.net/iisteam/introducing-iis-cors-1-0">Introducing IIS CORS 1.0</a></li><li><a href="https://blogs.iis.net/iisteam/url-rewrite-v2-1">URL Rewrite 2.1</a></li><li><a href="https://blogs.iis.net/adminapi">manage.iis.net</a></li><li><a href="https://blogs.iis.net/bariscaglar/iisadministration-powershell-cmdlets-new-feature-in-windows-10-server-2016">IIS PowerShell Cmdlets</a></li><li><a href="https://blogs.iis.net/davidso/http2">HTTP/2 Support for IIS</a></li></ul></section>
<div class="page two-right">
<div class="col-mid">
<div id="azk52365" data-adzoneid="668290" class="ad ad-home2" data-adwidth="610px" data-adheight="48px" style="width: 610px; height: 48px;">
<iframe title="advertisement" width="610" height="48" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/668290/0/vh?z=effectus&dim=668283&kw=&click=">
<script type="text/javascript" language="JavaScript" src="https://effectus.nui.media/pipeline/668290/0/vj?z=effectus&dim=668283&kw=&click=&abr=$scriptiniframe"></script>
<noscript>
<a href="https://effectus.nui.media/pipeline/668290/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/668290/0/vc?z=effectus&dim=668283&kw=&click=&abr=$imginiframe" width="610" height="48" alt="" border="0"></a>
</noscript>
</iframe>
</div>
<section class="grouped-list"><header><h3>Recent Blog Posts</h3><ul class="group-nav"><li><a href="https://blogs.iis.net/">View All</a></li><li><a class="RSS" href="https://blogs.iis.net/feed/recent-posts.xml" aria-label="Subscribe"><svg viewBox="0 0 2048 2048" width="18" height="18" xmlns="http://www.w3.org/2000/svg"><path d="M192 1536q40 0 75 15t61 41 41 61 15 75q0 40-15 75t-41 61-61 41-75 15q-40 0-75-15t-61-41-41-61-15-75q0-40 15-75t41-61 61-41 75-15zM0 1024q124 0 238 32t214 90 181 140 140 181 91 214 32 239H736q0-101-26-195t-75-176-115-149-149-115-176-74-195-27v-160zm0-512q194 0 374 50t336 142 285 220 220 285 142 336 51 375h-160q0-172-44-331t-126-298-196-253-252-195-298-126T0 672V512zM0 0q265 0 510 68t459 194 388 300 301 389 193 458 69 511h-160q0-243-63-467t-178-420-275-356-356-276-420-178T0 160V0z" /></svg></a></li></ul></header><article class="author-list"><header><h4><a href="https://blogs.iis.net:443/mvolo/Fixing-W3WPexe-memory-leaks-is-easier-than-you-think">Fixing W3WP.exe memory leaks is easier than you think</a></h4><p>Tuesday April 5, 2022 by mvolo</p><img src="https://iisumbraco.blob.core.windows.net/media/6718159/mike-volodarsky.jpg" alt="author" class="author" /></header><p>Memory leaks can be causing poor website performance, and blowing out your cloud hosting costs.You can now easily reduce memory usage and fix memory leaks, check out our Diagnose w3wp.exe memory us...</p></article><article class="author-list"><header><h4><a href="https://blogs.iis.net:443/mvolo/Contents/Item/Display/1781">Fixing W3WP.exe memory leaks is easier than you think</a></h4><p>Tuesday April 5, 2022 by mvolo</p><img src="https://iisumbraco.blob.core.windows.net/media/6718159/mike-volodarsky.jpg" alt="author" class="author" /></header><p>Memory leaks can be causing poor website performance, and blowing out your cloud hosting costs.You can now easily reduce memory usage and fix memory leaks, check out our Diagnose w3wp.exe memory us...</p></article><article class="author-list"><header><h4><a href="https://blogs.iis.net:443/mvolo/Async-await-hangs-in-ASPNET-Core-MVC-and-WebAPI">Async await hangs in ASP.NET Core, MVC and WebAPI</a></h4><p>Tuesday March 8, 2022 by mvolo</p><img src="https://iisumbraco.blob.core.windows.net/media/6718159/mike-volodarsky.jpg" alt="author" class="author" /></header><p>Debugging async hangs in ASP.NET core, MVC and WebAPI apps can be extra hard!To help, we added async task support to LeanSentry hang diagnostics. Check out the Diagnose async hangs in ASP.NET Core,...</p></article><article class="author-list"><header><h4><a href="https://blogs.iis.net:443/mvolo/You-may-be-massively-overpaying-for-your-CPUs">You may be massively overpaying for your CPUs</a></h4><p>Wednesday February 23, 2022 by mvolo</p><img src="https://iisumbraco.blob.core.windows.net/media/6718159/mike-volodarsky.jpg" alt="author" class="author" /></header><p>You could be throwing away 50-80% of your cloud instance CPU power, due to common .NET CPU overheads.Learn more about these and how to remove them to save on your cloud costs in our W3wp high CPU g...</p></article></section>
</div>
<section class="col-right">
<div id="FeaturedAd" data-adzoneid="674040" class="ad-300x250 " data-adwidth="300px" data-adheight="250px" style="width: 300px; height: 250px;">
<iframe title="advertisement" width="300" height="250" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/674040/0/vh?z=effectus&dim=602457&kw=&click=">
<script type="text/javascript" lang="JavaScript" src="https://effectus.nui.media/pipeline/674040/0/vj?z=effectus&dim=602457&kw=&click=&abr=$scriptiniframe"></script>
<noscript>
<a href="https://effectus.nui.media/pipeline/674040/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/674040/0/vc?z=effectus&dim=602457&kw=&click=&abr=$imginiframe" width="300" height="250" alt="" border="0">
</a>
</noscript>
</iframe>
</div>
<nav class="nav-base" aria-label="Sidebar navigation menu"><h2 class="iconed"><span class="icon icon-windows">Windows</span>Featured Microsoft Supported Downloads</h2>
<ul class="nav-numbered">
<li><a href="//blogs.iis.net/roman/archive/2013/07/26/application-request-router-arr-3-0-rtm-is-now-available.aspx">Application Request Routing (ARR) 3.0</a></li>
<li><a href="https://www.microsoft.com/en-us/download/details.aspx?id=43717">Web Deploy 3.6</a></li>
<li><a href="/downloads/microsoft/url-rewrite">URL Rewrite</a></li>
</ul>
<h2 class="iconed"><span class="icon icon-user">User</span>Featured Community Downloads</h2>
<ul class="nav-numbered">
<li><a href="/downloads/community/2011/07/rtr-frontpage-server-extensions-for-iis-75-on-windows-server-2008-r2-and-windows-7">RTR FrontPage Server Extensions for IIS 7.5</a></li>
<li><a href="/downloads/community/2013/05/servant-for-iis">Servant for IIS</a></li>
<li><a href="/downloads/community/2013/05/iispeed">IISpeed</a></li>
</ul></nav>
</section>
</div>
<div id="BottomAd" data-adtypeid="674039" class="ad centered-ad-728" data-adwidth="728px" data-adheight="90px" style="width: 728px; height: 90px;">
<iframe title="advertisement" width="728" height="90" scrolling="No" frameborder="0" marginheight="0" marginwidth="0" src="https://effectus.nui.media/pipeline/674039/0/vh?z=effectus&dim=602464&kw=&click=">
<script type="text/javascript" lang="JavaScript" src="https://effectus.nui.media/pipeline/674039/0/vj?z=effectus&dim=602464&kw=&click=&abr=$scriptiniframe"></script>
<noscript>
<a href="https://effectus.nui.media/pipeline/674039/0/cc?z=effectus">
<img src="https://effectus.nui.media/pipeline/674039/0/vc?z=effectus&dim=602464&kw=&click=&abr=$imginiframe" width="728" height="90" alt="" border="0">
</a>
</noscript>
</iframe>
</div>
<footer id="footer-site">
<ul>
<li class="text-links">This site is managed for Microsoft by Neudesic, LLC. | ©&nbsp;2023&nbsp;Microsoft. All rights reserved.</li>
<li><a href="https://go.microsoft.com/fwlink/?LinkId=521839" data-mscc-ic="false">Privacy Statement</a></li>
<li><a href="https://www.iis.net/terms-of-use" data-mscc-ic="false">Terms of Use</a></li>
<li><a href="https://www.iis.net/contact">Contact Us</a></li>
<li><a href="https://azure.microsoft.com/">Hosted on Microsoft Azure</a></li>
<li><a href="https://www.effectusmedia.com/?site=iis#contactus">Advertise with Us</a></li>
<li style="display:none" class="manageCookieChoice"><a href="#" onclick="javascript:manageConsent(); return false;" data-s-object-id="footer">Manage cookies</a></li>
</ul>
<ul class="social">
<li>Follow us on:</li>
<li><a href="https://www.twitter.com/inetsrv/" class="twitter">Twitter</a></li>
<li><a href="https://facebook.com/inetsrv/" class="facebook">Facebook</a></li>
</ul>
<ul class="logo">
<li><a href="https://microsoft.com/" class="logo-footer">Microsoft</a></li>
<li><a href="https://forums.iis.net/1080.aspx">Feedback on IIS</a></li>
</ul>
</footer>
</div>
<script src='https://www-iis.azureedge.net/v-2022-12-20-01/scripts-bundle/jquery-3.5.1.min.js' type="text/javascript"></script>
<script type="text/javascript">$.ajaxSetup({ cache: false }); var searchDomain ='https://www.iis.net';</script>
<script type="text/javascript">var s=document.createElement('script');s.type='text/javascript';s.src='https://www-iis.azureedge.net/v-2022-12-20-01/scripts-bundle/main.js';document.body.appendChild(s);</script>
</body>
</html>

View File

@ -1,409 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>nginx</title><style type="text/css">body { background: white; color: black; font-family: sans-serif; line-height: 1.4em; text-align: center; margin: 0; padding: 0; } #banner { background: black; color: #F2F2F2; line-height: 1.2em; padding: .3em 0; box-shadow: 0 5px 10px black; } #banner a { color: #00B140; } #main { text-align: left; margin: 0 auto; min-width: 32em; max-width: 64em; } #menu { float: right; width: 11em; padding: 0 .5em 1em .5em; border-left: 2px solid #DDD; } #content { margin-right: 13.5em; padding: 0 .2em 0 1.5em; } h1 { display: block; font-size: 3em; text-align: left; height: .7em; margin: 0; margin-bottom: .5em; } h1 img { width: 100%; } h2 { text-align: center; } p { text-align: justify; } table.news p { margin-top: 0; } table.news td { vertical-align: baseline; } table.news .date { text-align: right; padding-right: 0.5em; white-space: nowrap; } table.donors td { vertical-align: baseline; } table.donors li { text-align: left; } div.directive { background: #F2F2F2; line-height: 1em; margin: 1em 0 1em -1em; padding: .7em .7em .7em 1em; border-top: 2px solid #DDD; } div.directive th { padding-left: 0; padding-right: .5em; vertical-align: baseline; text-align: left; font-weight: normal; } div.directive td { vertical-align: baseline; } div.directive pre { padding: 0; margin: 0; } div.directive p { margin: .5em 0 0 .1em; font-size: .8em; } a.notrans { color: gray; text-decoration:none; } span.initial { font-size: 200%; float: left; padding-right: 10pt;} ul, ol { margin: .5em 0 1em 1em; padding: 0 .5em; } ol { list-style-position: inside; } li { text-align: justify; padding: .5em 0 0 1px; } .compact li { padding-top: 0; } dl { margin: .5em 0 1em 0; } dt { margin: .5em 0; } .compact dt { margin-bottom: .2em; } dd { margin-left: 1.5em; padding-left: 1px; text-align: justify; } td.list { background: #F2F2F2; } blockquote { margin: 1em 0 1em 1em; padding: .5em; } li blockquote, dd blockquote { margin: .7em 0; } blockquote.note { border: 1px dotted #999; line-height: 1.2em; text-align: justify; } blockquote.example { line-height: 1em; border-left: 1px solid #BBB; } blockquote.example pre { padding: 0; margin: 0; } sup { font-size: 50%; } .video { position: relative; padding-bottom: 56.25%; overflow: hidden; } .video iframe, .video object, .video embed { position: absolute; top:0; left:0; width:100%; height:100%; }</style><script>
window.addEventListener("load", function(e) {
fetch("../banner/banner.html")
.then((response) => response.text())
.then((resp) => {
document.getElementById("banner").innerHTML = resp;
})
.catch((error) => {
console.warn(error);
});
});
</script></head><body><div id="banner"></div><div id="main"><div id="menu"><h1><a href="/"><img src="/nginx.png" alt="nginx"></a></h1><div>english<br><a href="../ru/">русский</a><br><br><a href="../">news</a><br>about<br><a href="download.html">download</a><br><a href="security_advisories.html">security</a><br><a href="docs/">documentation</a><br><a href="docs/faq.html">faq</a><br><a href="books.html">books</a><br><a href="support.html">support</a><br><br><a href="http://trac.nginx.org/nginx">trac</a><br><a href="http://twitter.com/nginxorg">twitter</a><br><a href="https://www.nginx.com/blog/">blog</a><br><br><a href="https://unit.nginx.org/">unit</a><br><a href="docs/njs/">njs</a><br></div></div><div id="content"><h2>nginx</h2><table width="100%"><tr><td align="left"><a href="#basic_http_features">Basic HTTP server features</a><br><a href="#other_http_features">Other HTTP server features</a><br><a href="#mail_proxy_server_features">Mail proxy server features</a><br><a href="#generic_proxy_server_features">TCP/UDP proxy server features</a><br><a href="#architecture_and_scalability">Architecture and scalability</a><br><a href="#tested_os_and_platforms">Tested OS and platforms</a><br></td></tr></table><p>
nginx [engine x] is an HTTP and reverse proxy server,
a mail proxy server,
and a generic TCP/UDP proxy server,
originally written by <a href="http://sysoev.ru/en/">Igor Sysoev</a>.
For a long time, it has been running
on many heavily loaded Russian sites including
<a href="http://www.yandex.ru">Yandex</a>,
<a href="http://mail.ru">Mail.Ru</a>,
<a href="http://vk.com">VK</a>, and
<a href="http://www.rambler.ru">Rambler</a>.
According to Netcraft, nginx served or proxied
<a href="https://news.netcraft.com/archives/2022/12/20/december-2022-web-server-survey.html">21.25%
busiest sites in December 2022</a>.
Here are some of the success stories:
<a href="https://blogs.dropbox.com/tech/2017/09/optimizing-web-servers-for-high-throughput-and-low-latency/">Dropbox</a>,
<a href="https://openconnect.netflix.com/en/software/">Netflix</a>,
<a href="https://www.nginx.com/case-studies/nginx-wordpress-com/">Wordpress.com</a>,
<a href="http://blog.fastmail.fm/2007/01/04/webimappop-frontend-proxies-changed-to-nginx/">FastMail.FM</a>.
</p><p>
The sources and documentation are distributed under the
<a href="../LICENSE">2-clause BSD-like license</a>.
</p><p>
Commercial support is available from
<a href="https://www.nginx.com">Nginx, Inc.</a>
</p><a name="basic_http_features"></a><center><h4>Basic HTTP server features</h4></center><p>
</p> <ul class="compact">
<li>
Serving static and
<a href="docs/http/ngx_http_index_module.html">index</a>
files,
<a href="docs/http/ngx_http_autoindex_module.html">autoindexing</a>;
<a href="docs/http/ngx_http_core_module.html#open_file_cache">open file descriptor cache</a>;
</li>
<li>
<a href="docs/http/ngx_http_proxy_module.html">Accelerated
reverse proxying with caching</a>;
<a href="docs/http/ngx_http_upstream_module.html">load balancing
and fault tolerance</a>;
</li>
<li>
Accelerated support with caching of
<a href="docs/http/ngx_http_fastcgi_module.html">FastCGI</a>,
<a href="docs/http/ngx_http_uwsgi_module.html">uwsgi</a>,
<a href="docs/http/ngx_http_scgi_module.html">SCGI</a>, and
<a href="docs/http/ngx_http_memcached_module.html">memcached</a>
servers;
<a href="docs/http/ngx_http_upstream_module.html">load balancing
and fault tolerance</a>;
</li>
<li>
Modular architecture.
Filters include
<a href="docs/http/ngx_http_gzip_module.html">gzipping</a>,
byte ranges, chunked responses,
<a href="docs/http/ngx_http_xslt_module.html">XSLT</a>,
<a href="docs/http/ngx_http_ssi_module.html">SSI</a>,
and <a href="docs/http/ngx_http_image_filter_module.html">image
transformation</a> filter.
Multiple SSI inclusions within a single page can be processed in
parallel if they are handled by proxied or FastCGI/uwsgi/SCGI servers;
</li>
<li>
<a href="docs/http/ngx_http_ssl_module.html">SSL and
TLS SNI support</a>;
</li>
<li>
Support for <a href="docs/http/ngx_http_v2_module.html">HTTP/2</a>
with weighted and dependency-based prioritization.
</li>
</ul><p>
</p><a name="other_http_features"></a><center><h4>Other HTTP server features</h4></center><p>
</p> <ul class="compact">
<li>
Name-based and IP-based
<a href="docs/http/request_processing.html">virtual servers</a>;
</li>
<li>
<a href="docs/http/ngx_http_core_module.html#keepalive_timeout">Keep-alive</a>
and pipelined connections support;
</li>
<li>
<a href="docs/http/ngx_http_log_module.html#log_format">Access
log formats</a>,
<a href="docs/http/ngx_http_log_module.html#access_log">buffered
log writing</a>,
<a href="docs/control.html#logs">fast log rotation</a>, and
<a href="docs/syslog.html">syslog logging</a>;
</li>
<li>
3xx-5xx error codes
<a href="docs/http/ngx_http_core_module.html#error_page">redirection</a>;
</li>
<li>
The rewrite module:
<a href="docs/http/ngx_http_rewrite_module.html">URI changing
using regular expressions</a>;
</li>
<li>
<a href="docs/http/ngx_http_rewrite_module.html#if">Executing
different functions</a> depending on the
<a href="docs/http/ngx_http_geo_module.html">client address</a>;
</li>
<li>
Access control based on
<a href="docs/http/ngx_http_access_module.html">client IP address</a>,
<a href="docs/http/ngx_http_auth_basic_module.html">by password (HTTP
Basic authentication)</a> and by the
<a href="docs/http/ngx_http_auth_request_module.html">result of
subrequest</a>;
</li>
<li>
Validation of
<a href="docs/http/ngx_http_referer_module.html">HTTP referer</a>;
</li>
<li>
The <a href="docs/http/ngx_http_dav_module.html">PUT, DELETE, MKCOL, COPY,
and MOVE</a> methods;
</li>
<li>
<a href="docs/http/ngx_http_flv_module.html">FLV</a>
and
<a href="docs/http/ngx_http_mp4_module.html">MP4</a>
streaming;
</li>
<li>
<a href="docs/http/ngx_http_core_module.html#limit_rate">Response rate limiting</a>;
</li>
<li>
Limiting the number of simultaneous
<a href="docs/http/ngx_http_limit_conn_module.html">connections</a>
or
<a href="docs/http/ngx_http_limit_req_module.html">requests</a>
coming from one address;
</li>
<li>
<a href="docs/http/ngx_http_geoip_module.html">IP-based geolocation</a>;
</li>
<li>
<a href="docs/http/ngx_http_split_clients_module.html">A/B testing</a>;
</li>
<li>
<a href="docs/http/ngx_http_mirror_module.html">Request mirroring</a>;
</li>
<li>
Embedded <a href="docs/http/ngx_http_perl_module.html">Perl</a>;
</li>
<li>
<a href="docs/njs/index.html">njs</a> scripting language.
</li>
</ul><p>
</p><a name="mail_proxy_server_features"></a><center><h4>Mail proxy server features</h4></center><p>
</p> <ul class="compact">
<li>
User redirection to
<a href="docs/mail/ngx_mail_imap_module.html">IMAP</a>
or
<a href="docs/mail/ngx_mail_pop3_module.html">POP3</a>
server using an external HTTP
<a href="docs/mail/ngx_mail_auth_http_module.html">authentication</a>
server;
</li>
<li>
User authentication using an external HTTP
<a href="docs/mail/ngx_mail_auth_http_module.html">authentication</a>
server and connection redirection to an internal
<a href="docs/mail/ngx_mail_smtp_module.html">SMTP</a> server;
</li>
<li>
Authentication methods:
<ul class="compact">
<li>
<a href="docs/mail/ngx_mail_pop3_module.html#pop3_auth">POP3</a>:
USER/PASS, APOP, AUTH LOGIN/PLAIN/CRAM-MD5;
</li>
<li>
<a href="docs/mail/ngx_mail_imap_module.html#imap_auth">IMAP</a>:
LOGIN, AUTH LOGIN/PLAIN/CRAM-MD5;
</li>
<li>
<a href="docs/mail/ngx_mail_smtp_module.html#smtp_auth">SMTP</a>:
AUTH LOGIN/PLAIN/CRAM-MD5;
</li>
</ul>
</li>
<li>
<a href="docs/mail/ngx_mail_ssl_module.html">SSL</a> support;
</li>
<li>
<a href="docs/mail/ngx_mail_ssl_module.html#starttls">STARTTLS
and STLS</a> support.
</li>
</ul><p>
</p><a name="generic_proxy_server_features"></a><center><h4>TCP/UDP proxy server features</h4></center><p>
</p> <ul class="compact">
<li>
<a href="docs/stream/ngx_stream_proxy_module.html">Generic proxying</a>
of TCP and UDP;
</li>
<li>
<a href="docs/stream/ngx_stream_ssl_module.html">SSL</a> and
TLS <a href="docs/stream/ngx_stream_ssl_preread_module.html">SNI</a> support
for TCP;
</li>
<li>
<a href="docs/stream/ngx_stream_upstream_module.html">Load balancing
and fault tolerance</a>;
</li>
<li>
Access control based on
<a href="docs/stream/ngx_stream_access_module.html">client address</a>;
</li>
<li>
Executing different functions depending on the
<a href="docs/stream/ngx_stream_geo_module.html">client address</a>;
</li>
<li>
Limiting the number of simultaneous
<a href="docs/stream/ngx_stream_limit_conn_module.html">connections</a>
coming from one address;
</li>
<li>
<a href="docs/stream/ngx_stream_log_module.html#log_format">Access
log formats</a>,
<a href="docs/stream/ngx_stream_log_module.html#access_log">buffered
log writing</a>,
<a href="docs/control.html#logs">fast log rotation</a>, and
<a href="docs/syslog.html">syslog logging</a>;
</li>
<li>
<a href="docs/stream/ngx_stream_geoip_module.html">IP-based geolocation</a>;
</li>
<li>
<a href="docs/stream/ngx_stream_split_clients_module.html">A/B testing</a>;
</li>
<li>
<a href="docs/njs/index.html">njs</a> scripting language.
</li>
</ul><p>
</p><a name="architecture_and_scalability"></a><center><h4>Architecture and scalability</h4></center><p>
</p> <ul class="compact">
<li>
One master and several worker processes;
worker processes run under an unprivileged user;
</li>
<li>
<a href="docs/example.html">Flexible configuration</a>;
</li>
<li>
<a href="docs/control.html#reconfiguration">Reconfiguration</a>
and <a href="docs/control.html#upgrade">upgrade of an
executable</a> without interruption of the client servicing;
</li>
<li>
<a href="docs/events.html">Support</a> for
kqueue (FreeBSD 4.1+),
epoll (Linux 2.6+),
/dev/poll (Solaris 7 11/99+), event ports (Solaris 10),
select, and poll;
</li>
<li>
The support of the various kqueue features including EV_CLEAR, EV_DISABLE
(to temporarily disable events), NOTE_LOWAT, EV_EOF, number of available data,
error codes;
</li>
<li>
The support of various epoll features including
EPOLLRDHUP (Linux 2.6.17+, glibc 2.8+) and
EPOLLEXCLUSIVE (Linux 4.5+, glibc 2.24+);
</li>
<li>
sendfile (FreeBSD 3.1+, Linux 2.2+, macOS 10.5+), sendfile64 (Linux 2.4.21+),
and sendfilev (Solaris 8 7/01+) support;
</li>
<li>
<a href="docs/http/ngx_http_core_module.html#aio">File AIO</a>
(FreeBSD 4.3+, Linux 2.6.22+);
</li>
<li>
<a href="docs/http/ngx_http_core_module.html#directio">DIRECTIO</a>
(FreeBSD 4.4+, Linux 2.4+, Solaris 2.6+, macOS);
</li>
<li>
Accept-filters (FreeBSD 4.1+, NetBSD 5.0+) and TCP_DEFER_ACCEPT (Linux 2.4+)
<a href="docs/http/ngx_http_core_module.html#listen">support</a>;
</li>
<li>
10,000 inactive HTTP keep-alive connections take about 2.5M memory;
</li>
<li>
Data copy operations are kept to a minimum.
</li>
</ul><p>
</p><a name="tested_os_and_platforms"></a><center><h4>Tested OS and platforms</h4></center><p>
</p> <ul class="compact">
<li>
FreeBSD 3 — 12 / i386;
FreeBSD 5 — 12 / amd64;
FreeBSD 11 / ppc;
FreeBSD 12 / ppc64;
</li>
<li>
Linux 2.2 — 4 / i386;
Linux 2.6 — 5 / amd64;
Linux 3 — 4 / armv6l, armv7l, aarch64, ppc64le;
Linux 4 — 5 / s390x;
</li>
<li>
Solaris 9 / i386, sun4u;
Solaris 10 / i386, amd64, sun4v;
Solaris 11 / x86;
</li>
<li>
AIX 7.1 / powerpc;
</li>
<li>
HP-UX 11.31 / ia64;
</li>
<li>
macOS / ppc, i386, x86_64;
</li>
<li>
Windows XP,
Windows Server 2003,
Windows 7,
Windows 10.
</li>
</ul><p>
</p></div></div></body></html>

View File

@ -1,281 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>mod_dav - Apache HTTP Server Version 2.4</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
<script src="../style/scripts/prettify.min.js" type="text/javascript">
</script>
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.4</p>
<img alt="" src="../images/feather.png" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.4</a> &gt; <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_dav</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_dav.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../fr/mod/mod_dav.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
<a href="../ja/mod/mod_dav.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
<a href="../ko/mod/mod_dav.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Distributed Authoring and Versioning
(<a href="http://www.webdav.org/">WebDAV</a>) functionality</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>dav_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_dav.c</td></tr></table>
<h3>Summary</h3>
<p>This module provides class 1 and class 2 <a href="http://www.webdav.org">WebDAV</a> ('Web-based Distributed
Authoring and Versioning') functionality for Apache. This
extension to the HTTP protocol allows creating, moving,
copying, and deleting resources and collections on a remote web
server.</p>
</div>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#example">Enabling WebDAV</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Issues</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#complex">Complex Configurations</a></li>
</ul><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#dav">Dav</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#davdepthinfinity">DavDepthInfinity</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#davmintimeout">DavMinTimeout</a></li>
</ul>
<h3>Bugfix checklist</h3><ul class="seealso"><li><a href="https://www.apache.org/dist/httpd/CHANGES_2.4">httpd changelog</a></li><li><a href="https://bz.apache.org/bugzilla/buglist.cgi?bug_status=__open__&amp;list_id=144532&amp;product=Apache%20httpd-2&amp;query_format=specific&amp;order=changeddate%20DESC%2Cpriority%2Cbug_severity&amp;component=mod_dav">Known issues</a></li><li><a href="https://bz.apache.org/bugzilla/enter_bug.cgi?product=Apache%20httpd-2&amp;component=mod_dav">Report a bug</a></li></ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/mod_dav_fs.html#davlockdb">DavLockDB</a></code></li>
<li><code class="directive"><a href="../mod/core.html#limitxmlrequestbody">LimitXMLRequestBody</a></code></li>
<li><a href="http://www.webdav.org">WebDAV Resources</a></li>
<li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="example" id="example">Enabling WebDAV</a></h2>
<p>To enable <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code>, add the following to a
container in your <code>httpd.conf</code> file:</p>
<pre class="prettyprint lang-config">Dav On</pre>
<p>This enables the DAV file system provider, which is implemented
by the <code class="module"><a href="../mod/mod_dav_fs.html">mod_dav_fs</a></code> module. Therefore, that module
must be compiled into the server or loaded at runtime using the
<code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> directive.</p>
<p>In addition, a location for the DAV lock database must be
specified in the global section of your <code>httpd.conf</code>
file using the <code class="directive"><a href="../mod/mod_dav_fs.html#davlockdb">DavLockDB</a></code>
directive:</p>
<pre class="prettyprint lang-config">DavLockDB /usr/local/apache2/var/DavLock</pre>
<p>The directory containing the lock database file must be
writable by the <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code>
and <code class="directive"><a href="../mod/mod_unixd.html#group">Group</a></code> under which
Apache is running.</p>
<p>You may wish to add a <code class="directive"><a href="../mod/core.html#limit">&lt;Limit&gt;</a></code> clause inside the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> directive to limit access to
DAV-enabled locations. If you want to set the maximum amount of
bytes that a DAV client can send at one request, you have to use
the <code class="directive"><a href="../mod/core.html#limitxmlrequestbody">LimitXMLRequestBody</a></code>
directive. The "normal" <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code> directive has no effect on DAV
requests.</p>
<div class="example"><h3>Full Example</h3><pre class="prettyprint lang-config">DavLockDB "/usr/local/apache2/var/DavLock"
&lt;Directory "/usr/local/apache2/htdocs/foo"&gt;
Require all granted
Dav On
AuthType Basic
AuthName DAV
AuthUserFile "user.passwd"
&lt;LimitExcept GET POST OPTIONS&gt;
Require user admin
&lt;/LimitExcept&gt;
&lt;/Directory&gt;</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="security" id="security">Security Issues</a></h2>
<p>Since DAV access methods allow remote clients to manipulate
files on the server, you must take particular care to assure that
your server is secure before enabling <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code>.</p>
<p>Any location on the server where DAV is enabled should be
protected by authentication. The use of HTTP Basic Authentication
is not recommended. You should use at least HTTP Digest
Authentication, which is provided by the
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> module. Nearly all WebDAV clients
support this authentication method. An alternative is Basic
Authentication over an <a href="../ssl/">SSL</a> enabled
connection.</p>
<p>In order for <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code> to manage files, it must
be able to write to the directories and files under its control
using the <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> and
<code class="directive"><a href="../mod/mod_unixd.html#group">Group</a></code> under which
Apache is running. New files created will also be owned by this
<code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> and <code class="directive"><a href="../mod/mod_unixd.html#group">Group</a></code>. For this reason, it is
important to control access to this account. The DAV repository
is considered private to Apache; modifying files outside of Apache
(for example using FTP or filesystem-level tools) should not be
allowed.</p>
<p><code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code> may be subject to various kinds of
denial-of-service attacks. The <code class="directive"><a href="../mod/core.html#limitxmlrequestbody">LimitXMLRequestBody</a></code> directive can be
used to limit the amount of memory consumed in parsing large DAV
requests. The <code class="directive"><a href="#davdepthinfinity">DavDepthInfinity</a></code> directive can be
used to prevent <code>PROPFIND</code> requests on a very large
repository from consuming large amounts of memory. Another
possible denial-of-service attack involves a client simply filling
up all available disk space with many large files. There is no
direct way to prevent this in Apache, so you should avoid giving
DAV access to untrusted users.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="complex" id="complex">Complex Configurations</a></h2>
<p>One common request is to use <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code> to
manipulate dynamic files (PHP scripts, CGI scripts, etc). This is
difficult because a <code>GET</code> request will always run the
script, rather than downloading its contents. One way to avoid
this is to map two different URLs to the content, one of which
will run the script, and one of which will allow it to be
downloaded and manipulated with DAV.</p>
<pre class="prettyprint lang-config">Alias "/phparea" "/home/gstein/php_files"
Alias "/php-source" "/home/gstein/php_files"
&lt;Location "/php-source"&gt;
Dav On
ForceType text/plain
&lt;/Location&gt;</pre>
<p>With this setup, <code>http://example.com/phparea</code> can be
used to access the output of the PHP scripts, and
<code>http://example.com/php-source</code> can be used with a DAV
client to manipulate them.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="Dav" id="Dav">Dav</a> <a name="dav" id="dav">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable WebDAV HTTP methods</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Dav On|Off|<var>provider-name</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Dav Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
</table>
<p>Use the <code class="directive">Dav</code> directive to enable the
WebDAV HTTP methods for the given container:</p>
<pre class="prettyprint lang-config">&lt;Location "/foo"&gt;
Dav On
&lt;/Location&gt;</pre>
<p>The value <code>On</code> is actually an alias for the default
provider <code>filesystem</code> which is served by the <code class="module"><a href="../mod/mod_dav_fs.html">mod_dav_fs</a></code> module. Note, that once you have DAV enabled
for some location, it <em>cannot</em> be disabled for sublocations.
For a complete configuration example have a look at the <a href="#example">section above</a>.</p>
<div class="warning">
Do not enable WebDAV until you have secured your server. Otherwise
everyone will be able to distribute files on your system.
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="DavDepthInfinity" id="DavDepthInfinity">DavDepthInfinity</a> <a name="davdepthinfinity" id="davdepthinfinity">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Allow PROPFIND, Depth: Infinity requests</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavDepthInfinity on|off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavDepthInfinity off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
</table>
<p>Use the <code class="directive">DavDepthInfinity</code> directive to
allow the processing of <code>PROPFIND</code> requests containing the
header 'Depth: Infinity'. Because this type of request could constitute
a denial-of-service attack, by default it is not allowed.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="DavMinTimeout" id="DavMinTimeout">DavMinTimeout</a> <a name="davmintimeout" id="davmintimeout">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Minimum amount of time the server holds a lock on
a DAV resource</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavMinTimeout <var>seconds</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavMinTimeout 0</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
</table>
<p>When a client requests a DAV resource lock, it can also
specify a time when the lock will be automatically removed by
the server. This value is only a request, and the server can
ignore it or inform the client of an arbitrary value.</p>
<p>Use the <code class="directive">DavMinTimeout</code> directive to specify, in
seconds, the minimum lock timeout to return to a client.
Microsoft Web Folders defaults to a timeout of 120 seconds; the
<code class="directive">DavMinTimeout</code> can override this to a higher value
(like 600 seconds) to reduce the chance of the client losing
the lock due to network latency.</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">&lt;Location "/MSWord"&gt;
DavMinTimeout 600
&lt;/Location&gt;</pre>
</div>
</div>
</div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/mod/mod_dav.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../fr/mod/mod_dav.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a> |
<a href="../ja/mod/mod_dav.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> |
<a href="../ko/mod/mod_dav.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_dav.html';
(function(w, d) {
if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
d.write('<div id="comments_thread"><\/div>');
var s = d.createElement('script');
s.type = 'text/javascript';
s.async = true;
s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
(d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
}
else {
d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
}
})(window, document);
//--><!]]></script></div><div id="footer">
<p class="apache">Copyright 2022 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
}
//--><!]]></script>
</body></html>

View File

@ -1,181 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head >
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="hMailServer - Free open source email server for Microsoft Windows">
<meta name="author" content="Martin Knafve">
<title>hMailServer - Free open source email server for Microsoft Windows</title>
<!-- Bootstrap Core CSS -->
<link href="/css/bootstrap-in-div.css" rel="stylesheet">
<!-- Custom CSS -->
<link href="/css/site.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
<!-- jQuery -->
<script src="/js/jquery.js"></script>
</head>
<body >
<div class="bootstrap">
<!-- Navigation -->
<nav class="navbar navbar-default navbar-static-top navbar-top navbar-shadow" role="navigation">
<div class="container">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav navbar-left">
<li class="active">
<a href="/">Welcome</a>
</li>
<li >
<a href="/functionality">Functionality</a>
</li>
<li >
<a href="/download">Download</a>
</li>
<!--<li >
<a href="/services">Services</a>
</li>-->
<li >
<a href="/docs">Documentation</a>
</li>
<li >
<a href="/community">Community</a>
</li>
</li>
<li>
<a href="/forum">Forum</a>
</li>
<li >
<a href="/contact">Contact</a>
</li>
</ul>
</div>
<!-- /.navbar-collapse -->
</div>
<!-- /.container -->
</nav>
<!-- Page Content -->
<div class="container" >
<div class="row" >
<div class="col-lg-12">
<h1 class="page-header">Welcome</h1>
</div>
</div>
</div>
<!-- Page Content -->
<div class="container">
<!-- Marketing Icons Section -->
<div class="row">
<div class="col-md-6">
<p>hMailServer is a free, open source, e-mail server for Microsoft Windows. It's used by Internet service providers, companies, governments, schools and enthusiasts in all parts of the world.
<br/><br/>
It supports the common e-mail protocols (IMAP, SMTP and POP3) and can easily be integrated with many existing web mail systems. It has flexible score-based spam protection and can attach to your virus scanner to scan all incoming and outgoing email.
</p>
</div>
<div class="col-md-6" align="center">
<div>
<br/>
<img src="images/top_picture.png" alt="hMailServer" style="margin: 10px; max-width:100%; max-height:100%;">
</div>
</div>
</div>
<div class="row">
<div class="col-md2">
</div>
</div>
<!-- /.row -->
<!-- Portfolio Section -->
<div class="row">
<div class="col-lg-12">
<h3 class="page-header">Core features</h3>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-heading">
<h4><i class="fa fa-fw fa-check"></i> Free & Open Source</h4>
</div>
<div class="panel-body">
<p>Licensed under AGPLv3, hMailServer can be used for free in most commercial scenarios. It's source code is available for anyone to <a href="https://github.com/hmailserver/hmailserver/">read or extend at GitHub</a>.</p>
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-heading">
<h4><i class="fa fa-fw fa-check"></i> Built-in Anti-Spam</h4>
</div>
<div class="panel-body">
<p>hMailServer comes with a set of built-in anti spam features such as SPF, SURBL. It can also be integrated with 3rd party anti spam systems such as <a href="http://www.jam-software.com/spamassassin/">SpamAssassin</a> and <a href="http://sourceforge.net/projects/assp/">ASSP</a>.</p>
</div>
</div>
</div>
<div class="col-md-4">
<div class="panel panel-default">
<div class="panel-heading">
<h4><i class="fa fa-fw fa-check"></i> Webmail</h4>
</div>
<div class="panel-body">
<p>Any webmail system which supports IMAP and SMTP can be used with hMailServer. <a href="http://roundcube.net/">RoundCube</a> and <a href="http://squirrelmail.org/">SquirrelMail</a> are popular webmail systems which are often used with hMailServer.</p>
</div>
</div>
</div>
</div>
</div>
<!-- /.container -->
<!-- jQuery -->
<script src="/js/jquery.js"></script>
<!-- Bootstrap Core JavaScript -->
<script src="/js/bootstrap.min.js"></script>
</body>
</html>

File diff suppressed because one or more lines are too long

File diff suppressed because it is too large Load Diff

View File

@ -1,554 +0,0 @@
<!DOCTYPE html>
<html lang="en-gb" dir="ltr">
<head>
<meta charset="utf-8" />
<base href="https://www.joomla.org/announcements/release-news/5664-joomla-3-6-is-here.html" />
<meta name="keywords" content="joomla, cms, php, release" />
<meta name="twitter:image" content="https://www.joomla.org/images/release-images/joomla_3_6_stable_release.png" />
<meta name="twitter:description" content="Release announcement for the Joomla! 3.6 Stable Release" />
<meta name="twitter:title" content="Joomla! 3.6 is Here" />
<meta name="author" content="George Wilson" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="blue" />
<meta name="twitter:card" content="summary_large_image" />
<meta name="twitter:site" content="@joomla" />
<meta name="referrer" content="unsafe-url" />
<meta property="og:image" content="https://www.joomla.org/images/release-images/joomla_3_6_stable_release.png" />
<meta property="og:image:width" content="869" />
<meta property="og:image:height" content="360" />
<meta property="og:image:type" content="image/png" />
<meta property="og:description" content="Release announcement for the Joomla! 3.6 Stable Release" />
<meta property="og:title" content="Joomla! 3.6 is Here" />
<meta property="og:type" content="article" />
<meta property="og:url" content="https://www.joomla.org/announcements/release-news/5664-joomla-3-6-is-here.html" />
<meta property="og:site_name" content="Joomla!" />
<meta name="description" content="Release announcement for the Joomla! 3.6 Stable Release" />
<meta name="generator" content="Joomla! - Open Source Content Management" />
<title>Joomla! 3.6 is Here</title>
<link href="https://fonts.googleapis.com/css?family=Open+Sans&display=swap" rel="preload" as="style" />
<link href="/templates/joomla/images/apple-touch-icon-180x180.png" rel="apple-touch-icon" sizes="180x180" />
<link href="/templates/joomla/images/apple-touch-icon-152x152.png" rel="apple-touch-icon" sizes="152x152" />
<link href="/templates/joomla/images/apple-touch-icon-144x144.png" rel="apple-touch-icon" sizes="144x144" />
<link href="/templates/joomla/images/apple-touch-icon-120x120.png" rel="apple-touch-icon" sizes="120x120" />
<link href="/templates/joomla/images/apple-touch-icon-114x114.png" rel="apple-touch-icon" sizes="114x114" />
<link href="/templates/joomla/images/apple-touch-icon-76x76.png" rel="apple-touch-icon" sizes="76x76" />
<link href="/templates/joomla/images/apple-touch-icon-72x72.png" rel="apple-touch-icon" sizes="72x72" />
<link href="/templates/joomla/images/apple-touch-icon-57x57.png" rel="apple-touch-icon" sizes="57x57" />
<link href="/templates/joomla/images/apple-touch-icon.png" rel="apple-touch-icon" />
<link href="/templates/joomla/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
<link href="/media/joomlarrssb/css/rrssb.css?0db2c2d6c34c3d706a1fa394b9700322" rel="stylesheet" />
<link href="/media/joomlarrssb/css/joomla.css?0db2c2d6c34c3d706a1fa394b9700322" rel="stylesheet" />
<link href="/plugins/system/jce/css/content.css?badb4208be409b1335b815dde676300e" rel="stylesheet" />
<link href="https://cdn.joomla.org/template/css/template_3.1.0.min.css" rel="stylesheet" />
<link href="/templates/joomla/css/custom.css?0db2c2d6c34c3d706a1fa394b9700322" rel="stylesheet" />
<link href="/media/jui/css/chosen.css?0db2c2d6c34c3d706a1fa394b9700322" rel="stylesheet" />
<link href="/media/com_finder/css/finder.css?0db2c2d6c34c3d706a1fa394b9700322" rel="stylesheet" />
<style>
</style>
<script type="application/json" class="joomla-script-options new">{"csrf.token":"f2d95e5227f1f681740c953087625476","system.paths":{"root":"","base":""}}</script>
<script src="/media/jui/js/jquery.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/jui/js/jquery-noconflict.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/jui/js/jquery-migrate.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/joomlarrssb/js/rrssb.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/system/js/caption.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/jui/js/bootstrap.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/system/js/core.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/templates/joomla/js/template.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/templates/joomla/js/blockadblock.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/templates/joomla/js/js.cookie.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<!--[if lt IE 9]><script src="/media/jui/js/html5.js?0db2c2d6c34c3d706a1fa394b9700322"></script><![endif]-->
<script src="/media/jui/js/chosen.jquery.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script src="/media/jui/js/jquery.autocomplete.min.js?0db2c2d6c34c3d706a1fa394b9700322"></script>
<script>
jQuery(window).on('load', function() {
new JCaption('img.caption');
});
jQuery(function ($) {
initChosen();
$("body").on("subform-row-add", initChosen);
function initChosen(event, container)
{
container = container || document;
$(container).find(".advancedSelect").chosen({"disable_search_threshold":10,"search_contains":true,"allow_single_deselect":true,"placeholder_text_multiple":"Type or select some options","placeholder_text_single":"Select an option","no_results_text":"No results match"});
}
});
jQuery(function($){ initTooltips(); $("body").on("subform-row-add", initTooltips); function initTooltips (event, container) { container = container || document;$(container).find(".hasTooltip").tooltip({"html": true,"container": "body"});} });
jQuery(document).ready(function() {
var value, searchword = jQuery('#mod-finder-searchword315');
// Get the current value.
value = searchword.val();
// If the current value equals the default value, clear it.
searchword.on('focus', function ()
{
var el = jQuery(this);
if (el.val() === 'Search ...')
{
el.val('');
}
});
// If the current value is empty, set the previous value.
searchword.on('blur', function ()
{
var el = jQuery(this);
if (!el.val())
{
el.val(value);
}
});
jQuery('#mod-finder-searchform315').on('submit', function (e)
{
e.stopPropagation();
var advanced = jQuery('#mod-finder-advanced315');
// Disable select boxes with no value selected.
if (advanced.length)
{
advanced.find('select').each(function (index, el)
{
var el = jQuery(el);
if (!el.val())
{
el.attr('disabled', 'disabled');
}
});
}
});
var suggest = jQuery('#mod-finder-searchword315').autocomplete({
serviceUrl: '/component/finder/?task=suggestions.suggest&amp;format=json&amp;tmpl=component',
paramName: 'q',
minChars: 1,
maxHeight: 400,
width: 300,
zIndex: 9999,
deferRequestBy: 500
});});
</script>
</head>
<body class="site com_content view-article layout-blog task-display itemid-156 fluid">
<!-- Google Tag Manager -->
<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-WWC8WL" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-WWC8WL');</script>
<!-- End Google Tag Manager -->
<!-- Top Nav -->
<nav class="navigation" role="navigation">
<div id="mega-menu" class="navbar navbar-inverse navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<div class="nav-collapse collapse">
<ul id="nav-joomla" class="nav">
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<span dir="ltr"><span aria-hidden="true" class="icon-joomla"></span> Joomla!<sup>&reg;</sup></span> <span class="caret"></span>
</a>
<ul class="dropdown-menu">
<li class="nav-header"><span>About us</span></li>
<li>
<a href="https://www.joomla.org">
<span aria-hidden="true" class="icon-joomla"></span> Joomla Home
</a>
</li>
<li><a href="https://www.joomla.org/about-joomla.html">What is Joomla?</a></li>
<li><a href="https://www.joomla.org/core-features.html">Benefits &amp; Features</a></li>
<li><a href="https://www.joomla.org/about-joomla/the-project.html">Project &amp; Leadership</a></li>
<li><a href="https://tm.joomla.org">Trademark &amp; Licensing</a></li>
<li><a href="https://joomlafoundation.org">The Joomla Foundation</a></li>
<li class="divider"></li>
<li class="nav-header"><span>Support us</span></li>
<li><a href="https://www.joomla.org/contribute-to-joomla.html">Contribute</a></li>
<li><a href="https://www.joomla.org/sponsor.html">Sponsor</a></li>
<li><a href="https://www.joomla.org/about-joomla/partners.html">Partner</a></li>
<li><a href="https://shop.joomla.org">Shop</a></li>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Download &amp; Extend <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="https://downloads.joomla.org">Downloads</a></li>
<li><a href="https://extensions.joomla.org">Extensions</a></li>
<li><a href="https://downloads.joomla.org/language-packs">Languages</a></li>
<li><a href="https://launch.joomla.org">Get a free site</a></li>
<li><a href="https://domains.joomla.org">Get a domain</a></li>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Discover &amp; Learn <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="https://docs.joomla.org">Documentation</a></li>
<li><a href="https://community.joomla.org/joomla-training.html">Training</a></li>
<li><a href="https://certification.joomla.org">Certification</a></li>
<li><a href="https://showcase.joomla.org">Site Showcase</a></li>
<li><a href="https://www.joomla.org/announcements.html">Announcements</a></li>
<li><a href="https://community.joomla.org/blogs.html">Blogs</a></li>
<li><a href="https://magazine.joomla.org">Magazine</a></li>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Community &amp; Support <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="https://community.joomla.org">Community Portal</a></li>
<li><a href="https://community.joomla.org/events.html">Events</a></li>
<li><a href="https://community.joomla.org/user-groups.html">User Groups</a></li>
<li><a href="https://forum.joomla.org">Forum</a></li>
<li><a href="https://community.joomla.org/service-providers-directory.html">Service Providers Directory</a></li>
<li><a href="https://volunteers.joomla.org">Volunteers Portal</a></li>
<li><a href="https://extensions.joomla.org/vulnerable-extensions/vulnerable/">Vulnerable Extensions List</a></li>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Developer Resources <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="https://developer.joomla.org">Developer Network</a></li>
<li><a href="https://developer.joomla.org/security.html">Security Centre</a></li>
<li><a href="https://issues.joomla.org">Issue Tracker</a></li>
<li><a href="https://github.com/joomla">GitHub</a></li>
<li><a href="https://api.joomla.org">API Documentation</a></li>
<li><a href="https://framework.joomla.org"><span dir="ltr">Joomla!</span> Framework</a></li>
</ul>
</li>
</ul>
<div id="nav-search" class="navbar-search pull-right">
<div class="finder">
<form id="mod-finder-searchform315" action="/search.html" method="get" class="form-search" role="search">
<label for="mod-finder-searchword315" class="element-invisible finder">Search</label><input type="text" name="q" id="mod-finder-searchword315" class="search-query input-medium" size="25" value="" placeholder="Search ..."/>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</nav>
<!-- Header -->
<header class="header">
<div class="container-fluid">
<div class="row-fluid">
<div class="span7">
<h1 class="page-title">
<a href="/"><img alt="Joomla CMS" width="40" height="40" src="https://cdn.joomla.org/images/Joomla_logo.png">Joomla!</a>
</h1>
</div>
<div class="span5">
<div class="btn-toolbar row-fluid">
<div class="span6">
<a href="https://downloads.joomla.org/" class="btn btn-block btn-large btn-warning">Download</a>
</div>
<div class="span6">
<a href="https://launch.joomla.org" class="btn btn-block btn-large btn-primary">Launch <span aria-hidden="true" class="icon-rocket"></span></a>
</div>
</div>
</div>
</div>
</div>
</header>
<nav class="subnav-wrapper">
<div class="subnav">
<div class="container-fluid">
<ul class="nav menu nav-pills mod-list">
<li class="item-122 default"><a href="/" >Home</a></li><li class="item-153 parent"><a href="/about-joomla.html" >About Joomla!</a></li><li class="item-195"><a href="/core-features.html" >Benefits &amp; Features</a></li><li class="item-466"><a href="https://www.joomla.org/4/en/" >Joomla! 4</a></li><li class="item-154 active parent"><a href="/announcements.html" >News</a></li><li class="item-348"><a href="/contribute-to-joomla.html" >Contribute</a></li><li class="item-220"><a href="/media-contact.html" >Press Enquiries</a></li></ul>
</div>
</div>
</nav>
<!-- Body -->
<div class="body">
<div class="container-fluid">
<div class="row-fluid">
<main id="content" class="span9">
<!-- Begin Content -->
<div id="system-message-container">
</div>
<div class="item-page" itemscope itemtype="https://schema.org/Article">
<meta itemprop="inLanguage" content="en-GB" />
<div class="page-header">
<h1> Release News </h1>
</div>
<div class="page-header">
<h2 itemprop="headline">
Joomla! 3.6 is Here </h2>
</div>
<dl class="article-info muted">
<dt class="article-info-term">
Details </dt>
<dd class="create">
<span class="icon-calendar" aria-hidden="true"></span>
<time datetime="2016-07-12T16:00:00+00:00" itemprop="dateCreated">
Created: 12 July 2016 </time>
</dd>
</dl>
<div itemprop="articleBody">
<div class="share-container">
<ul class="rrssb-buttons clearfix">
<li class="rrssb-facebook">
<a href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fjoom.la%2F36released" class="popup">
<span class="rrssb-icon">
<svg xmlns="http://www.w3.org/2000/svg" preserveAspectRatio="xMidYMid" width="29" height="29" viewBox="0 0 29 29">
<path d="M26.4 0H2.6C1.714 0 0 1.715 0 2.6v23.8c0 .884 1.715 2.6 2.6 2.6h12.393V17.988h-3.996v-3.98h3.997v-3.062c0-3.746 2.835-5.97 6.177-5.97 1.6 0 2.444.173 2.845.226v3.792H21.18c-1.817 0-2.156.9-2.156 2.168v2.847h5.045l-.66 3.978h-4.386V29H26.4c.884 0 2.6-1.716 2.6-2.6V2.6c0-.885-1.716-2.6-2.6-2.6z" class="cls-2" fill-rule="evenodd" />
</svg>
</span>
<span class="rrssb-text">facebook</span>
</a>
</li>
<li class="rrssb-twitter">
<a href="https://twitter.com/intent/tweet?text=Joomla%21+3.6+is+Here%3A+https%3A%2F%2Fjoom.la%2F36released" class="popup">
<span class="rrssb-icon">
<svg xmlns="http://www.w3.org/2000/svg" width="28" height="28" viewBox="0 0 28 28">
<path d="M24.253 8.756C24.69 17.08 18.297 24.182 9.97 24.62c-3.122.162-6.22-.646-8.86-2.32 2.702.18 5.375-.648 7.507-2.32-2.072-.248-3.818-1.662-4.49-3.64.802.13 1.62.077 2.4-.154-2.482-.466-4.312-2.586-4.412-5.11.688.276 1.426.408 2.168.387-2.135-1.65-2.73-4.62-1.394-6.965C5.574 7.816 9.54 9.84 13.802 10.07c-.842-2.738.694-5.64 3.434-6.48 2.018-.624 4.212.043 5.546 1.682 1.186-.213 2.318-.662 3.33-1.317-.386 1.256-1.248 2.312-2.4 2.942 1.048-.106 2.07-.394 3.02-.85-.458 1.182-1.343 2.15-2.48 2.71z" />
</svg>
</span>
<span class="rrssb-text">twitter</span>
</a>
</li>
<li class="rrssb-linkedin">
<a href="https://www.linkedin.com/shareArticle?mini=true&amp;url=https%3A%2F%2Fjoom.la%2F36released&amp;title=Joomla%21+3.6+is+Here&amp;summary=The+Joomla%21+Project+and+the+Production+Leadership..." class="popup">
<span class="rrssb-icon">
<svg xmlns="http://www.w3.org/2000/svg" width="28" height="28" viewBox="0 0 28 28">
<path d="M25.424 15.887v8.447h-4.896v-7.882c0-1.98-.71-3.33-2.48-3.33-1.354 0-2.158.91-2.514 1.802-.13.315-.162.753-.162 1.194v8.216h-4.9s.067-13.35 0-14.73h4.9v2.087c-.01.017-.023.033-.033.05h.032v-.05c.65-1.002 1.812-2.435 4.414-2.435 3.222 0 5.638 2.106 5.638 6.632zM5.348 2.5c-1.676 0-2.772 1.093-2.772 2.54 0 1.42 1.066 2.538 2.717 2.546h.032c1.71 0 2.77-1.132 2.77-2.546C8.056 3.593 7.02 2.5 5.344 2.5h.005zm-2.48 21.834h4.896V9.604H2.867v14.73z" />
</svg>
</span>
<span class="rrssb-text">linkedin</span>
</a>
</li>
<li class="rrssb-pinterest">
<a href="https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fjoom.la%2F36released&amp;media=https%3A%2F%2Fwww.joomla.org%2Fimages%2Frelease-images%2Fjoomla_3_6_stable_release.png&amp;description=Joomla%21+3.6+is+Here">
<span class="rrssb-icon">
<svg xmlns="http://www.w3.org/2000/svg" width="28" height="28" viewBox="0 0 28 28">
<path d="M14.02 1.57c-7.06 0-12.784 5.723-12.784 12.785S6.96 27.14 14.02 27.14c7.062 0 12.786-5.725 12.786-12.785 0-7.06-5.724-12.785-12.785-12.785zm1.24 17.085c-1.16-.09-1.648-.666-2.558-1.22-.5 2.627-1.113 5.146-2.925 6.46-.56-3.972.822-6.952 1.462-10.117-1.094-1.84.13-5.545 2.437-4.632 2.837 1.123-2.458 6.842 1.1 7.557 3.71.744 5.226-6.44 2.924-8.775-3.324-3.374-9.677-.077-8.896 4.754.19 1.178 1.408 1.538.49 3.168-2.13-.472-2.764-2.15-2.683-4.388.132-3.662 3.292-6.227 6.46-6.582 4.008-.448 7.772 1.474 8.29 5.24.58 4.254-1.815 8.864-6.1 8.532v.003z" />
</svg>
</span>
<span class="rrssb-text">pinterest</span>
</a>
</li>
</ul>
</div>
<figure class="center"><img src="/images/release-images/joomla_3_6_stable_release.png" alt="joomla 3 6 stable release" width="869" height="360" /></figure>
<p class="lead">The Joomla! Project and the Production Leadership Team are proud to announce the release of <a href="/3/" title="Joomla! 3.6">Joomla! 3.6</a> as the latest in the 3.x series. <br />Joomla! 3.6 introduces more than 400 improvements, including many features which make administration of Joomla! Web sites easier and more feature-rich, as well as many UX (user experience) improvements.</p>
<p>Joomla! 3 is the latest major release of the Joomla! CMS, with 3.6 the seventh standard-term support release in this series. Please note that going from 3.5 to 3.6 is a one-click update and is not a migration. The same is true for any subsequent versions in the 3 series of the CMS.</p>
<h2>What's new in Joomla! 3.6</h2>
<p>Here are some highlights of the 3.6 release:</p>
<ul>
<li><strong>Joomla! Update</strong> has been improved and now allows you to reinstall Joomla&rsquo;s core files at the click of a button, overwriting any modified file(s) and reverting them back to the default.</li>
<li>Joomla! 3.6 contains a lot of <strong>UX improvements</strong>. Now you can find your modules faster, have tasks done by dropdown, improved user management and so much more...</li>
<li>With the <strong>new Sub Form Field function</strong> in Joomla! 3.6, we added some extra additional functionality next to Repeatable fields. Now you can nest XML forms inside each other or reuse your existing forms inside your current form.</li>
<li><strong>Create categories on the fly</strong>: It can get frustrating when you create a new item, and you realise that you haven&rsquo;t created a category yet. Joomla! 3.6 now lets you create a category on the fly for articles, contacts, newsfeeds and banners.</li>
<li><strong>Menu type ACL</strong>: ACL in the backend did not exist at the menu level, now we have improved that. Give or block certain user groups access to a specific menu, and therefore also all menu items of that menu.</li>
<li><strong>See what's in your menus with All Menu Items</strong>: The new option to show all items from all menus gives you a quick overview of what is displayed where on your website. It has never been easier to spot duplicated links, missing menu items or just get an overview of every menu on your site.</li>
<li>And much more... To have a full list of the 3.6 features, please visit our <a href="https://github.com/joomla/joomla-cms/issues?q=milestone%3A%22Joomla+3.6.0%22+" target="_blank" title="Joomla repository on Github" rel="noopener noreferrer">GitHub Repository.</a></li>
</ul>
<h2>Download</h2>
<div class="download center">
<h3>New Installations:</h3>
<a class="btn btn-primary btn-lg active" href="https://downloads.joomla.org/cms/joomla3/3-6-0/joomla_3-6-0-stable-full_package-zip?format=zip" rel="alternate">Download Joomla! 3.6.0<br /> English (UK), 3.6.0 Full Package</a>
<p><a href="https://docs.joomla.org/J3.x:Installing_Joomla">New installation instructions</a> and <a href="https://downloads.joomla.org/technical-requirements">technical requirements</a></p>
</div>
<div class="download center">
<h3>Upgrade Packages:</h3>
<a class="btn btn-success btn-lg active" href="https://downloads.joomla.org/cms/joomla3/3-6-0" rel="alternate">Upgrade Packages<br />Joomla! 3 upgrade packages</a>
<p>Note: Please read the <a href="https://docs.joomla.org/J3.x:Updating_from_an_existing_version">update instructions</a> before updating.</p>
<p>Please remember to clear your browser's cache after upgrading.<br />If you find a bug in Joomla! Please report it on the<a target="_blank" href="https://issues.joomla.org" taarget="_blank" title="Joomla! Issue Tracker" rel="noopener noreferrer"> Joomla! Issue Tracker</a>.</p>
</div>
<h2>How can you help Joomla! development?</h2>
<p>The Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla! community. You can learn more about Joomla! development at the <a href="https://developer.joomla.org/" target="_blank" title="" joolma="" developer="" network="" rel="noopener noreferrer"> Joomla! Developer Network.</a></p>
<p>There are a variety of ways in which you can get actively involved with Joomla. It doesn't matter if you are a coder, an integrator, or merely a user of Joomla. You can contact anyone on the <a href="https://volunteers.joomla.org/departments/production">Production Department</a>, to get more information, or if you are ready you can jump right into the Joomla! Bug Squad.</p>
<p>The <a href="https://docs.joomla.org/Portal:Bug_Squad">Joomla! Bug Squad</a> is one of the most active teams in the Joomla! development process and is always looking for people (not just developers) that can help with sorting bug reports, coding patches and testing solutions. It&rsquo;s a great way for increasing your working knowledge of Joomla, and also a great way to meet new people from all around the world.</p>
<p>If you are interested, please read about us on the Joomla! Documentation Wiki and, if you wish to join, email <span id="cloak4d49b57f1fdfb11a6566fd099613aa2e">This email address is being protected from spambots. You need JavaScript enabled to view it.</span><script type='text/javascript'>
document.getElementById('cloak4d49b57f1fdfb11a6566fd099613aa2e').innerHTML = '';
var prefix = '&#109;a' + 'i&#108;' + '&#116;o';
var path = 'hr' + 'ef' + '=';
var addy4d49b57f1fdfb11a6566fd099613aa2e = 'b&#117;gsq&#117;&#97;d' + '&#64;';
addy4d49b57f1fdfb11a6566fd099613aa2e = addy4d49b57f1fdfb11a6566fd099613aa2e + 'c&#111;mm&#117;n&#105;ty' + '&#46;' + 'j&#111;&#111;ml&#97;' + '&#46;' + '&#111;rg';
var addy_text4d49b57f1fdfb11a6566fd099613aa2e = 'Th&#101; B&#117;g Sq&#117;&#97;d C&#111;&#111;rd&#105;n&#97;t&#111;r';document.getElementById('cloak4d49b57f1fdfb11a6566fd099613aa2e').innerHTML += '<a ' + path + '\'' + prefix + ':' + addy4d49b57f1fdfb11a6566fd099613aa2e + '\'>'+addy_text4d49b57f1fdfb11a6566fd099613aa2e+'<\/a>';
</script>.</p>
<p>You can also help Joomla! development by thanking those involved in the many areas of the process. Since Joomla! 3.5.1, released on April 5th, 2016, no less than 1,659 commits have been made and 755 bugs fixed!</p>
<p>The Project also wants to thank all of the contributors who have taken the time to prepare and submit work to be included in the Joomla! CMS and Framework.</p>
<h2>A Huge Thank You to Our Volunteers!</h2>
<p>A big thank you goes out to everyone that contributed to the Joomla! 3.6 release! Find a list of contributors on&nbsp;<a href="/3/thank-you" title="Thanks to the volunteers">https://www.joomla.org/3/thank-you</a></p>
<h2>Spread the Joomla! Love</h2>
<p>Are you looking for the official imagery for your blogpost, a banner on your site or an image to share on social media? You can find them all in many languages <a href="https://docs.joomla.org/J3.x:Joomla_3.6_Imagery" target="_blank" title="Joomla! 3.6 Imagery" rel="noopener noreferrer">here</a>.</p> </div>
</div>
<div aria-label="Breadcrumbs" role="navigation">
<ul itemscope itemtype="https://schema.org/BreadcrumbList" class="breadcrumb">
<li class="active">
<span class="divider icon-location"></span>
</li>
<li itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem">
<a itemprop="item" href="/" class="pathway"><span itemprop="name">Home</span></a>
<span class="divider">
&gt; </span>
<meta itemprop="position" content="1">
</li>
<li itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem">
<a itemprop="item" href="/announcements.html" class="pathway"><span itemprop="name">News</span></a>
<span class="divider">
&gt; </span>
<meta itemprop="position" content="2">
</li>
<li itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem">
<a itemprop="item" href="/announcements/release-news.html" class="pathway"><span itemprop="name">Release News</span></a>
<span class="divider">
&gt; </span>
<meta itemprop="position" content="3">
</li>
<li itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem" class="active">
<span itemprop="name">
Joomla! 3.6 is Here </span>
<meta itemprop="position" content="4">
</li>
</ul>
</div>
<!-- End Content -->
</main>
<aside class="span3">
<!-- Begin Right Sidebar -->
<div class="moduletable">
<h3>About Joomla!</h3>
<ul class="nav menu nav-stacked nav-tabs mod-list">
<li class="item-168"><a href="/about-joomla.html" >What is Joomla?</a></li><li class="item-169"><a href="/about-joomla/getting-started.html" >Getting Started</a></li><li class="item-170"><a href="/about-joomla/create-and-share.html" >Create and Share</a></li><li class="item-347"><a href="/contribute-to-joomla.html" >Get Involved</a></li><li class="item-174 deeper parent"><a href="/about-joomla/the-project.html" >About The Joomla! Project</a><ul class="nav-child unstyled small"><li class="item-194"><a href="/about-joomla/the-project/mission-vision-and-values.html" >Mission, Vision &amp; Values</a></li><li class="item-187"><a href="/about-joomla/the-project/code-of-conduct.html" >Code of Conduct</a></li><li class="item-175"><a href="https://volunteers.joomla.org/board-of-directors" target="_blank" rel="noopener noreferrer">Board of Directors</a></li><li class="item-178"><a href="/about-joomla/partners.html" >Partners</a></li><li class="item-757"><a href="/about-joomla/extension-partners.html" >Extension Partners</a></li><li class="item-602"><a href="/about-joomla/the-project/media-and-press-contact.html" >Media &amp; Press</a></li><li class="item-192"><a href="https://docs.joomla.org/Special:MyLanguage/Joomla:Brand_Identity_Elements" target="_blank" rel="noopener noreferrer">Conditional Use Logos</a></li></ul></li><li class="item-933"><a href="https://showcase.joomla.org/case-studies.html" >Joomla! Case Studies</a></li><li class="item-795"><a href="https://community.joomla.org/the-joomla-shop.html#!/" >Joomla! Shop</a></li><li class="item-232"><a href="https://docs.joomla.org/Special:MyLanguage/Joomla_info_page" target="_blank" rel="noopener noreferrer">Joomla! In Your Language</a></li><li class="item-229"><a href="/mailing-lists.html" >Joomla! Mailing Lists</a></li><li class="item-658"><a href="https://community.joomla.org/general-newsletter.html" >Joomla! Newsletter</a></li><li class="item-431"><a href="/rss-news-feeds.html" >Joomla! RSS News Feeds</a></li><li class="item-184"><a href="https://downloads.joomla.org/technical-requirements" >Technical Requirements</a></li></ul>
</div>
<div class="moduletable">
<h3>Contributing to Joomla!</h3>
<ul class="nav menu nav-stacked nav-tabs mod-list">
<li class="item-375"><a href="/sponsor.html" >Corporate Sponsorships</a></li><li class="item-269"><a href="/current-sponsors.html" >Corporate Sponsors</a></li><li class="item-794"><a href="https://community.joomla.org/sponsorship-campaigns.html" >Community Sponsorships</a></li><li class="item-355"><a href="https://volunteers.joomla.org/" >Volunteers Portal</a></li></ul>
</div>
<div class="custom center" >
<a href="https://community.joomla.org/general-newsletter.html" class="btn btn-primary btn-large">Subscribe to our Newsletters</a></div>
<div class="custom center" >
<a href="/3/" title="Joomla! 3.9"> <img src="/images/banners/joomla-39.png" alt="joomla 39" style="margin: 10px 0px;" width="300" height="250" /></a></div>
<div class="custom center" >
<a href="https://community.joomla.org/joomla-training.html" title="Joomla! training videos"> <img src="/images/banners/joomla-training.png" alt="joomla training" style="margin: 10px 0px;" width="300" height="250" /></a></div>
<!-- End Right Sidebar -->
</aside>
</div>
</div>
</div>
<!-- Footer -->
<footer class="footer center">
<div class="container-fluid">
<hr />
<div class="social">
<ul class="soc">
<li><a href="https://twitter.com/joomla" target="_blank" rel="noopener" class="icon-twitter2" title="Joomla! on Twitter"><span class="element-invisible">Joomla! on Twitter</span></a></li>
<li><a href="https://www.facebook.com/joomla" target="_blank" rel="noopener" class="icon-facebook2" title="Joomla! on Facebook"><span class="element-invisible">Joomla! on Facebook</span></a></li>
<li><a href="https://www.youtube.com/user/joomla" target="_blank" rel="noopener" class="icon-youtube3" title="Joomla! on YouTube"><span class="element-invisible">Joomla! on YouTube</span></a></li>
<li><a href="https://www.linkedin.com/company/joomla" target="_blank" rel="noopener" class="icon-linkedin" title="Joomla! on LinkedIn"><span class="element-invisible">Joomla! on LinkedIn</span></a></li>
<li><a href="https://www.pinterest.com/joomla" target="_blank" rel="noopener" class="icon-pinterest2" title="Joomla! on Pinterest"><span class="element-invisible">Joomla! on Pinterest</span></a></li>
<li><a href="https://www.instagram.com/joomlaofficial/" target="_blank" rel="noopener" class="icon-instagram" title="Joomla! on Instagram"><span class="element-invisible">Joomla! on Instagram</span></a></li>
<li><a href="https://github.com/joomla" target="_blank" rel="noopener" class="icon-github3" title="Joomla! on GitHub"><span class="element-invisible">Joomla! on GitHub</span></a></li>
</ul>
</div>
<div class="footer-menu">
<ul class="nav-inline">
<li><a href="https://www.joomla.org"><span>Home</span></a></li>
<li><a href="https://www.joomla.org/about-joomla.html"><span>About</span></a></li>
<li><a href="https://community.joomla.org"><span>Community</span></a></li>
<li><a href="https://forum.joomla.org"><span>Forum</span></a></li>
<li><a href="https://extensions.joomla.org"><span>Extensions</span></a></li>
<li><a href="https://community.joomla.org/service-providers-directory.html"><span>Services</span></a></li>
<li><a href="https://docs.joomla.org"><span>Docs</span></a></li>
<li><a href="https://developer.joomla.org"><span>Developer</span></a></li>
<li><a href="https://community.joomla.org/the-joomla-shop.html"><span>Shop</span></a></li>
</ul>
<ul class="nav-inline">
<li><a href="https://www.joomla.org/accessibility-statement.html">Accessibility Statement</a></li>
<li><a href="https://www.joomla.org/privacy-policy.html">Privacy Policy</a></li>
<li><a href="https://www.joomla.org/cookie-policy.html">Cookie Policy</a></li>
<li><a href="https://community.joomla.org/sponsorship-campaigns.html">Sponsor Joomla! with $5</a></li>
<li><a href="https://joomla.crowdin.com" target="_blank" rel="noopener">Help Translate</a></li>
<li><a href="https://github.com/joomla/joomla-websites/issues/new?title=[joomla.org]%20&body=Please%20describe%20the%20problem%20or%20your%20issue">Report an Issue</a></li>
<li><a href="/login.html">Log in</a></li>
</ul>
<p class="copyright">&copy; 2005 - 2023 <a href="https://opensourcematters.org">Open Source Matters, Inc.</a> All Rights Reserved.</p>
<div class="hosting">
<div class="hosting-image"><a href="https://www.rochen.com/joomla-hosting" rel="noopener" target="_blank"><img class="rochen" width="84" height="42" src="https://cdn.joomla.org/rochen/rochen_footer_logo_white.png" alt="Rochen" /></a></div>
<div class="hosting-text"><a href="https://www.rochen.com/joomla-hosting" rel="noopener" target="_blank"><span dir="ltr">Joomla!</span> Hosting by Rochen</a></div>
</div>
</div>
<div id="adblock-msg" class="navbar navbar-fixed-bottom hide">
<div class="navbar-inner">
<a class="close" data-dismiss="alert" href="#">&times;</a>
<i class="icon-warning"></i>
We have detected that you are using an ad blocker. The Joomla! Project relies on revenue from these advertisements so please consider disabling the ad blocker for this domain.
</div>
</div>
</div>
</footer>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993" integrity="sha512-0ahDYl866UMhKuYcW078ScMalXqtFJggm7TmlUtp0UlD4eQk0Ixfnm5ykXKvGJNFjLMoortdseTfsRT8oCfgGA==" data-cf-beacon='{"rayId":"787114338eb4bac3","token":"86c8a2bdf49d4d83863be2c50451bf55","version":"2022.11.3","si":100}' crossorigin="anonymous"></script>
</body>
</html>

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1,656 +0,0 @@
<!DOCTYPE html>
<html
dir="ltr"
lang="en-US">
<head>
<meta name="generator" content="Hugo 0.89.1" />
<meta charset="utf-8">
<meta name="viewport" content="width=device-width initial-scale=1" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title> Let&#39;s Encrypt</title>
<meta name="description" content=" Let&#39;s Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). ">
<meta name="twitter:card" content="summary">
<meta name="twitter:site" content="@letsencrypt">
<meta name="twitter:title" content="Let&#39;s Encrypt">
<meta name="twitter:url" content="https://letsencrypt.org/">
<meta name="twitter:description" content=" Let&#39;s Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). ">
<meta name="twitter:image:src" content="https://letsencrypt.org/images/le-logo-twitter-noalpha.png">
<meta name="og:image" content="https://letsencrypt.org/images/LetsEncrypt-SocialShare.png">
<link rel="stylesheet" href="/css/main.min.c1497c55f96dc8afb77a729488f89595895ead42a540f521f6a024d8aa6b4effed3b4cacaf2f90c8d0ed381a73a2efd37b6218d19d81f134cb98b09a6888a40b.css" integrity="sha512-wUl8VfltyK&#43;3enKUiPiVlYlerUKlQPUh9qAk2KprTv/tO0ysry&#43;QyNDtOBpzou/Te2IY0Z2B8TTLmLCaaIikCw==">
<link rel="stylesheet" href="/fontawesome-free-5.12.1-web/css/all.min.css" />
<link rel="canonical" href="/">
<link rel="alternate" href="/feed.xml" type="application/rss+xml" title="Let&#39;s Encrypt Blog Feed" />
</head>
<body>
<header class="site-header">
<a id="skiplink" href="#main-content">Skip navigation links</a>
<div class="wrapper">
<a class="site-title" href="/"><img src="/images/letsencrypt-logo-horizontal.svg" alt="Let's Encrypt"></a>
<span id="menuIcon">
<i class="fas fa-bars"></i>
</span>
<nav class="site-nav" id="menu">
<div class="pure-menu pure-menu-horizontal custom-can-transform">
<ul class="pure-menu-list">
<li class="pure-menu-item">
<a href="/docs/" class="pure-menu-link" tabindex="0">Documentation</a>
</li>
<li class="pure-menu-item">
<a href="https://community.letsencrypt.org/" class="pure-menu-link" tabindex="0">Get Help</a>
</li>
<li class="pure-menu-item pure-menu-has-children">
<a href="#" class="pure-menu-link" tabindex="0">Donate</a>
<ul class="pure-menu-children">
<li class="pure-menu-item">
<a href="/donate/" class="pure-menu-link">Make a Donation</a>
</li>
<li class="pure-menu-item">
<a href="https://www.abetterinternet.org/sponsor/" class="pure-menu-link">Become a Sponsor</a>
</li>
<li class="pure-menu-item">
<a href="/sponsors/" class="pure-menu-link">Current Sponsors and Funders</a>
</li>
<li class="pure-menu-item">
<a href="/getinvolved/" class="pure-menu-link">Get Involved</a>
</li>
</ul>
</li>
<li class="pure-menu-item pure-menu-has-children">
<a href="#" class="pure-menu-link" tabindex="0">About Us</a>
<ul class="pure-menu-children">
<li class="pure-menu-item">
<a href="/about/" class="pure-menu-link">Let&#39;s Encrypt</a>
</li>
<li class="pure-menu-item">
<a href="https://www.abetterinternet.org/about/" class="pure-menu-link">Internet Security Research Group (ISRG)</a>
</li>
<li class="pure-menu-item">
<a href="/docs/dst-root-ca-x3-expiration-september-2021/" class="pure-menu-link">DST Root CA X3 Expiration (September 2021)</a>
</li>
<li class="pure-menu-item">
<a href="/docs/faq/" class="pure-menu-link">Frequently Asked Questions (FAQ)</a>
</li>
<li class="pure-menu-item">
<a href="/repository/" class="pure-menu-link">Policy and Legal Repository</a>
</li>
<li class="pure-menu-item">
<a href="https://letsencrypt.status.io/" class="pure-menu-link">Service Status</a>
</li>
<li class="pure-menu-item">
<a href="/stats/" class="pure-menu-link">Statistics</a>
</li>
<li class="pure-menu-item">
<a href="https://www.abetterinternet.org/careers/" class="pure-menu-link">Careers</a>
</li>
<li class="pure-menu-item">
<a href="/contact/" class="pure-menu-link">Contact</a>
</li>
<li class="pure-menu-item">
<a href="/blog/" class="pure-menu-link">Blog</a>
</li>
</ul>
</li>
<li class="pure-menu-item pure-menu-has-children">
<a href="#" class="pure-menu-link" tabindex="0">Languages <img src="/images/language-icon128px-black.png" class="inline-icon" alt="" aria-hidden="true"></a>
<ul class="pure-menu-children menu-for-languages">
<li class="pure-menu-item">
<a href="/" lang="en-US" hreflang="en-US" class="pure-menu-link">✓ English</a>
</li>
<li class="pure-menu-item">
<a href="/da/" lang="da" hreflang="da" class="pure-menu-link">Dansk</a>
</li>
<li class="pure-menu-item">
<a href="/de/" lang="de-DE" hreflang="de-DE" class="pure-menu-link">Deutsch</a>
</li>
<li class="pure-menu-item">
<a href="/es/" lang="es-US" hreflang="es-US" class="pure-menu-link">Español</a>
</li>
<li class="pure-menu-item">
<a href="/fi/" lang="fi" hreflang="fi" class="pure-menu-link">Suomi</a>
</li>
<li class="pure-menu-item">
<a href="/fr/" lang="fr-FR" hreflang="fr-FR" class="pure-menu-link">Français</a>
</li>
<li class="pure-menu-item">
<a href="/he/" lang="he" hreflang="he" class="pure-menu-link">עברית</a>
</li>
<li class="pure-menu-item">
<a href="/hu/" lang="hu" hreflang="hu" class="pure-menu-link">Hungarian</a>
</li>
<li class="pure-menu-item">
<a href="/id/" lang="id-ID" hreflang="id-ID" class="pure-menu-link">Bahasa Indonesia</a>
</li>
<li class="pure-menu-item">
<a href="/it/" lang="it-IT" hreflang="it-IT" class="pure-menu-link">Italiano</a>
</li>
<li class="pure-menu-item">
<a href="/ja/" lang="ja" hreflang="ja" class="pure-menu-link">日本語</a>
</li>
<li class="pure-menu-item">
<a href="/ko/" lang="ko-KR" hreflang="ko-KR" class="pure-menu-link">한국어</a>
</li>
<li class="pure-menu-item">
<a href="/pt-br/" lang="pt-BR" hreflang="pt-BR" class="pure-menu-link">Português do Brasil</a>
</li>
<li class="pure-menu-item">
<a href="/ru/" lang="ru-RU" hreflang="ru-RU" class="pure-menu-link">Русский</a>
</li>
<li class="pure-menu-item">
<a href="/si/" lang="si" hreflang="si" class="pure-menu-link">සිංහල</a>
</li>
<li class="pure-menu-item">
<a href="/sr/" lang="sr" hreflang="sr" class="pure-menu-link">Srpski</a>
</li>
<li class="pure-menu-item">
<a href="/sv/" lang="sv" hreflang="sv" class="pure-menu-link">Svenska</a>
</li>
<li class="pure-menu-item">
<a href="/uk/" lang="uk-UA" hreflang="uk-UA" class="pure-menu-link">Українська</a>
</li>
<li class="pure-menu-item">
<a href="/vi/" lang="vi-VN" hreflang="vi-VN" class="pure-menu-link">Tiếng Việt</a>
</li>
<li class="pure-menu-item">
<a href="/zh-cn/" lang="zh-Hans-CN" hreflang="zh-Hans-CN" class="pure-menu-link">简体中文</a>
</li>
<li class="pure-menu-item">
<a href="/zh-tw/" lang="zh-Hant-TW" hreflang="zh-Hant-TW" class="pure-menu-link">繁體中文</a>
</li>
</ul>
</li>
</ul>
</div>
</nav>
</div>
</header>
<div id="main-content"></div>
<div class="hero tall">
<div class="container">
<h1>A nonprofit Certificate Authority providing TLS certificates to <span>300 million</span> websites.</h1>
<h2>Read all about our nonprofit work this year in our <a href='https://abetterinternet.org/annual-reports/'>2022 Annual Report</a>.</h2>
<div class="buttons flex">
<div class="flex1 tar mr1m">
<a class="dib" href="/getting-started/">Get Started</a>
</div>
<div class="flex1 tal ml1m">
<a class="dib" href="https://www.abetterinternet.org/sponsor/">Sponsor</a>
</div>
</div>
</div>
</div>
<div class="page-content">
<div class="wrapper">
<div class="">
<div class="pure-g home">
<div class="pure-u-1 pure-u-md-1-2">
<div class="grid-container">
<h2 class="through-line"><a href="/blog/">From our blog</a></h2>
<ul class="post-list">
<li>
<span class="post-meta">Dec 15, 2022</span>
<h2>
<a class="post-link" href="/2022/12/15/ocspcaching.html" hreflang="en-US">Lets Encrypt improves how we manage OCSP responses</a>
</h2>
By deploying Redis, Lets Encrypt has improved our OCSP responses and increased reliability.
<p><a href="/2022/12/15/ocspcaching.html" hreflang="en-US">Read more</a></p>
</li>
<li>
<span class="post-meta">Dec 5, 2022</span>
<h2>
<a class="post-link" href="/2022/12/05/ed-letter-2022.html" hreflang="en-US">A Year-End Letter from our Executive Director</a>
</h2>
It&rsquo;s been an exciting year for ISRG and its projects: from Let&rsquo;s Encrypt issuing its three billionth certificate to Prossimo supporting the efforts to get Rust into the Linux kernel.
<p><a href="/2022/12/05/ed-letter-2022.html" hreflang="en-US">Read more</a></p>
</li>
<li>
<span class="post-meta">Sep 12, 2022</span>
<h2>
<a class="post-link" href="/2022/09/12/remembering-peter-eckersley.html" hreflang="en-US">Remembering Peter Eckersley</a>
</h2>
Peter Eckersley, a Lets Encrypt co-founder, passed away unexpectedly on September 2, 2022.
<p><a href="/2022/09/12/remembering-peter-eckersley.html" hreflang="en-US">Read more</a></p>
</li>
<li>
<span class="post-meta">Sep 7, 2022</span>
<h2>
<a class="post-link" href="/2022/09/07/new-life-for-crls.html" hreflang="en-US">A New Life for Certificate Revocation Lists</a>
</h2>
Let&rsquo;s Encrypt has developed new infrastructure to make CRLs a practical tool for our 200M active certs.
<p><a href="/2022/09/07/new-life-for-crls.html" hreflang="en-US">Read more</a></p>
</li>
<li>
<span class="post-meta">May 19, 2022</span>
<h2>
<a class="post-link" href="/2022/05/19/nurturing-ct-log-growth.html" hreflang="en-US">Nurturing Continued Growth of Our Oak CT Log</a>
</h2>
Only five organizations run a Certificate Transparency log, and the Lets Encrypt log is the only fully open source stack.
<p><a href="/2022/05/19/nurturing-ct-log-growth.html" hreflang="en-US">Read more</a></p>
</li>
</ul>
<p class="rss-subscribe">
<i class="fas fa-rss-square" aria-hidden="true"></i>
Subscribe <a href="/feed.xml">via RSS</a>
</p>
</div>
</div>
<div class="pure-u-1 pure-u-md-1-2">
<div class='grid-container'>
<h2 class="through-line"><a href="/sponsors/">Major Sponsors and Funders</a></h2>
<div class="text-center home_sponsors">
<a href="https://www.mozilla.org/" ><img src="/images/sponsors/small/mozilla-logo.png" alt="Mozilla" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.cisco.com/" ><img src="/images/sponsors/small/cisco-logo.png" alt="Cisco" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.eff.org/" ><img src="/images/sponsors/small/eff-logo.png" alt="Electronic Frontier Foundation" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.ovh.com/" ><img src="/images/sponsors/small/ovh-logo.png" alt="OVH" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.google.com/chrome/" rel="nofollow"><img src="/images/sponsors/small/chrome-logo.png" alt="Google Chrome" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.internetsociety.org/" ><img src="/images/sponsors/small/isoc-logo.png" alt="Internet Society" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.meta.com/" ><img src="/images/sponsors/small/meta-logo.png" alt="Meta" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://aws.amazon.com/" ><img src="/images/sponsors/small/aws-logo.png" alt="Amazon Web Services" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.identrust.com/" ><img src="/images/sponsors/small/identrust-logo.png" alt="IdenTrust" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.fordfound.org/" ><img src="/images/sponsors/small/ford-foundation-logo.png" alt="Ford Foundation" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.shopify.com/" ><img src="/images/sponsors/small/shopify-logo.png" alt="Shopify" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.sap.com/" ><img src="/images/sponsors/small/sap-logo.png" alt="SAP" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://automattic.com/" ><img src="/images/sponsors/small/automattic-logo.png" alt="Automattic" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.akamai.com/" ><img src="/images/sponsors/small/akamai-logo.png" alt="Akamai" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.cyon.ch/" ><img src="/images/sponsors/small/cyon-logo.png" alt="Cyon" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.infomaniak.ch/" ><img src="/images/sponsors/small/infomaniak-logo.png" alt="Infomaniak" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hostpoint.ch/" ><img src="/images/sponsors/small/hostpoint-logo.png" alt="HostPoint" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.siteground.com/" ><img src="/images/sponsors/small/siteground-logo.png" alt="SiteGround" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.vultr.com" ><img src="/images/sponsors/small/vultr-logo.png" alt="Vultr" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.planethoster.com/" ><img src="/images/sponsors/small/planethoster-logo.png" alt="Hébergement web" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.fastly.com/" ><img src="/images/sponsors/small/fastly-logo.png" alt="Fastly" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.3cx.com/" ><img src="/images/sponsors/small/3cx-logo.png" alt="3CX" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.squarespace.com/" ><img src="/images/sponsors/small/squarespace-logo.png" alt="Squarespace" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hawkhost.com/" ><img src="/images/sponsors/small/hawkhost-logo.png" alt="Hawk Host" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://thebestvpn.com/" ><img src="/images/sponsors/small/thebestvpn-logo.png" alt="The Best VPN" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.jimdo.com/" ><img src="/images/sponsors/small/jimdo-logo.png" alt="Jimdo" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.vtex.com/" ><img src="/images/sponsors/small/vtex-logo.png" alt="VTEX" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.digitalocean.com/" ><img src="/images/sponsors/small/digital-ocean-logo.png" alt="Digital Ocean" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.zendesk.com/" ><img src="/images/sponsors/small/zendesk-logo.png" alt="Zendesk" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.netlify.com/" ><img src="/images/sponsors/small/netlify-logo.png" alt="Netlify" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hostpapa.com/lets-encrypt-hosting?utm_source=letsencrypt.org&amp;utm_medium=referral&amp;utm_campaign=us-seo&amp;utm_term=web-hosting&amp;utm_content=180x108-logo" ><img src="/images/sponsors/small/hostpapa-logo.png" alt="HostPapa" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://pantheon.io/" ><img src="/images/sponsors/small/pantheon-logo.png" alt="Pantheon Website Management Platform" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://dnsimple.com/letsencrypt" ><img src="/images/sponsors/small/dnsimple-logo.png" alt="dnsimple" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://shiguredo.jp/" ><img src="/images/sponsors/small/shiguredo-v2-logo.svg" alt="Shiguredo" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.discourse.org/" ><img src="/images/sponsors/small/discourse-logo.png" alt="Discourse" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://driving-tests.org/" ><img src="/images/sponsors/small/driving-tests-logo.png" alt="driving-tests.org" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.sakura.ad.jp/" ><img src="/images/sponsors/small/sakura-logo.png" alt="Sakura Internet" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.duocircle.com/" ><img src="/images/sponsors/small/duocircle-logo.png" alt="DuoCircle" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://brave.com/" ><img src="/images/sponsors/small/brave-logo.png" alt="Brave" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://serverpilot.io/" ><img src="/images/sponsors/small/serverpilot-logo.png" alt="ServerPilot" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://domainname.shop/" ><img src="/images/sponsors/small/domainnameshop-logo.png" alt="DomainName.Shop" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://github.com/" ><img src="/images/sponsors/small/github-logo.png" alt="GitHub" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://unraid.net/" ><img src="/images/sponsors/small/unraid-logo.png" alt="Lime Technology (Unraid)" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://keenetic.com/" ><img src="/images/sponsors/small/keenetic-logo.png" alt="Keenetic" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.haproxy.com/" ><img src="/images/sponsors/small/haproxy-logo.png" alt="HAProxy" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.datto.com/" ><img src="/images/sponsors/small/datto-logo.png" alt="Datto" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://axiom.co/" ><img src="/images/sponsors/small/axiom-logo.png" alt="Axiom" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.mongodb.com/" ><img src="/images/sponsors/small/mongodb-logo.png" alt="MongoDB" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.ibm.com/" ><img src="/images/sponsors/small/ibm-logo.png" alt="IBM" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.livesport.eu/" ><img src="/images/sponsors/small/livesport-logo.png" alt="Livesport" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.clever-cloud.com/" ><img src="/images/sponsors/small/clevercloud-logo.png" alt="Clever Cloud" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://render.com/" ><img src="/images/sponsors/small/render-logo.png" alt="Render" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://ipinfo.io/" ><img src="/images/sponsors/small/ipinfo-logo.png" alt="IPInfo" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.greengeeks.com/" ><img src="/images/sponsors/small/greengeeks-logo.png" alt="GreenGeeks" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.redhat.com/" ><img src="/images/sponsors/small/redhat-logo.png" alt="RedHat" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.nabucasa.com/" ><img src="/images/sponsors/small/nabu-casa-logo.png" alt="Nabu Casa" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.wix.com/" ><img src="/images/sponsors/small/wix-logo.png" alt="Wix" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.heroku.com/" ><img src="/images/sponsors/small/heroku-logo.png" alt="Heroku" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://snipeitapp.com/" ><img src="/images/sponsors/small/snipe-it-logo.png" alt="Snipe-IT" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://smallstep.com/" ><img src="/images/sponsors/small/smallstep-logo.png" alt="Smallstep" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.wpbeginner.com/" ><img src="/images/sponsors/small/wpbeginner-logo.png" alt="WPBeginner" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hostscore.net/" ><img src="/images/sponsors/small/hostscore-logo.png" alt="HostScore" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hoststar.ch/" ><img src="/images/sponsors/small/hoststar-logo.png" alt="Hoststar" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.redacted.com/" ><img src="/images/sponsors/small/redacted-logo.png" alt="Redacted" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.vmware.com/" ><img src="/images/sponsors/small/vmware-logo.png" alt="VMWare" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.one.com/" ><img src="/images/sponsors/small/one-com-logo.png" alt="one.com" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://dan.com/" ><img src="/images/sponsors/small/dan-com-logo.png" alt="Dan.com" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.cloudera.com/" ><img src="/images/sponsors/small/cloudera-logo.png" alt="Cloudera" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.hackthebox.eu/" ><img src="/images/sponsors/small/hackthebox-logo.png" alt="Hack the Box" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://cargo.site/" ><img src="/images/sponsors/small/cargo-logo.png" alt="Cargo" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://manualsbrain.com/" ><img src="/images/sponsors/small/manualsbrain-logo.png" alt="ManualsBrain" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://rackspeed.de/" ><img src="/images/sponsors/small/rack-speed-logo.png" alt="RACK::SPEED" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.duda.co/" ><img src="/images/sponsors/small/duda-logo.png" alt="Duda" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.ads.com/" ><img src="/images/sponsors/small/ads-com-logo.png" alt="Ads.com" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.cdmon.com/es/" ><img src="/images/sponsors/small/cdmon-logo.png" alt="cdmon" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://goteleport.com/" ><img src="/images/sponsors/small/teleport-logo.png" alt="Teleport" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.nginx.com/" ><img src="/images/sponsors/small/nginx-logo.png" alt="NGINX" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://vilros.com/" ><img src="/images/sponsors/small/vilros-logo.png" alt="Vilros" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://actonfamilygiving.org/" ><img src="/images/sponsors/small/acton-family-giving-logo.png" alt="Acton Family Giving" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://plat.ai/" ><img src="/images/sponsors/small/plat-ai-logo.svg" alt="Plat.ai" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://cryptotracker.com/" ><img src="/images/sponsors/small/cryptotracker-logo.svg" alt="Crypto Tracker" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://tailscale.com/" ><img src="/images/sponsors/small/tailscale-logo.svg" alt="Tailscale" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://bitlaunch.io/" ><img src="/images/sponsors/small/bitlaunch-logo.svg" alt="BitLaunch" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://iban.com/" ><img src="/images/sponsors/small/iban-logo.png" alt="IBAN" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://yubico.com/" ><img src="/images/sponsors/small/yubico-logo.png" alt="Yubico" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.4kdownload.com/-1uvr6/video-downloader" ><img src="/images/sponsors/small/4kdownload-logo.png" alt="Video Downloader" width="80" height="48" class="sponsor-logo-small"></a>
<a href="https://www.vpsserver.com/" ><img src="/images/sponsors/small/VPSServer-logo.svg" alt="VPSServer.com" width="80" height="48" class="sponsor-logo-small"></a>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="donate-footer">
<div class="wrapper text-center">
<h2>Support a more secure and privacy-respecting Web.</h2>
<div class="buttons">
<a class="accent" href="/donate/">Donate</a>
</div>
</div>
</div>
<footer class="site-footer">
<div class="wrapper">
<div class="footer-col-wrapper">
<div class="footer-col footer-col-1">
<ul class="social-media-list">
<li>
<i class="fab fa-github" aria-hidden="true"></i>
<a href="https://github.com/letsencrypt">
<span class="username">GitHub</span>
</a>
</li>
<li>
<i class="fab fa-twitter" aria-hidden="true"></i>
<a href="https://twitter.com/letsencrypt">
<span class="username">Twitter</span>
</a>
</li>
</ul>
View our <a href="/privacy/">privacy policy</a>.<br>
View our <a href="https://www.abetterinternet.org/trademarks">trademark policy</a>.
</div>
<div class="footer-col footer-col-2">
<p> Let's Encrypt is a free, automated, and open certificate
authority brought to you by the nonprofit <a href="https://www.abetterinternet.org/">Internet Security Research Group (ISRG)</a>.
</p>
<p>
<span itemscope itemtype="http://schema.org/PostalAddress">
<span itemprop="streetAddress">548 Market St, PMB 77519</span>,
<span itemprop="addressLocality">San Francisco</span>,
<span itemprop="addressRegion">CA</span>
<span itemprop="postalCode">94104-5401</span>,
<span itemprop="addressCountry">USA</span>
</span>
</p>
<p>Send all mail or inquiries to:</p>
<p>
<span itemscope itemtype="http://schema.org/PostalAddress">
<span itemprop="streetAddress">PO Box 18666</span>,
<span itemprop="addressLocality">Minneapolis</span>,
<span itemprop="addressRegion">MN</span>
<span itemprop="postalCode">55418-0666</span>,
<span itemprop="addressCountry">USA</span>
</span>
</p>
</div>
</div>
</div>
</footer>
<script src="/js/main.9c0b9add2dc0db21de0f695103830dbde01e31d77fa9a2db9ac3c1b9e09e4806f2e0d9a7281b06461b2e162a3560c605b038169b42ff376b4cd28cc71203c8f0.js" integrity="sha512-nAua3S3A2yHeD2lRA4MNveAeMdd/qaLbmsPBueCeSAby4NmnKBsGRhsuFio1YMYFsDgWm0L/N2tM0ozHEgPI8A=="></script>
</body>
</html>

File diff suppressed because one or more lines are too long

View File

@ -1,201 +0,0 @@
<!doctype html>
<html>
<head>
<meta charset="utf-8" />
<title>badssl.com</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="shortcut icon" href="/icons/favicon-blue.ico"/>
<link rel="apple-touch-icon" href="/icons/icon-blue.png"/>
<link rel="stylesheet" href="index.css">
<link rel="stylesheet" href="github-ribbon.css">
<script src="index.js"></script>
<!-- fUnKy -->
<link rel="stylesheet" href="funky/funky.css">
<script src="funky/funky.js"></script>
</head>
<body>
<div class="title-bar" title="badssl.com - a memorable site for HTTPS misconfiguration">
badssl.com
</div>
<div id="links">
<div class="column">
<div class="group">
<h2 id="dashboard"><span class="emoji">🎛</span>Dashboard</h2>
<a href="/dashboard/" target="_blank" class="bullet-list"><span class="icon"></span>Dashboard</a>
</div>
<div class="group">
<h2 id="certificate"><span class="emoji">🎫</span>Certificate</h2>
<a href="https://expired.badssl.com/" class="bad"><span class="icon"></span>expired</a>
<a href="https://wrong.host.badssl.com/" class="bad"><span class="icon"></span>wrong.host</a>
<a href="https://self-signed.badssl.com/" class="bad"><span class="icon"></span>self-signed</a>
<a href="https://untrusted-root.badssl.com/" class="bad"><span class="icon"></span>untrusted-root</a>
<a href="https://revoked.badssl.com/" class="bad"><span class="icon"></span>revoked</a>
<a href="https://pinning-test.badssl.com/" class="bad"><span class="icon"></span>pinning-test</a>
<hr>
<a href="https://no-common-name.badssl.com/" class="dubious"><span class="icon"></span>no-common-name</a>
<a href="https://no-subject.badssl.com/" class="dubious"><span class="icon"></span>no-subject</a>
<a href="https://incomplete-chain.badssl.com/" class="dubious"><span class="icon"></span>incomplete-chain</a>
<hr>
<a href="https://sha256.badssl.com/" class="good"><span class="icon"></span>sha256</a>
<a href="https://sha384.badssl.com/" class="good"><span class="icon"></span>sha384</a>
<a href="https://sha512.badssl.com/" class="good"><span class="icon"></span>sha512</a>
<hr>
<a href="https://1000-sans.badssl.com/" class="good"><span class="icon"></span>1000-sans</a>
<a href="https://10000-sans.badssl.com/" class="good"><span class="icon"></span>10000-sans</a>
<hr>
<a href="https://ecc256.badssl.com/" class="good"><span class="icon"></span>ecc256</a>
<a href="https://ecc384.badssl.com/" class="good"><span class="icon"></span>ecc384</a>
<hr>
<a href="https://rsa2048.badssl.com/" class="good"><span class="icon"></span>rsa2048</a>
<a href="https://rsa4096.badssl.com/" class="good"><span class="icon"></span>rsa4096</a>
<a href="https://rsa8192.badssl.com/" class="dubious"><span class="icon"></span>rsa8192</a>
<hr>
<a href="https://extended-validation.badssl.com/" class="good"><span class="icon"></span>extended-validation</a>
</div>
<div class="group">
<h2 id="client-certificate"><span class="emoji">🎟</span>Client Certificate</h2>
<a href="/download/" target="_blank" class="bullet-list"><span class="icon"></span>Certificate Downloads</a>
<a href="https://client.badssl.com/" class="good"><span class="icon"></span>client</a>
<a href="https://client-cert-missing.badssl.com/" class="bad"><span class="icon"></span>client-cert-missing</a>
</div>
<div class="group">
<h2 id="mixed-content"><span class="emoji">🖼</span>Mixed Content</h2>
<a href="https://mixed-script.badssl.com/" class="bad"><span class="icon"></span>mixed-script</a>
<a href="https://very.badssl.com/" class="bad"><span class="icon"></span>very</a>
<hr>
<a href="https://mixed.badssl.com/" class="dubious"><span class="icon"></span>mixed</a>
<a href="https://mixed-favicon.badssl.com/" class="dubious"><span class="icon"></span>mixed-favicon</a>
<a href="https://mixed-form.badssl.com/" class="dubious"><span class="icon"></span>mixed-form</a>
</div>
<div class="group">
<h2 id="http"><span class="emoji">✏️</span>HTTP</h2>
<a href="http://http.badssl.com/" class="bad"><span class="icon"></span>http</a>
<a href="http://http-textarea.badssl.com/" class="bad"><span class="icon"></span>http-textarea</a>
<a href="http://http-password.badssl.com/" class="bad"><span class="icon"></span>http-password</a>
<a href="http://http-login.badssl.com/" class="bad"><span class="icon"></span>http-login</a>
<a href="http://http-dynamic-login.badssl.com/" class="bad"><span class="icon"></span>http-dynamic-login</a>
<a href="http://http-credit-card.badssl.com/" class="bad"><span class="icon"></span>http-credit-card</a>
</div>
<div class="group">
<h2 id="cipher-suite"><span class="emoji">🔀</span>Cipher Suite</h2>
<a href="https://cbc.badssl.com/" class="dubious"><span class="icon"></span>cbc</a>
<a href="https://rc4-md5.badssl.com/" class="bad"><span class="icon"></span>rc4-md5</a>
<a href="https://rc4.badssl.com/" class="bad"><span class="icon"></span>rc4</a>
<a href="https://3des.badssl.com/" class="bad"><span class="icon"></span>3des</a>
<a href="https://null.badssl.com/" class="bad"><span class="icon"></span>null</a>
<hr>
<a href="https://mozilla-old.badssl.com/" class="bad"><span class="icon"></span>mozilla-old</a>
<a href="https://mozilla-intermediate.badssl.com/" class="dubious"><span class="icon"></span>mozilla-intermediate</a>
<a href="https://mozilla-modern.badssl.com/" class="good"><span class="icon"></span>mozilla-modern</a>
</div>
</div><!-- class="column" -->
<div class="column">
<div class="group">
<h2 id="key-exchange"><span class="emoji">🔑</span>Key Exchange</h2>
<a href="https://dh480.badssl.com/" class="bad"><span class="icon"></span>dh480</a>
<a href="https://dh512.badssl.com/" class="bad"><span class="icon"></span>dh512</a>
<a href="https://dh1024.badssl.com/" class="bad"><span class="icon"></span>dh1024</a>
<a href="https://dh2048.badssl.com/" class="dubious"><span class="icon"></span>dh2048</a>
<hr>
<a href="https://dh-small-subgroup.badssl.com/" class="bad"><span class="icon"></span>dh-small-subgroup</a>
<a href="https://dh-composite.badssl.com/" class="bad"><span class="icon"></span>dh-composite</a>
<hr>
<a href="https://static-rsa.badssl.com/" class="dubious"><span class="icon"></span>static-rsa</a>
</div>
<div class="group">
<h2 id="protocol"><span class="emoji">↔️</span>Protocol</h2>
<a href="https://tls-v1-0.badssl.com:1010/" class="dubious"><span class="icon"></span>tls-v1-0</a>
<a href="https://tls-v1-1.badssl.com:1011/" class="dubious"><span class="icon"></span>tls-v1-1</a>
<a href="https://tls-v1-2.badssl.com:1012/" class="good"><span class="icon"></span>tls-v1-2</a>
</div>
<div class="group">
<h2 id="certificate-transparency"><span class="emoji">🔍</span>Certificate Transparency</h2>
<a href="https://no-sct.badssl.com/" class="bad"><span class="icon"></span>no-sct</a>
</div>
<div class="group">
<h2 id="upgrade"><span class="emoji">⬆️</span>Upgrade</h2>
<a href="https://hsts.badssl.com/" class="good"><span class="icon"></span>hsts</a>
<a href="https://upgrade.badssl.com/" class="good"><span class="icon"></span>upgrade</a>
<hr>
<a href="https://preloaded-hsts.badssl.com/" class="good"><span class="icon"></span>preloaded-hsts</a>
<a href="https://subdomain.preloaded-hsts.badssl.com/" class="bad"><span class="icon"></span>subdomain.preloaded-hsts</a>
<hr>
<a href="https://https-everywhere.badssl.com/" class="good"><span class="icon"></span>https-everywhere</a>
</div>
<div class="group">
<h2 id="ui"><span class="emoji">👀</span>UI</h2>
<a href="https://spoofed-favicon.badssl.com/" class="dubious"><span class="icon"></span>spoofed-favicon</a>
<a href="https://lock-title.badssl.com/" class="dubious"><span class="icon"></span>lock-title</a>
<hr>
<a href="https://long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com/" class="good"><span class="icon"></span>long-extended-subdomain-name-containing-many-letters-and-dashes</a>
<a href="https://longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com/" class="good"><span class="icon"></span>longextendedsubdomainnamewithoutdashesinordertotestwordwrapping</a>
</div>
<div class="group">
<h2 id="known-bad"><span class="emoji">❌</span>Known Bad</h2>
<a href="https://superfish.badssl.com/" class="bad"><span class="icon"></span>(Lenovo) Superfish</a>
<a href="https://edellroot.badssl.com/" class="bad"><span class="icon"></span>(Dell) eDellRoot</a>
<a href="https://dsdtestprovider.badssl.com/" class="bad"><span class="icon"></span>(Dell) DSD Test Provider</a>
<a href="https://preact-cli.badssl.com/" class="bad"><span class="icon"></span>preact-cli</a>
<a href="https://webpack-dev-server.badssl.com/" class="bad"><span class="icon"></span>webpack-dev-server</a>
</div>
<div class="group">
<h2 id="chrome"><span class="emoji"><img class="chrome-icon" src="front-page-icons/chrome.svg"></span>Chrome Tests</h2>
<a href="https://captive-portal.badssl.com/" class="bad"><span class="icon"></span>captive-portal</a>
<a href="https://mitm-software.badssl.com/" class="bad"><span class="icon"></span>mitm-software</a>
</div>
<div class="group">
<h2 id="defunct"><span class="emoji">☠️</span>Defunct</h2>
<a href="https://sha1-2016.badssl.com/" class="dubious"><span class="icon"></span>sha1-2016</a>
<a href="https://sha1-2017.badssl.com/" class="bad"><span class="icon"></span>sha1-2017</a>
<a href="https://sha1-intermediate.badssl.com/" class="bad"><span class="icon"></span>sha1-intermediate</a>
<a href="https://invalid-expected-sct.badssl.com/" class="bad"><span class="icon"></span>invalid-expected-sct</a>
</div>
<div class="group">
<h2 id="test-suites"><span class="emoji">🛠</span>Test Suites</h2>
<a href="https://testsafebrowsing.appspot.com/" target="_blank" class="external"><span class="icon"></span>Safe Browsing Tests</a>
<a href="https://www.ssllabs.com/ssltest/viewMyClient.html" target="_blank" class="external"><span class="icon"></span>SSL Labs Client Test</a>
</div>
<div id="preload" style="width: 0; height: 0;">
<!-- <link rel=preload> results in warnings in Chrome: https://crbug.com/661055 -->
<!-- Workaround: Load the images in bogus elements. -->
<script>
window.addEventListener("load", function() {
var parent = document.querySelector("#preload");
var names = ["bad-white","dubious-white","good-white","page-white","bullet-list-white","external-white"]
for (var i = 0; i < names.length; i++) {
var elem = document.createElement("span");
elem.style.backgroundImage = "url(front-page-icons/" + names[i] + ".svg)";
parent.appendChild(elem);
}
});
</script>
</div>
</div><!-- class="column" -->
</div><!-- id="links" -->
<h2 class="your-browser">Your Browser:
<div id="browser-info">
<span class="highlight">
<span id="ua"></span><br>
<span id="os"></span><br>
</span>
<span id="click-to-copy">📋 Click to copy</span>
</div>
</h2>
<!-- Start of GitHub ribbon. -->
<div class="github-fork-ribbon-wrapper right-top-bottom">
<div class="github-fork-ribbon">
<a href="https://github.com/chromium/badssl.com"><span class="icon"></span>On GitHub</a>
</div>
</div>
<!-- End of GitHub ribbon. -->
</body>
</html>

File diff suppressed because one or more lines are too long

View File

@ -1,882 +0,0 @@
<!doctype html>
<!--[if lt IE 7 ]> <html class="no-js lt-ie9 lt-ie8 lt-ie7" lang="de"> <![endif]-->
<!--[if IE 7 ]> <html class="no-js lt-ie9 lt-ie8" lang="de"> <![endif]-->
<!--[if IE 8 ]> <html class="no-js lt-ie9" lang="de"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="de"> <!--<![endif]-->
<head>
<meta charset="UTF-8">
<title>Man-in-the-Middle-Angriffe auf HTTPS | Dipl.-Inform. Carsten Eilers</title>
<meta name="generator" content="Serendipity v.2.1.3">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="index,follow">
<link rel="canonical" href="https://www.ceilers-news.de/serendipity/207-Man-in-the-Middle-Angriffe-auf-HTTPS.html">
<link rel="stylesheet" href="https://www.ceilers-news.de/serendipity/serendipity.css?v=1527294319">
<script src="/serendipity/templates/2k11-CE/js/modernizr-2.7.1.min.js"></script>
<link rel="alternate" type="application/rss+xml" title="Dipl.-Inform. Carsten Eilers RSS feed" href="https://www.ceilers-news.de/serendipity/feeds/index.rss2">
<link rel="alternate" type="application/x.atom+xml" title="Dipl.-Inform. Carsten Eilers Atom feed" href="https://www.ceilers-news.de/serendipity/feeds/atom.xml">
<link rel="pingback" href="https://www.ceilers-news.de/serendipity/comment.php?type=pingback&amp;entry_id=207">
<script src="/serendipity/templates/jquery.js"></script>
<script>jQuery.noConflict();</script>
<meta name="description" content="So funktionieren MitM-Angriffe auf HTTPS - mit und ohne &quot;MitM-Zertifikat&quot;" />
<meta name="keywords" content="HTTPS, SSL, MitM, Man-in-the-Middle" />
<link rel="start" href="https://www.ceilers-news.de/serendipity/" title="Dipl.-Inform. Carsten Eilers" />
<link rel="up" href="https://www.ceilers-news.de/serendipity/" title="Dipl.-Inform. Carsten Eilers" />
<link rel="canonical" href="https://www.ceilers-news.de/serendipity/207-Man-in-the-Middle-Angriffe-auf-HTTPS.html" />
<link rel="stylesheet" type="text/css" href="https://www.ceilers-news.de/serendipity/plugin/print.css" media="print" />
<script src="https://www.ceilers-news.de/serendipity/serendipity.js?v=1527294319"></script>
</head>
<body>
<a class="visuallyhidden" href="#content"><span lang="en">Skip to content</span></a>
<div id="page" class="clearfix">
<header id="banner" class="clearfix col2r">
<div id="identity">
<a href="https://www.ceilers-news.de/serendipity/">
<h1>Dipl.-Inform. Carsten Eilers</h1>
<p>Informationen rund um die IT-Sicherheit</p> </a>
</div>
<form id="searchform" action="/serendipity/index.php" method="get">
<div>
<input type="hidden" name="serendipity[action]" value="search">
<label for="serendipityQuickSearchTermField">Suche</label>
<input id="serendipityQuickSearchTermField" name="serendipity[searchTerm]" type="search" placeholder="Suchbegriff(e)" value="">
<input id="searchsend" name="serendipity[searchButton]" type="submit" value="Los!">
</div>
</form>
</header>
<nav id="primary-nav">
<h2 class="visuallyhidden">Navigation</h2>
<ul class="clearfix"><li><a href="/serendipity/pages/Grundlagen-Uebersicht.html">Grundlagen-Artikel</a></li><li><a href="/serendipity/pages/impressum.html">Impressum</a></li><li><a href="/serendipity/pages/datenschutz.html">Datenschutzerklärung</a></li></ul>
</nav>
<div class="clearfix col2r">
<main id="content" class="plain-images">
<article id="post_207" class="clearfix serendipity_entry">
<header class="clearfix">
<h2><a href="/serendipity/207-Man-in-the-Middle-Angriffe-auf-HTTPS.html">Man-in-the-Middle-Angriffe auf HTTPS</a></h2>
<span class="serendipity_byline block_level"><span class="single_user">Geschrieben von <a href="https://www.ceilers-news.de/serendipity/autor/1/Carsten-Eilers">Carsten Eilers</a> am </span><time datetime="2012-03-01T08:40:00+01:00">Donnerstag, 1. März 2012</time> um 08:40</span>
</header>
<div class="clearfix content serendipity_entry_body">
<p>
Die CA Trustwave hat ein Zertifikat
<a href="http://www.ceilers-news.de/serendipity/206-SSL-Die-CAs-saegen-am-eigenen-Ast.html" target="_blank">verkauft</a>,
dass Man-in-the-Middle-Angriffe erlaubt. Wie die funktionieren und warum
es so schlimm ist, wenn ein offizielles Zertifikat zum Einsatz kommt,
erfahren Sie hier.
</p>
<h2>HTTPS im Einsatz</h2>
</div>
<div id="extended" class="clearfix content">
<p>
Bevor wir zum Man-in-the-Middle-Angriff kommen, muss erst mal HTTPS
allgemein erkl&auml;rt werden. Das ist eigentlich ganz einfach: Wenn Sie
im Webbrowser durch den Aufruf eines https://-Links eine sichere Verbindung
z.B. zu Ihrer Bank aufbauen, stellt Ihr Browser eine Verbindung zum
angegebenen Server her, pr&uuml;ft dessen Identit&auml;t und teilt ihm
einen Schl&uuml;ssel mit, mit dem die nachfolgende Kommunikation
verschl&uuml;sselt werden soll.
</p>
<p>
Dabei kommen mehrere Kryptographische Verfahren zum Einsatz: Eine
<a href="http://entwickler.de/zonen/portale/psecom,id,126,news,32829,p,0.html" target="_blank">Public-Key-Infrastruktur</a>,
um die Identit&auml;t des Servers zu pr&uuml;fen und dessen &ouml;ffentlichen Schl&uuml;ssel
zu erhalten, ein
<a href="http://entwickler.de/zonen/portale/psecom,id,126,news,31788,p,0.html" target="_blank">asymmetrisches Kryptosystem</a>,
mit dem der vom Webbrowser erzeugte Sitzungsschl&uuml;ssel sicher an den Server
gesendet wird, und ein
<a href="http://entwickler.de/zonen/portale/psecom,id,126,news,31635,p,0.html" target="_blank">symmetrisches Kryptosystem</a>,
mit dem danach alle &uuml;bertragenen Daten verschl&uuml;sselt werden.
Aufgeteilt in die einzelnen Schritte sieht das so aus, siehe auch Abb. 1:
</p>
<ol>
<li> Sie geben im Browser <code>https://www.ihre-bank.example</code> ein.
<li> Ihr Browser baut eine Verbindung zum Webserver
<code>www.ihre-bank.example</code> auf.
<li> Der Webserver sendet sein Zertifikat mit seinem &ouml;ffentlichen
Schl&uuml;ssel an Ihren Browser.
<li> Ihr Browser pr&uuml;ft das Zertifikat. Dazu enth&auml;lt er ab Werk
eine Liste von aus Sicht des jeweiligen Browserherstellers
vertrauensw&uuml;rdigen CAs. Wurde das Zertifikat nicht von einer dieser
CAs ausgestellt oder ist die Signatur nicht korrekt, gibt er eine Warnung
aus und beendet den Verbindungsaufbau.
<li> Verl&auml;uft die Pr&uuml;fung erfolgreich, wei&szlig; der Browser,
dass er wirklich mit dem Server <code>www.ihre-bank.example</code>
verbunden ist und kennt dessen &ouml;ffentlichen Schl&uuml;ssel. Nun
erzeugt er einen symmetrischen Schl&uuml;ssel, der nur f&uuml;r die
aktuelle Sitzung verwendet wird, den sog. Sitzungsschl&uuml;ssel oder
Session Key.
<li> Der Sitzungsschl&uuml;ssel wird mit dem &ouml;ffentlichen
Schl&uuml;ssel des Webservers verschl&uuml;sselt und an den Webserver
&uuml;bertragen.
<li> Der Webserver entschl&uuml;sselt den Sitzungsschl&uuml;ssel mit seinem
privaten Schl&uuml;ssel.
<li> Jetzt besitzen sowohl Webbrowser als auch Webserver einen gemeinsamen
Schl&uuml;ssel f&uuml;r das symmetrische Kryptosystem, mit dem sie alle
weiteren zu &uuml;bertragenen Daten verschl&uuml;sseln k&ouml;nnen.
<li> Der Webserver baut seine Startseite auf, verschl&uuml;sselt sie mit
dem Sitzungsschl&uuml;ssel und sendet sie an den Browser.
<li> Der Browser entschl&uuml;sselt die verschl&uuml;sselte Startseite und
stellt sie dar.
<li> Auch alle weiteren zu &uuml;bertragenen Daten werden mit dem
Sitzungsschl&uuml;ssel verschl&uuml;sselt.
</ol>
<p>
<a href="http://www.ceilers-news.de/bilder/grundlagen/https/https.gif" target="_blank"><IMG SRC="https://www.ceilers-news.de/bilder/grundlagen/https/https-klein.gif" ALT="HTTPS"></a>
<br>
Abb. 1: HTTPS (Klick &ouml;ffnet ein gr&ouml;&szlig;eres Bild in einem
neuen Fenster)
</p>
<h2>Man-in-the-Middle-Angriff auf HTTPS, allgemein</h2>
<p>
Betrachten wir nun einen MitM-Angriff auf obiges Beispiel, z.B. durch ein
Data Loss Prevention System (DLP-System) wie dass, f&uuml;r das Trustwaves
"MitM-Zertifikat" verwendet wurde. Zuerst aber ohne das
"MitM-Zertifikat". Damit der Man-in-the-Middle eine HTTPS-Verbindung
aufbauen kann, braucht er aber ein passendes Zertifikat, in diesem Fall
f&uuml;r <code>www.ihre-bank.example</code>. Das kann er sich selbst erstellen
und auch selbst signieren, so dass es formal korrekt ist.
</p>
<ol>
<li> Sie geben im Browser <code>https://www.ihre-bank.example</code> ein
<li> Ihr Browser baut eine Verbindung zum Webserver
<code>www.ihre-bank.example</code> auf.
<li> Der Man-in-the-Middle nimmt die Verbindungsanfrage entgegen. Er sendet
sein gef&auml;lschtes Zertifikat f&uuml;r
<code>https://www.ihre-bank.example</code> mit seinem &ouml;ffentlichen
Schl&uuml;ssel an Ihren Browser. <br>
Parallel baut er eine HTTPS-Verbindung zu
<code>https://www.ihre-bank.example</code> auf, wie es oben beschrieben
wurde.
<li> Ihr Browser pr&uuml;ft das Zertifikat. Da es zwar zu
<code>www.ihre-bank.example</code> geh&ouml;rt, aber von einer unbekannten
CA unterzeichnet wurde, gibt er eine Warnung aus. Sie bemerken den Angriff
und h&ouml;ren mit dem Surfen auf.<br>
Oder sie fallen auf das gef&auml;lschte Zertifikat herein, halten es
f&uuml;r echt und surfen weiter. Dann haben Sie Pech gehabt, denn der MitM
kann alle &uuml;bertragenen Daten aussp&auml;hen und/oder manipulieren,
s.u..
</ol>
<p>
Im Fall eines DLP-Systems ist es &uuml;blich, eine eigene PKI aufzubauen und das
zugeh&ouml;rige Root-Zertifikat, mit dem die ausgestellten Zertifikate gepr&uuml;ft
werden, in den internen Webbrowsern zu installieren. Parallel werden die
Benutzer &uuml;ber das Aufbrechen der gesch&uuml;tzten Verbindung informiert. Dann
w&uuml;rde der MitM-Angriff so ablaufen:
</p>
<ol>
<li> Sie geben im Browser <code>https://www.ihre-bank.example</code> ein
<li> Ihr Browser baut eine Verbindung zum Webserver
<code>www.ihre-bank.example</code> auf.
<li> Das DLP-System nimmt die Verbindungsanfrage entgegen. Es erstellt ein
Zertifikat f&uuml;r <code>www.ihre-bank.example</code> mit seinem
&ouml;ffentlichen Schl&uuml;ssel, signiert es mit dem Root-Schl&uuml;ssel
der internen PKI und sendet es an Ihren Browser. <br>
Parallel baut es eine HTTPS-Verbindung zu
<code>https://www.ihre-bank.example</code> auf, wie es oben beschrieben
wurde.
<li> Ihr Browser pr&uuml;ft das Zertifikat. Da es zu
<code>www.ihre-bank.example</code> geh&ouml;rt und von der ihm bekannten
internen Zertifizierungsstelle ausgestellt wurde, gibt er keine Warnung
aus, sondern baut die Verbindung weiter auf.
<li> Ihr Browser tauscht mit dem DLP-System, den er f&uuml;r den
Bank-Server h&auml;lt, einen Sitzungsschl&uuml;ssel aus.
<li> Jetzt besitzen sowohl Webbrowser und DLP-System als auch DLP-System
und Webserver jeweils einen gemeinsamen Schl&uuml;ssel f&uuml;r das
symmetrische Kryptosystem, mit dem sie alle weiteren zu &uuml;bertragenen
Daten verschl&uuml;sseln k&ouml;nnen.
<li> Der Webserver baut seine Startseite auf, verschl&uuml;sselt sie mit
dem mit dem DLP-System vereinbarten Sitzungsschl&uuml;ssel und sendet sie
an das DLP-System (das er f&uuml;r Ihren Browser h&auml;lt).
<li> Das DLP-System entschl&uuml;sselt die Daten und kann sie nun
pr&uuml;fen und ggf. manipulieren. Sollen die Daten das DLP-System
passieren, werden sie mit dem zwischen DLP-System und Webbrowser
ausgetauschten Schl&uuml;ssel verschl&uuml;sselt und an den Browser
gesendet. Der denkt, sie stammen von <code>www.ihre-bank.example</code>
und sind unver&auml;ndert!
<li> Der Browser entschl&uuml;sselt die verschl&uuml;sselte Startseite und
stellt sie dar.
<li> Auch alle weiteren zu &uuml;bertragenen Daten werden entsprechend
verschl&uuml;sselt, vom DLP-System entschl&uuml;sselt und nach der
Pr&uuml;fung erneut verschl&uuml;sselt.
</ol>
<p>
Nehmen wir mal an, ein Gast benutzt Ihr lokales Netz und surft seine Bank
an. Da sein Browser nat&uuml;rlich nicht das Root-Zertifikat der internen
PKI kennt, passiert das gleiche wie im ersten Angriffs-Beispiel: Der
Browser bem&auml;ngelt die unbekannte Zertifizierungsstelle und die
Verbindung wird abgebrochen.
</p>
<h2>MitM-Angriff mit "MitM-Zertifikat"</h2>
<p>
Kommen wir nun zu einem MitM-Angriff mit einem "MitM-Zertifikat" einer
"offiziellen" Zertifizierungsstelle, deren Root-Zertifikat in allen
Webbrowern enthalten ist, siehe auch Abb. 2:
</p>
<ol>
<li> Sie geben im Browser <code>https://www.ihre-bank.example</code> ein
<li> Ihr Browser baut eine Verbindung zum Webserver
<code>www.ihre-bank.example</code> auf.
<li> Der MitM nimmt die Verbindungsanfrage entgegen. Es erstellt ein
Zertifikat f&uuml;r <code>www.ihre-bank.example</code> mit seinem
&ouml;ffentlichen Schl&uuml;ssel, signiert es mit dem Root-Schl&uuml;ssel
zum "MitM-Zertifikat" und sendet es an Ihren Browser.<br>
Parallel baut es eine HTTPS-Verbindung zu
<code>https://www.ihre-bank.example</code> auf, wie es oben beschrieben
wurde.
<li> Ihr Browser pr&uuml;ft das Zertifikat. Da es zu
<code>www.ihre-bank.example</code> geh&ouml;rt und von einer ihm bekannten
"offiziellen" Zertifizierungsstelle ausgestellt wurde, gibt er keine
Warnung aus, sondern baut die Verbindung weiter auf.
<li> Ihr Browser tauscht mit dem MitM einen Sitzungsschl&uuml;ssel aus.
<li> Jetzt besitzen sowohl Webbrowser und MitM als auch MitM und Webserver
jeweils einen gemeinsamen Schl&uuml;ssel f&uuml;r das symmetrische
Kryptosystem, mit dem sie alle weiteren zu &uuml;bertragenen Daten
verschl&uuml;sseln k&ouml;nnen.
<li> Der Webserver baut seine Startseite auf, verschl&uuml;sselt sie mit
dem mit dem MitM vereinbarten Sitzungsschl&uuml;ssel und sendet sie an den
MitM (den er f&uuml;r Ihren Browser h&auml;lt).
<li> Der MitM entschl&uuml;sselt die Daten und kann sie nun lesen und ggf.
manipulieren. Sollen die Daten an den Browser weitergeleitet werden,
werden sie mit dem zwischen MitM und Webbrowser ausgetauschten
Schl&uuml;ssel verschl&uuml;sselt und an den Browser gesendet. Der denkt,
sie stammen von <code>www.ihre-bank.example</code> und sind
unver&auml;ndert!
<li> Der Browser entschl&uuml;sselt die verschl&uuml;sselte Startseite und
stellt sie dar.
<li> Auch alle weiteren zu &uuml;bertragenen Daten werden entsprechend
verschl&uuml;sselt, vom MitM entschl&uuml;sselt und nach der Pr&uuml;fung
erneut verschl&uuml;sselt.
</ol>
<p>
<a href="http://www.ceilers-news.de/bilder/grundlagen/https/https-mitm.gif" target="_blank"><IMG SRC="https://www.ceilers-news.de/bilder/grundlagen/https/https-mitm-klein.gif" ALT="MitM-Angriff auf HTTPS mit MitM-Zertifikat"></a>
<br>
Abb. 2: MitM-Angriff auf HTTPS mit "MitM-Zertifikat" (Klick &ouml;ffnet ein
gr&ouml;&szlig;eres Bild in einem neuen Fenster)
</p>
<p>
Der angenommene Gast w&uuml;rde von diesem MitM-Angriff nichts bemerken, da das
gef&auml;lschte Zertifikat von einer "offiziellen" Zertifizierungsstelle
ausgestellt wurde, deren Root-Zertifikat in seinem Webbrowser gespeichert
ist.
</p>
<h2>MitM-Angriff mit "MitM-Zertifikat" "in the wild"</h2>
<p>
Betrachten wir den MitM-Angriff mit "MitM-Zertifikat" mal au&szlig;erhalb
geschlossener lokaler Netze, also "in the wild". Was w&auml;re, wenn ein
Cyberkrimineller so ein "MitM-Zertifikat" bes&auml;&szlig;e? Er
k&ouml;nnte jede beliebige HTTPS-Verbindung, die &uuml;ber einen von ihm
kontrollierten Server l&auml;uft, aufbrechen, <b>ohne dass der Benutzer es
merkt</b>. Und gerade das ist der entscheidende Punkt: Das
"MitM-Zertifikat" erlaubt es dem Inhaber, g&uuml;ltige Zertifikate f&uuml;r
beliebige Domains zu erstellen, die von den Webbrowsern problemlos
anerkannt werden. Er ist also quasi seine eigene, offiziell anerkannte
Zertifizierungsstelle. Denn f&uuml;r genau diesen Zweck ist diese Sorte
von Zertifikaten, die eigentlich als "Intermediate Zertifikat" bezeichnet
wird, normalerweise vorgesehen: Eine Zertifizierungsstelle kann damit einer
weiteren, untergeordneten Zertifizierungsstelle das selbst&auml;ndige
Ausstellen von Zertifikaten erm&ouml;glichen. Um so schlimmer ist ein
Missbrauch wie im Fall von Trustwave.
</p>
<p>
Und nun betrachten Sie das Problem mal mit anderen Inhabern von
"MitM-Zertifikaten", z.B. Strafverfolgungsbeh&ouml;rden oder Regierungen
bestimmter L&auml;nder...
</p>
<h2>MitM-Angriff mit "MitM-Zertifikat" erkennen</h2>
<p>
Die einzige zuverl&auml;ssige M&ouml;glichkeit, so einen Angriff zu
bemerken, ist der Vergleich des Zertifikats-Fingerprints mit dem korrekten
Fingerprint - sofern man ihn denn kennt. Banken teilen den Fingerprint
ihren Kunden teilweise mit, aber die wenigsten pr&uuml;fen ihn, erst recht
nicht bei jedem Verbindungsaufbau. Und die Fingerprints der Zertifikate
von z.B. Google oder Microsoft kennt au&szlig;erhalb der Unternehmen wohl
kein Mensch.
</p>
<p>
Ansonsten ist das einzig Auff&auml;llige an dem Angriff der "falsche" Aussteller
z.B. des Bank-Zertifikats. Wenn der Benutzer wei&szlig;, dass die Bank ein
Zertifikat von Zertifizierungsstelle A hat und sie nun pl&ouml;tzlich angeblich
eines von Zertifizierungsstelle B verwendet, <em>k&ouml;nnte</em> ein Angriff
vorliegen. Oder die Bank die Zertifizierungsstelle gewechselt haben.
</p>
<h2>Wichtig ist die Identit&auml;tspr&uuml;fung</h2>
<p>
Nur noch mal zur Verdeutlichung: Wichtig ist beim HTTPS-Protokoll die
Identit&auml;tspr&uuml;fung des Servers. Ist die nicht zuverl&auml;ssig,
k&ouml;nnten Webbrowser und Webserver auch einfach einen Schl&uuml;ssel mit
Hilfe des
<a href="http://entwickler.de/zonen/portale/psecom,id,126,news,35367,p,0.html" target="_blank">Diffie-Hellman- Schl&uuml;sselaustausch</a>
vereinbaren und sich den Aufwand der Zertifikatspr&uuml;fung und des
Zertifizierungssystems sparen. Der Schl&uuml;sselaustausch und das
Verschl&uuml;sseln sind keine Kunst, die Identit&auml;tspr&uuml;fung ist
das entscheidende Kriterium. Wenn man nicht sicher wei&szlig;, dass man
wirklich z.B. mit dem Server der eigenen Bank verbunden ist, ist es im
Grunde sogar egal, ob die Verbindung verschl&uuml;sselt ist oder nicht -
dann kann wirklich alles passieren.
</p>
<p>
In der n&auml;chsten Woche findet die CeBIT statt, auf der ich einige
Termine habe. Wenn ich es zeitlich schaffe, gibt es daher n&auml;chste
Woche einen Bericht von der CeBIT.
</p>
<p>
<a href="mailto:&#102;&#114;&#97;&#103;&#101;&#110;&#64;&#99;&#101;&#105;&#108;&#101;&#114;&#115;&#45;&#105;&#116;&#46;&#100;&#101;"><em>Carsten Eilers</em></a>
</p>
<img src="https://ssl-vg03.met.vgwort.de/na/6690a6094e05452a8124169835f52bd0" width="1" height="1" alt="">
</div>
<footer class="clearfix">
<span class="visuallyhidden">Kategorien: </span><a href="https://www.ceilers-news.de/serendipity/3-Grundlagen">Grundlagen</a>
</footer>
<!--
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<rdf:Description
rdf:about="https://www.ceilers-news.de/serendipity/feeds/ei_207.rdf"
trackback:ping="https://www.ceilers-news.de/serendipity/comment.php?type=trackback&amp;entry_id=207"
dc:title="Man-in-the-Middle-Angriffe auf HTTPS"
dc:identifier="https://www.ceilers-news.de/serendipity/207-Man-in-the-Middle-Angriffe-auf-HTTPS.html" />
</rdf:RDF>
-->
<section id="trackbacks" class="serendipity_comments serendipity_section_trackbacks">
<h3>Trackbacks</h3>
<div id="trackback_url" class="block_level"><a rel="nofollow" href="https://www.ceilers-news.de/serendipity/comment.php?type=trackback&amp;entry_id=207" title="Dieser Link ist nicht aktiv. Er enthält die Trackback-URI zu diesem Eintrag. Sie können diese URI benutzen, um Ping- und Trackbacks von Ihrem eigenen Blog zu diesem Eintrag zu schicken. Um den Link zu kopieren, klicken Sie ihn mit der rechten Maustaste an und wählen &quot;Verknüpfung kopieren&quot; im Internet Explorer oder &quot;Linkadresse kopieren&quot; in Mozilla/Firefox.">Trackback-URL für diesen Eintrag</a></div>
<article id="c2178" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2012-06-14T13:53:18+02:00">Donnerstag, 14. Juni 2012</time>: <a href="http://www.ceilers-news.de/serendipity/240-Flame-und-die-Windows-Updates.html">Flame und die Windows-Updates</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> An Flame war ja anfangs eigentlich nichts besonderes, wenn man mal von der Gr&ouml;&szlig;e und der Unf&auml;higkeit der Antivirenhersteller, diesen Riesensch&auml;dling zeitnah zu entdecken, absieht. Einzig interessant schien die zumindest anf</div>
</details>
</article>
<article id="c2260" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2012-07-23T11:49:20+02:00">Montag, 23. Juli 2012</time>: <a href="http://www.ceilers-news.de/serendipity/252-Mahdi-wird-zum-Bettvorleger,-und-Passwortlecks-sind-der-Sommerhit-2012.html">Mahdi wird zum Bettvorleger, und Passwortlecks sind der Sommerhit 2012</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Ohne viel Vorrede gleich zum Thema: Mahdi - Ein digitaler Bettvorleger? Keinen gro&szlig;en Kommentar gibt es zu Mahdi. Aus dem einfachen Grund, dass es keine neuen Erkenntnisse dar&uuml;ber gibt. Sie haben richtig gelesen: Au&szlig;er Ka</div>
</details>
</article>
<article id="c2613" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2012-10-29T11:32:10+01:00">Montag, 29. Oktober 2012</time>: <a href="http://www.ceilers-news.de/serendipity/284-SSL-Der-naechste-Nagel-im-Sarg.html">SSL - Der nächste Nagel im Sarg?</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Es gibt mal wieder schlechte Nachrichten &uuml;ber SSL. Diesmal wurde mal keine Zertifizierungsstelle gehackt, stattdessen haben Forscher festgestellt, dass die Pr&uuml;fung von Zertifikaten in anderer Software als Webbrowsern ziemlich mangelhaft </div>
</details>
</article>
<article id="c2653" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2012-11-05T10:32:44+01:00">Montag, 5. November 2012</time>: <a href="http://www.ceilers-news.de/serendipity/286-SSLHTTPS-Schon-wieder-schlechte-Nachrichten.html">SSL/HTTPS - Schon wieder schlechte Nachrichten</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Es gibt schon wieder schlechte Nachrichten zu SSL bzw. konkret zu HTTPS: Da wird von den Webservern nicht so sicher eingesetzt, wie es eigentlich n&ouml;tig w&auml;re. Dadurch sind in sehr vielen F&auml;llen SSL-Stripping-Angriffe m&ouml;glich. </div>
</details>
</article>
<article id="c3883" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2013-04-18T17:29:10+02:00">Donnerstag, 18. April 2013</time>: <a href="http://www.ceilers-news.de/serendipity/339-Code-Signing-Auch-Schadsoftware-kann-signiert-sein.html">Code Signing - Auch Schadsoftware kann signiert sein</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Oracles Antwort auf Javas st&auml;ndige Sicherheitsprobleme: Der Einsatz von Code Signing. Vorerst gibt es nur mehr oder weniger ausf&uuml;hrliche Warnungen vor nicht oder falsch signierten Applets, irgendwann sollen dann nur noch signierte Apple</div>
</details>
</article>
<article id="c3905" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2013-04-29T10:12:02+02:00">Montag, 29. April 2013</time>: <a href="http://www.ceilers-news.de/serendipity/342-Kommentare-zu-diesem-und-jenem.html">Kommentare zu diesem und jenem</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Heute gibt es Kommentare zu einem Root-Zertifikat des US-Verteidigungsministeriums, einem neuen Java-Exploit, die 0-Day-Exploits aus dem 1. Quartal, Passwort-Recycling in Gro&szlig;britannien und einem unerwarteten Support-Ende f&uuml;r Windows XP. </div>
</details>
</article>
<article id="c4110" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2013-06-24T11:25:16+02:00">Montag, 24. Juni 2013</time>: <a href="http://www.ceilers-news.de/serendipity/363-Kommentare-zu-Webcam-Spannern,-EMET-4.0-und-einer-neuen-0-Day-Schwachstelle.html">Kommentare zu Webcam-Spannern, EMET 4.0 und einer neuen 0-Day-Schwachstelle</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Schadsoftware, &uuml;ber die die Opfer &uuml;ber ihre Webcam ausgesp&auml;ht werden k&ouml;nnen, gibt es schon lange. Inzwischen gibt es auch einen Markt f&uuml;r die damit gemachten Aufnahmen. Microsoft hat das EMET 4.0 ver&ouml;ffentlicht, Nutze</div>
</details>
</article>
<article id="c4215" class="clearfix serendipity_comment even">
<h4><cite>blog.atari-frosch.de</cite> am <time datetime="2013-07-28T09:36:45+02:00">Sonntag, 28. Juli 2013</time>: <a href="http://blog.atari-frosch.de/2013/07/28/im-netz-aufgefischt-120/">PingBack</a></h4>
<span class="visuallyhidden">Die Anzeige des Inhaltes dieses Trackbacks ist leider nicht möglich.</span>
</article>
<article id="c4520" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2013-09-09T18:14:21+02:00">Montag, 9. September 2013</time>: <a href="http://www.ceilers-news.de/serendipity/390-NSA-Nicht-die-Krypto-Verfahren,-sondern-ihre-Implementierungen-sind-unsicher.html">NSA: Nicht die Krypto-Verfahren, sondern ihre Implementierungen sind unsicher</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Guardian, New York Times und ProPublica haben berichtet. dass die NSA viele Krypto-Verfahren, darunter SSL, entschl&uuml;sseln kann. Das bedeutet aber nicht, dass diese Verfahren gebrochen sind. Die Kryptographie-Verfahren sind sicher Ei</div>
</details>
</article>
<article id="c5203" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2013-10-31T08:41:17+01:00">Donnerstag, 31. Oktober 2013</time>: <a href="http://www.ceilers-news.de/serendipity/410-HTTP-Request-Hijacking-Ein-neuer-Angriff-unter-der-Lupe.html">HTTP Request Hijacking - Ein neuer Angriff unter der Lupe</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Da HTTP Request Hijacking (HRH) es sogar in die Nachrichten geschafft hat und dort f&uuml;r etwas Panikmache genutzt wird, m&ouml;chte ich mal ein paar Fakten liefern. Wie funktioniert HRH, und wie gef&auml;hrlich ist so ein Angriff? HTTP Reque</div>
</details>
</article>
<article id="c6073" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2014-07-11T10:27:08+02:00">Freitag, 11. Juli 2014</time>: <a href="http://www.ceilers-news.de/serendipity/524-Drucksache-PHP-Magazin-5.2014-Wie-Perfect-Forward-Secrecy-vor-der-Entschluesselung-gehorteter-Daten-schuetzt.html">Drucksache: PHP Magazin 5.2014 - Wie Perfect Forward Secrecy vor der Entschlüsselung gehorteter Daten schützt</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Im PHP Magazin 5.2014 ist ein Artikel &uuml;ber die Sicherung der SSL/TLS-Kommunikation vor nachtr&auml;glicher Entschl&uuml;sselung durch Perfect Forward Secrecy erschienen. &amp;quot;Heute aufgezeichnet, morgen entschl&uuml;sselt&amp;quot; ist ein handfest</div>
</details>
</article>
<article id="c6158" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2014-08-25T15:12:00+02:00">Montag, 25. August 2014</time>: <a href="http://www.ceilers-news.de/serendipity/540-Wenn-Metadaten-Spammern-verraten,-wo-Heartbleed-zu-Datenlecks-in-Ransomware-fuehrt.-Oder-so..html">Wenn Metadaten Spammern verraten, wo Heartbleed zu Datenlecks in Ransomware führt. Oder so.</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Heute gibt es Kommentare zu verr&auml;terischen Metadaten, Spammern, einem auf die Heartbleed-Schwachstelle zur&uuml;ckzuf&uuml;hrenden Datenleck und Cyberkriminellen, die nicht halten, was sie versprechen. Metadaten verraten verborgene Daten </div>
</details>
</article>
<article id="c6192" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2014-09-05T14:11:10+02:00">Freitag, 5. September 2014</time>: <a href="http://www.ceilers-news.de/serendipity/544-Drucksache-windows.developer-Magazin-10.2014-Das-Enhanced-Mitigation-Experience-Toolkit-als-Schutz-vor-0-Day-Exploits.html">Drucksache: windows.developer Magazin 10.2014 - Das Enhanced Mitigation Experience Toolkit als Schutz vor 0-Day-Exploits</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Im windows.developer 10.2014 ist ein Artikel &uuml;ber das Enhanced Mitigation Experience Toolkit (EMET) erschienen. Es gibt eine ganze Reihe so genannter Mitigations, mit denen die Ausnutzung von Schwachstellen erschwert werden kann. Eigent</div>
</details>
</article>
<article id="c6812" class="clearfix serendipity_comment even">
<h4><cite>jaxenter.de</cite> am <time datetime="2015-02-20T11:12:19+01:00">Freitag, 20. Februar 2015</time>: <a href="https://jaxenter.de/lenovo-adware-mitm-zertifikat-die-spitze-eines-eisbergs-16383">PingBack</a></h4>
<span class="visuallyhidden">Die Anzeige des Inhaltes dieses Trackbacks ist leider nicht möglich.</span>
</article>
<article id="c6873" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2015-04-14T12:34:30+02:00">Dienstag, 14. April 2015</time>: <a href="http://www.ceilers-news.de/serendipity/644-SSLTLS-Mal-wieder-einige-schlechte-Nachrichten!.html">SSL/TLS - Mal wieder einige schlechte Nachrichten!</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Heute gibt es mal wieder einige Nachrichten rund um SSL/TLS und das Zertifikatssystem. Nat&uuml;rlich schlechte. Gab es dazu eigentlich auch mal gute Nachrichten? Erinnern kann ich mich gerade an keine. Eine CA verspielt das in sie gesetzte Ve</div>
</details>
</article>
<article id="c6944" class="clearfix serendipity_comment even">
<h4><cite>entwickler.de</cite> am <time datetime="2015-05-08T11:36:43+02:00">Freitag, 8. Mai 2015</time>: <a href="https://entwickler.de/online/php/perfect-forward-secrecy-heute-aufgezeichnet-morgen-entschluesselt-139482.html">PingBack</a></h4>
<span class="visuallyhidden">Die Anzeige des Inhaltes dieses Trackbacks ist leider nicht möglich.</span>
</article>
<article id="c6945" class="clearfix serendipity_comment odd">
<h4><cite>entwickler.de</cite> am <time datetime="2015-05-08T11:36:44+02:00">Freitag, 8. Mai 2015</time>: <a href="https://entwickler.de/online/php/perfect-forward-secrecy-heute-aufgezeichnet-morgen-entschluesselt-139482.html">PingBack</a></h4>
<span class="visuallyhidden">Die Anzeige des Inhaltes dieses Trackbacks ist leider nicht möglich.</span>
</article>
<article id="c7115" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2015-06-18T08:35:02+02:00">Donnerstag, 18. Juni 2015</time>: <a href="http://www.ceilers-news.de/serendipity/672-XSS-Angriffe,-Teil-9-Der-Router-im-Visier.html">XSS-Angriffe, Teil 9: Der Router im Visier</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Ein Portscan mit JavaScript ist kein gr&ouml;&szlig;eres Problem. Egal ob mit normalen JavaScript f&uuml;r einen Host oder einen IP-Adressbereich oder mit Hilfe der HTML5-JavaScript-APIs, die Suche nach Rechnern im lokalen Netz des angegriffene</div>
</details>
</article>
<article id="c7141" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2015-07-10T12:25:01+02:00">Freitag, 10. Juli 2015</time>: <a href="http://www.ceilers-news.de/serendipity/679-Drucksache-PHP-Magazin-5.2015-Logjam-und-FREAK-gefaehrden-TLS.html">Drucksache: PHP Magazin 5.2015 - Logjam und FREAK gefährden TLS</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Im PHP Magazin 5.2015 ist ein Artikel &uuml;ber die neuen Angriffe auf TLS erschienen: Logjam und FREAK. Die schwachen Krypto-Verfahren mit viel zu kurzen Schl&uuml;sseln, die viele Clients und Server aus historischen Gr&uuml;nden unterst&amp;amp;uu</div>
</details>
</article>
<article id="c7638" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2015-12-09T00:46:08+01:00">Mittwoch, 9. Dezember 2015</time>: <a href="http://www.ceilers-news.de/serendipity/728-Microsoft-hat-Patchday,-und-wie-ueblich-werden-0-Days-behoben.html">Microsoft hat Patchday, und wie üblich werden 0-Days behoben</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Am Dezember-Patchday hat Microsoft mal wieder 0-Day-Schwachstellen behoben. Zwar &amp;quot;nur&amp;quot; 3, aber 2 davon werden bereits f&uuml;r Angriffe ausgenutzt. Codeausf&uuml;hrung in MS Office Die erste bereits f&uuml;r Angriffe ausgenutzte 0-Day-Schwac</div>
</details>
</article>
<article id="c7817" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2016-06-30T10:17:32+02:00">Donnerstag, 30. Juni 2016</time>: <a href="http://www.ceilers-news.de/serendipity/795-Kryptographie-Identitaetspruefung,-Teil-3-Hierarchische-Zertifizierungssysteme.html">Kryptographie - Identitätsprüfung, Teil 3 - Hierarchische Zertifizierungssysteme</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Der Aufbau eines hierarchischen Zertifizierungssystems unterscheidet sich vom Web of Trust in einem entscheidenden Punkt: W&auml;hrend sich beim Web of Thrust die Benutzer gegenseitig zertifizieren, geschieht dies bei einem hierarchischen System a</div>
</details>
</article>
<article id="c7819" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2016-07-07T15:25:38+02:00">Donnerstag, 7. Juli 2016</time>: <a href="http://www.ceilers-news.de/serendipity/796-Kryptographie-Identitaetspruefung,-Teil-4-Zertifikate-in-SSLTLS.html">Kryptographie - Identitätsprüfung, Teil 4 - Zertifikate in SSL/TLS</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> In dieser Folge wird der Einsatz von X.509-Zertifikaten im Rahmen von SSL/TLS beschrieben. Etwas allgemeiner habe ich das ja schon im Rahmen der Beschreibung von MitM-Angriffen auf HTTS-Verbindungen erkl&auml;rt. Die ausgetauschten Nachricht</div>
</details>
</article>
<article id="c7831" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2016-08-04T09:33:17+02:00">Donnerstag, 4. August 2016</time>: <a href="http://www.ceilers-news.de/serendipity/803-Verfahren-der-Kryptographie,-Teil-15-MD4,-MD5,-SHA-und-SHA-1-alle-unsicher!.html">Verfahren der Kryptographie, Teil 15: MD4, MD5, SHA und SHA-1 - alle unsicher!</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Neuere Hashfunktionen als der bereits vorgestellte Algorithmus MD2 sind MD4 und MD5 sowie SHA und SHA-1. Wobei &amp;quot;Neuer&amp;quot; erst mal sehr relativ ist und au&szlig;erdem nicht gleichzeitig auch &amp;quot;Sicher&amp;quot; bedeutet. MD4 und MD5 MD4 wurde von Ronal</div>
</details>
</article>
<article id="c8208" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2017-06-08T08:48:56+02:00">Donnerstag, 8. Juni 2017</time>: <a href="http://www.ceilers-news.de/serendipity/884-Die-IoT-Top-10,-4-Fehlende-Transportverschluesselung.html">Die IoT Top 10, #4: Fehlende Transportverschlüsselung</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Bei der Beschreibung der gef&auml;hrlichsten Schwachstellen in den Ger&auml;ten des IoT gem&auml;&szlig; den Top IoT Vulnerabilities von OWASP sind wir bei Punkt 4 angekommen: &amp;quot;Lack of Transport Encryption&amp;quot;. Oder auf deutsch: Fehlende Transp</div>
</details>
</article>
<article id="c8390" class="clearfix serendipity_comment odd">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2018-03-08T07:59:05+01:00">Donnerstag, 8. März 2018</time>: <a href="http://www.ceilers-news.de/serendipity/942-Angriffe-auf-TCPIP-7-HTTP-Hijacking.html">Angriffe auf TCP/IP (7) - HTTP-Hijacking</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Ziel des HTTP-Hijacking ist die Umleitung einer bestehenden Verbindung, um danach z.B. vertrauliche Daten wie z.B. Passw&ouml;rter zu belauschen oder Ein- bzw. Ausgaben zu manipulieren. Der Angreifer hat dazu zwei M&ouml;glichkeiten: Entweder er gibt</div>
</details>
</article>
<article id="c8460" class="clearfix serendipity_comment even">
<h4><cite>Dipl.-Inform. Carsten Eilers</cite> am <time datetime="2018-12-07T12:19:22+01:00">Freitag, 7. Dezember 2018</time>: <a href="http://www.ceilers-news.de/serendipity/1013-Drucksache-Windows-Developer-1.19-Wie-sicher-ist-SOAP.html">Drucksache: Windows Developer 1.19 - Wie sicher ist SOAP?</a></h4>
<details>
<summary>Vorschau anzeigen</summary>
<div class="content serendipity_commentBody"> Im Windows Developer 1.19 ist ein Artikel &uuml;ber die Sicherheit von SOAP erschienen. Eine Leseprobe des Artikels gibt es auf entwickler.de. SOAP war urspr&uuml;nglich die Abk&uuml;rzung f&uuml;r &amp;quot;Simple Object Access Protocol&amp;quot;, ab</div>
</details>
</article>
</section>
</article>
</main>
<aside id="sidebar_right">
<h2 class="visuallyhidden">Seitenleiste</h2>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>Über mich...</h3>
<div class="sidebar_content clearfix"><p ALIGN="CENTER">
<IMG SRC="/bilder/ich.jpg" ALT="Carsten Eilers">
<br>
<b>Dipl.-Inform. Carsten Eilers</b><br>
<br>
<a href="/serendipity/pages/ueber-mich.html">&Uuml;ber mich...</a><br>
<br>
<a href="http://www.IT-Visions.de" target="_blank"><img SRC="/bilder/IT-Visions.jpg" alt="www.IT-Visions.de"></a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>Follow me...</h3>
<div class="sidebar_content clearfix"><a href="https://www.twitter.com/ceilers_news"><img src="https://www.ceilers-news.de/bilder/twitter.png" alt="Folge ceilers_news auf Twitter"/></a></div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_recententries">
<h3>Aktuelle Einträge</h3>
<div class="sidebar_content clearfix"><dl>
<dt class="serendipity_recententries_entrylink"><a href="/serendipity/1078-Blogpause-wg.-Stoerungen-im-Betriebsablauf.html" title="Blogpause wg. Störungen im Betriebsablauf">Blogpause wg. Störungen im Betriebsablauf</a></dt>
<dd class="serendipity_recententries_entrydate serendipitySideBarDate">Montag, 7. Oktober 2019</dd>
<dt class="serendipity_recententries_entrylink"><a href="/serendipity/1077-Angriffe-aufueber-das-Web-Proxy-Auto-Discovery-Protokoll-WPAD,-Teil-1.html" title="Angriffe auf/über das Web Proxy Auto-Discovery Protokoll WPAD, Teil 1">Angriffe auf/über das Web Proxy Auto-Discovery Protokoll WPAD, Teil 1</a></dt>
<dd class="serendipity_recententries_entrydate serendipitySideBarDate">Donnerstag, 12. September 2019</dd>
<dt class="serendipity_recententries_entrylink"><a href="/serendipity/1076-Das-Web-Proxy-Auto-Discovery-Protokoll-WPAD-im-UEberblick.html" title="Das Web Proxy Auto-Discovery Protokoll WPAD im Überblick">Das Web Proxy Auto-Discovery Protokoll WPAD im Überblick</a></dt>
<dd class="serendipity_recententries_entrydate serendipitySideBarDate">Donnerstag, 5. September 2019</dd>
<dt class="serendipity_recententries_entrylink"><a href="/serendipity/1075-Hitze-und-Gewitterfrei.html" title="Hitze- und Gewitterfrei">Hitze- und Gewitterfrei</a></dt>
<dd class="serendipity_recententries_entrydate serendipitySideBarDate">Donnerstag, 29. August 2019</dd>
<dt class="serendipity_recententries_entrylink"><a href="/serendipity/1074-XML-Sicherheit,-Teil-6-XPath-Injection.html" title="XML-Sicherheit, Teil 6: XPath Injection">XML-Sicherheit, Teil 6: XPath Injection</a></dt>
<dd class="serendipity_recententries_entrydate serendipitySideBarDate">Donnerstag, 22. August 2019</dd>
</dl>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_categories">
<h3>Kategorien</h3>
<div class="sidebar_content clearfix"><form action="https://www.ceilers-news.de/serendipity/index.php?frontpage" method="post">
<div id="serendipity_category_form_content">
<ul id="serendipity_categories_list" style="list-style: none; margin: 0px; padding: 0px">
<li class="category_depth0 category_2" style="display: block;"><input style="width: 15px" type="checkbox" name="serendipity[multiCat][]" value="2" /><a class="serendipity_xml_icon" href="/serendipity/feeds/kategorie/2-Aktuelles.rss"><img src="/serendipity/templates/bulletproof/img/xml.gif" alt="XML" style="border: 0px" /></a> <a href="/serendipity/2-Aktuelles" title="Aktuelle Informationen" style="padding-left: 0px">Aktuelles</a></li>
<li class="category_depth0 category_6" style="display: block;"><input style="width: 15px" type="checkbox" name="serendipity[multiCat][]" value="6" /><a class="serendipity_xml_icon" href="/serendipity/feeds/kategorie/6-Drucksache.rss"><img src="/serendipity/templates/bulletproof/img/xml.gif" alt="XML" style="border: 0px" /></a> <a href="/serendipity/6-Drucksache" title="Hinweise auf Artikel von mir in Magazinen etc." style="padding-left: 0px">Drucksache</a></li>
<li class="category_depth0 category_3" style="display: block;"><input style="width: 15px" type="checkbox" name="serendipity[multiCat][]" value="3" /><a class="serendipity_xml_icon" href="/serendipity/feeds/kategorie/3-Grundlagen.rss"><img src="/serendipity/templates/bulletproof/img/xml.gif" alt="XML" style="border: 0px" /></a> <a href="/serendipity/3-Grundlagen" title="Rund um die IT-Sicherheit" style="padding-left: 0px">Grundlagen</a></li>
<li class="category_depth0 category_5" style="display: block;"><input style="width: 15px" type="checkbox" name="serendipity[multiCat][]" value="5" /><a class="serendipity_xml_icon" href="/serendipity/feeds/kategorie/5-Standpunkte.rss"><img src="/serendipity/templates/bulletproof/img/xml.gif" alt="XML" style="border: 0px" /></a> <a href="/serendipity/5-Standpunkte" title="Meine Meinung zu Ereignissen aus der IT-Sicherheit" style="padding-left: 0px">Standpunkte</a></li>
</ul>
<div class="category_submit"><input type="submit" name="serendipity[isMultiCat]" value="Los!" /></div>
</div>
</form>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_calendar">
<h3>Kalender</h3>
<div class="sidebar_content clearfix"><table class="serendipity_calendar">
<thead>
<tr>
<th scope="col"><abbr title="Montag">Mo</abbr></th>
<th scope="col"><abbr title="Dienstag">Di</abbr></th>
<th scope="col"><abbr title="Mittwoch">Mi</abbr></th>
<th scope="col"><abbr title="Donnerstag">Do</abbr></th>
<th scope="col"><abbr title="Freitag">Fr</abbr></th>
<th scope="col"><abbr title="Samstag">Sa</abbr></th>
<th scope="col"><abbr title="Sonntag">So</abbr></th>
</tr>
</thead>
<tfoot>
<tr>
<td class="prev">
<a href="https://www.ceilers-news.de/serendipity/archives/2022/12.html">&larr;<span class="visuallyhidden"> Zurück</span></a>
</td>
<td class="current_month" colspan="5">
<a href="https://www.ceilers-news.de/serendipity/archives/2023/01.html">Januar '23</a>
</td>
<td class="next">
</td>
</tr>
</tfoot>
<tbody>
<tr>
<td class="FirstRow FirstInRow">&#160;</td>
<td class="FirstRow">&#160;</td>
<td class="FirstRow">&#160;</td>
<td class="FirstRow">&#160;</td>
<td class="FirstRow">&#160;</td>
<td class="FirstRow">&#160;</td>
<td class="FirstRow LastInRow">1</td>
</tr>
<tr>
<td class="FirstInRow">2</td>
<td class="">3</td>
<td class="">4</td>
<td class="">5</td>
<td class="">6</td>
<td class="">7</td>
<td class="LastInRow">8</td>
</tr>
<tr>
<td class="FirstInRow">9</td>
<td class="Today">10</td>
<td class="">11</td>
<td class="">12</td>
<td class="">13</td>
<td class="">14</td>
<td class="LastInRow">15</td>
</tr>
<tr>
<td class="FirstInRow">16</td>
<td class="">17</td>
<td class="">18</td>
<td class="">19</td>
<td class="">20</td>
<td class="">21</td>
<td class="LastInRow">22</td>
</tr>
<tr>
<td class="FirstInRow">23</td>
<td class="">24</td>
<td class="">25</td>
<td class="">26</td>
<td class="">27</td>
<td class="">28</td>
<td class="LastInRow">29</td>
</tr>
<tr>
<td class="FirstInRow LastRow">30</td>
<td class="LastRow">31</td>
<td class="LastRow">&#160;</td>
<td class="LastRow">&#160;</td>
<td class="LastRow">&#160;</td>
<td class="LastRow">&#160;</td>
<td class="LastInRow LastRow">&#160;</td>
</tr>
</tbody>
</table>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_archives">
<h3>Archiv</h3>
<div class="sidebar_content clearfix"><ul class="plainList">
<li><a href="/serendipity/index.php?frontpage">Das Neueste ...</a></li>
<li><a href="https://www.ceilers-news.de/serendipity/archive">Älteres ...</a></li>
</ul>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>You&#8217;ve been hacked!</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://www.rheinwerk-verlag.de/youve-been-hacked_4306/" target="_blank"><IMG SRC="https://www.ceilers-news.de/bilder/buch-hacked-klein.jpg" ALT="Cover You&#8217;ve been hacked!"></a>
<br>
<a href="https://www.rheinwerk-verlag.de/youve-been-hacked_4306/" target="_blank">You&#8217;ve been hacked!</a><br>
Buch, 578 Seiten<br>
Dezember 2018, Rheinwerk Computing<br>
ISBN: 978-3-8362-4460-2<br>
Auch als eBook erh&auml;ltlich<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#Hacked" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>iOS Security</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/buecher/ios-security-120912.html" target="_blank"><IMG SRC="/bilder/iOSSecurity-klein.jpg" ALT="Cover iOS Security"></a>
<br>
<a href="https://entwickler.de/press/buecher/ios-security-120912.html" target="_blank">iOS Security</a><br>
Buch, 274 Seiten<br>
Januar 2014, entwickler.press<br>
ISBN: 978-3-86802-101-1<br>
Auch als PDF und ePub-eBook erhältlich<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#iOSSecurity" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>Websecurity</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/websecurity-194020.html" target="_blank"><IMG SRC="/bilder/Websecurity-klein.jpg" ALT="Cover Websecurity"></a>
<br>
<a href="https://entwickler.de/press/websecurity-194020.html" target="_blank">Websecurity</a><br>
E-Book im EPUB-Format<br>
Dezember 2015, entwickler.press<br>
ISBN: 978-3-86802-569-9<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#Websecurity" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>Datensicherheit</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/datensicherheit-191861.html" target="_blank"><IMG SRC="/bilder/Datensicherheit-klein.jpg" ALT="Cover Datensicherheit"></a>
<br>
<a href="https://entwickler.de/press/datensicherheit-191861.html" target="_blank">Datensicherheit</a><br>
E-Book im EPUB-Format<br>
November 2015, entwickler.press<br>
ISBN: 978-3-86802-568-2<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#Datensicherheit" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>Websecurity Jahresrückblick 2014</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/websecurity-127464.html" target="_blank"><IMG SRC="/bilder/WebSecurity_Jahresrueckblick-klein.jpg" ALT="Cover Websecurity Jahresr&uuml;ckblick 2014"></a>
<br>
<a href="https://entwickler.de/press/websecurity-127464.html" target="_blank">Websecurity Jahresr&uuml;ckblick 2014</a><br>
E-Book im EPUB-Format<br>
M&auml;rz 2015, entwickler.press<br>
ISBN: 978-3-86802-537-8<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#WebSec14" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>JavaScript Security</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/shortcuts/javascript-security-125282.html" target="_blank"><IMG SRC="/bilder/JavaScriptSecurity-klein.jpg" ALT="Cover JavaScript Security"></a>
<br>
<a href="https://entwickler.de/press/shortcuts/javascript-security-125282.html" target="_blank">JavaScript Security</a><br>
E-Book im EPUB-Format<br>
Januar 2015, entwickler.press<br>
ISBN: 978-3-86802-531-6<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#JavaScriptSec" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>Angriffsziel UI</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/shortcuts/angriffsziel-ui-125273.html" target="_blank"><IMG SRC="/bilder/AngriffszielUI-klein.jpg" ALT="Cover Angriffsziel UI"></a>
<br>
<a href="https://entwickler.de/press/shortcuts/angriffsziel-ui-125273.html" target="_blank">Angriffsziel UI</a><br>
E-Book im EPUB-Format<br>
Januar 2015, entwickler.press<br>
ISBN: 978-3-86802-532-3<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#AngriffszielUI" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>Android Security</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/shortcuts/android-security-119833.html" target="_blank"><IMG SRC="/bilder/AndroidSecurity-klein.jpg" ALT="Cover Android Security"></a>
<br>
<a href="https://entwickler.de/press/shortcuts/android-security-119833.html" target="_blank">Android Security</a><br>
E-Book im EPUB-Format<br>
Oktober 2014, entwickler.press<br>
ISBN: 978-3-86802-521-7<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#AndroidSec" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix odd serendipity_plugin_html_nugget">
<h3>Verschl&uuml;sselung im NSA-Zeitalter</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/shortcuts/verschluesselung-im-nsa-zeitalter-119973.html" target="_blank"><IMG SRC="/bilder/VersNSA-klein.jpg" ALT="Cover Verschl&uuml;sselung im NSA-Zeitalter"></a>
<br>
<a href="https://entwickler.de/press/shortcuts/verschluesselung-im-nsa-zeitalter-119973.html" target="_blank">Verschl&uuml;sselung im NSA-Zeitalter</a><br>
E-Book im EPUB-Format<br>
Juni 2014, entwickler.press<br>
ISBN: 978-3-86802-508-8<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#VersNSA" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
<section class="sidebar_plugin clearfix even serendipity_plugin_html_nugget">
<h3>HTML5 Security</h3>
<div class="sidebar_content clearfix"><p>
<a href="https://entwickler.de/press/shortcuts/html5-security-2-121399.html" target="_blank"><IMG SRC="/bilder/HTML5Security-klein.jpg" ALT="Cover HTML5 Security"></a>
<br>
<a href="https://entwickler.de/press/shortcuts/html5-security-2-121399.html" target="_blank">HTML5 Security</a><br>
E-Book im EPUB-Format<br>
Mai 2012, entwickler.press<br>
ISBN: 978-3-86802-417-3<br>
<br>
<a href="http://www.ceilers-it.de/texte/buch/index.shtml#HTML5" target="_blank">Erg&auml;nzende Informationen</a>
</p>
</div>
</section>
</aside>
</div>
<footer id="colophon">
<p><span lang="en">Powered by <a href="http://s9y.org">Serendipity</a> &amp; the <i>2k11-CE</i> theme.</span></p>
</footer>
</div>
<script src="/serendipity/templates/2k11-CE/js/2k11.min.js"></script>
<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//www.ceilers-news.de/piwik/";
_paq.push(['setTrackerUrl', u+'piwik.php']);
_paq.push(['setSiteId', 1]);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<noscript><p><img src="//www.ceilers-news.de/piwik/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->
</body>
</html>

View File

@ -0,0 +1,57 @@
# 60 - Zertifikate
## Was sind Zertifikate
https://www.youtube.com/watch?v=LRMBZhdFjDI
### SSL, TLS und Zertifikate
- 10 - SSL, TLS und Zertifikate
<br>Guter Überblick über TLS
<br>Verweis: http://www.elektronik-kompendium.de/sites/net/0902281.htm
- 11 - Understanding SSL Certificates
<br>Gute Beschreibung (en)
<br>Verweis: http://pierrelx.com/understanding-ssl-certificate-and-ssl-encryption/
- Digitale Signatur erstellen mit OpenSSL
<br>Verweis: http://www.soft-ware.net/tipps/tipp67/Digitale-Signatur-erstellen-pfx-Datei.asp
## Zertifikat gratis erstellen
- Zertifikat gratis erstellen (Lets Encrypt)
<br>Eine andere Möglichkeite wäre "Cloudfare"
<br>Verweis: https://letsencrypt.org/
## Zertifikate installieren
- Beschreibt die Installation von Zertifikaten für unterschiedliche Webserver
<br>Verweis: https://de.wikihow.com/Ein-SSL-Zertifikat-installieren
## Zwertifikatsfehler forcieren
- Fehlermeldung forcieren, welche bei abgelaufenem Zertifikat (Certificate expired) angezeigt wird
<br>Verweis: https://badssl.com/
## Zertifikatsprüfung manuell
- TLS-Tests
<br>Feststellen, ob SSL korrekt angewandt (vom Browser/Server) wird und Dokumentation darüber
<br>(Alternative: https://www.ssllabs.com/)
<br>Verweis: https://tls-ssl-test.internet-sicherheit.de/
- Zertifikatsprüfung manuell (ist Absender vertrauenswürdig)
<br>Beschreibt Vorgehen mit verschiedenen Browsern (Überprüfung Fingerprint)
<br>Verweis: https://www.ebas.ch/de/ihr-sicherheitsbeitrag/zertifikatspruefung
## 'man in the middle'-Angriffe auf HTTPS
- Man in the middle-Angriffe auf HTTPS
<br>Sehr guter Artikel über MitM-Angriffe. Übrigens macht Fiddler genau das (aber natürlich nicht als Angriff)
<br>Verweis: https://www.ceilers-news.de/serendipity/207-Man-in-the-Middle-Angriffe-auf-HTTPS.html

10
m239/70 - Tests/README.md Normal file
View File

@ -0,0 +1,10 @@
# 70 - Tests
![M239_Internetserver_Tests_Mindmap.png](M239_Internetserver_Tests_Mindmap.png)
- Dokumentation verschiedener Testarten (die Mind-Map wurde aus diesem Text erstellt)
<br>Verweis: [M239 Compendio B 7 - Systemtest und Dokumentation vorbereiten.pdf]('../../02%20-%20Unterlagen%20Theorie/M239%20Compendio%20B%207%20-%20Systemtest%20und%20Dokumentation%20vorbereiten.pdf')
- Testing Tools Guide
<br>Übersicht über eine grosse Anzahl (>800) Test-Tools für verschiedene Arten von Tests
<br>Verweis: http://www.testingtoolsguide.net/