This article has been indexed from Netcraft News
In the October 2021 survey we received responses from 1,179,448,021 sites across 265,426,928 unique domains and 11,388,826 web-facing computers. This reflects a loss of 8.59 million sites, but a gain of 1.07 million domains and 20,800 computers.
The number of unique domains powered by the nginx web server grew by 789,000 this month, which has increased its total to 79.5 million domains and its leading market share to 29.9%. Conversely, Apache lost 753,000 domains and saw its second-place share fall to 24.7%. Meanwhile, Cloudflare gained 746,000 domains – almost as many as nginx – but it stays in fourth place with an 8.15% share while OpenResty’s shrank slightly to 14.5%.
Cloudflare also made strong progress amongst the top million websites, where it increased its share by 0.24 percentage points to 18.2%. nginx is in second place with a 22.5% (+0.12pp) share but has closed the gap on Apache which still leads with 24.0% after losing 0.21pp.
Apache also continues to lead in terms of active sites, where it has a total of 48.0 million. However, it was the only major vendor to suffer a drop in this metric, with a loss of 277,000 active sites reducing its share down to 23.9% (-0.29pp). In terms of all sites, nginx lost the most (-9.99 million) but remains far in the lead with a total of 412 million.
Apache vulnerability being actively exploited in the wild
Apache 2.4.51 was released on 7 October. This is the latest release in the 2.4.x stable branch, which the developers consider to be the best available version of the Apache HTTP Server; but more importantly, this release fixes a path traversal vulnerability present in Apache 2.4.49 and 2.4.50. Apache 2.4.50 was itself released a day earlier in an attempt to fix the vulnerability present in 2.4.49, but the fix was found to be insufficient.
The vulnerability is being actively exploited in the wild, so anyone still running an unpatched Apache 2.4.49 or 2.4.50 installation should upgrade immediately. In some cases, the path traversal vulnerability could facilitate remote code execution on the web server.
Due to the nature of this vulnerability, so
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: October 2021 Web Server Survey