So What Is All This Stuff Anyways?
Apache is the most often used web server software on the Internet. Just over 57% of all websites use Apache or one of it's derivatives according to the latest NetCraft survey. Versions of Apache exist for most common operating systems, including Linux, Solaris, Irix, HP-UX, AIX, BSD, Windows 95/98/NT, and even OpenVMS.
Apache exhibits the three qualities that
most people look for in web server software - it's fast, it's secure, and
it's free. This combination of attributes, along with its long list
of supported platforms, is what makes Apache the most popular web server
in the world.
PHP is an embedded scripting language for HTML, like JavaScript or Server-Side Includes (SSI). PHP operates more like SSI from an operational standpoint - you embed tags or entire programs in your HTML document, which is parsed by the PHP system before it is sent to a client browser via the web server. PHP lets you do the usual SSI tricks of embedding information like the current time, date, page hits, and so on into an HTML document.
PHP is most notable for providing support for a wide range of databases, making it a must-have for web sites that depend on a back-end database for HTML content. PHP is used extensively by Freshmeat and distributed.net, two of the largest web-accessible databases on the Internet. Many organizations use PHP internally to give web access to databases containing inventories, personnel records, and other business records.
Microsoft's Active Server Page (ASP) technology
is an off-shoot of PHP. There are several tools that convert ASP
documents to PHP documents for organizations that want to migrate from
ASP to PHP. PHP is supported on both UNIX and Windows platforms.
ApacheSSL (Secure Socket Layer)
With the rise of e-commerce in the past few years the dangers of using your credit card on the Internet have also increased. Any HTML document or form results can be seen by anyone running a packet sniffer on any network that the data passes through. In an effort to prevent credit card numbers from being intercepted and improperly used, RSA Data Security invented a method to encrypt all HTML communication between a web server and client browsers. The system, called Secure Socket Layer (SSL), uses a key and certificate system similar to PGP encryption and runs on TCP port 443 parallel to the main web server running on port 80.
ApacheSSL is a set of patches that are applied to the base Apache software distribution that enable it to handle SSL connections.
Currently, SSL is patented by RSA Data
Security and only educational and non-profit organizations may use it without
paying a licensing fee. By using OpenSSL libraries which contain
none of RSA's source code commercial users are in a "gray zone" that apparently
is outside the scope of US patent law. This patent will expire in
the year 2000, opening up free usage of SSL for all users.
SSL And 3-Letter Cloak'n'Dagger Agencies
As anybody who has tried to download the 128-bit SSL version of Netscape knows, SSL is considered "strong encryption" by the US government, and is regulated by Federal export law. It is unlawful for US citizens to export any type of SSL library or patch internationally, which basically means you shouldn't set up a public mirror of ApacheSSL or OpenSSL unless you'd like to meet a friendly federal agent from the CIA, NSA, or FBI. Or maybe all three, if it's your lucky day. Hence the reason that ApacheSSL and OpenSSL are primarily developed in Europe.
It is perfectly fine for US citizens to import and use strong cryptography, so downloading and installing ApacheSSL and OpenSSL from ftp archives located in Europe won't bring down the wrath of the Federal government on your head. Still, be careful, and think about what you're doing before you do it if you're a US citizen.