Use the links below to download the Apache HTTP Server from one of our mirrors. You must verify the integrity of the downloaded files using signatures downloaded from our main distribution directory.

Only current recommended releases are available on the main distribution site and its mirrors. Older releases are available from the archive download site.

If you are downloading the Win32 distribution, please read these important notes.

Mirror

The currently selected mirror is http://mirror.fslutd.org/apache. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available. Other mirrors: http://mirror.fslutd.org/apachehttp://apache.mirror.facebook.comhttp://download.filehat.com/apachehttp://apache.tradebit.com/pubhttp://mirrors.24-7-solutions.net/pub/apachehttp://www.eng.lsu.edu/mirrors/apachehttp://download.nextag.com/apachehttp://apache.siamwebhosting.comhttp://apache.mirrors.redwire.nethttp://apache.cs.utah.eduhttp://mirrors.kahuki.com/apachehttp://mirror.x10.com/mirror/apachehttp://www.gossipcheck.com/mirrors/apachehttp://mirror.nyi.net/apachehttp://mirrors.sirium.net/pub/apachehttp://mirrors.isc.org/pub/apachehttp://www.mirrorgeek.com/apache.orghttp://mirror.cc.columbia.edu/pub/software/apachehttp://www.ibiblio.org/pub/mirrors/apachehttp://apache.mirrors.timporter.nethttp://mirror.olnevhost.net/pub/apachehttp://www.uniontransit.com/apachehttp://apache.osuosl.orghttp://apache.mirrors.hoobly.comhttp://www.reverse.net/pub/apachehttp://apache.ziply.comhttp://apache.mirrors.tds.nethttp://www.hightechimpact.com/Apachehttp://mirror.atlanticmetro.net/apachehttp://veritris.com/mirrors/apachehttp://www.gtlib.gatech.edu/pub/apachehttp://mirrors.lqdinternet.com/apachehttp://ftp.wayne.edu/apachehttp://mirror.its.uidaho.edu/pub/apachehttp://www.urlstructure.com/apachehttp://apache.hoxt.comhttp://mirrors.enquira.com/apachehttp://ossavant.org/apachehttp://apache.mirrormax.nethttp://www.signal42.com/mirrors/apachehttp://government-grants.org/mirrors/apache.orghttp://www.ip97.com/apache.orghttp://apache.mirror99.comhttp://apache.deathculture.nethttp://apache.seekmeup.comhttp://www.axint.net/apachehttp://www.devlib.org/apachehttp://www.alliedquotes.com/mirrors/apachehttp://mirror.the-irc.org/apachehttp://www.trieuvan.com/apachehttp://www.pangex.com/pub/apachehttp://mirror.candidhosting.com/pub/apache ftp://apache.mirrors.tds.net/pub/apache.orgftp://mirror.nyi.net/apacheftp://www.ibiblio.org/pub/mirrors/apacheftp://ftp.osuosl.org/pub/apacheftp://ftp.wayne.edu/apacheftp://apache.cs.utah.edu/pub/apache.org http://www.apache.org/dist (backup)http://www.eu.apache.org/dist (backup) You may also consult the complete list of mirrors.

Apache HTTP Server 2.2.9 is the best available version

2008-06-13

The Apache HTTP Server Project is pleased to announce the release of Apache HTTP Server, version 2.2.9. This release represents ten years of innovation by the project, and is recommended over all previous releases! In particular, this release fixes a few potential security vulnerabilites. For details see the Official Announcement and the CHANGES_2.2 and CHANGES_2.2.9 lists Add-in modules for Apache 1.3 or 2.0 are not compatible with Apache 2.2. If you are running third party add-in modules, you must obtain modules compilied or updated for Apache 2.2 from that third party, before you attempt to upgrade from these previous versions. Modules compiled for Apache 2.2 should continue to work for all 2.2.x releases. Unix Source: httpd-2.2.9.tar.gz [PGP] [MD5] Unix Source: httpd-2.2.9.tar.bz2 [PGP] [MD5] Win32 Source: httpd-2.2.9-win32-src.zip [PGP] [MD5] Win32 Binary without crypto (no mod_ssl) (MSI Installer): apache_2.2.9-win32-x86-no_ssl-r2.msi [PGP] [MD5] Win32 Binary including OpenSSL 0.9.8h (MSI Installer): apache_2.2.9-win32-x86-openssl-0.9.8h-r2.msi [PGP] [MD5] Other files

Apache HTTP Server 2.0.63 is also available

2008-01-19

Apache 2.0.63 is the current stable version of the 2.0 series, and is recommended over any previous 2.0 release. This release fixes a few potential security vulnerabilites. For details see the Official Announcement and the CHANGES_2.0 and CHANGES_2.0.63 lists. Apache 2.0 add-in modules are not compatible with Apache 1.3 nor 2.2 modules. If you are running third party add-in modules, you will need to obtain modules compiled for or compatible with Apache 2.0 from that third party, before you attempt to use this specific release. Unix Source: httpd-2.0.63.tar.gz [PGP] [MD5] Unix Source: httpd-2.0.63.tar.bz2 [PGP] [MD5] Win32 Source: httpd-2.0.63-win32-src.zip [PGP] [MD5] Win32 Binary without crypto (no mod_ssl) (MSI Installer): apache_2.0.63-win32-x86-no_ssl.msi [PGP] [MD5] Win32 Binary including OpenSSL 0.9.7m (MSI Installer): apache_2.0.63-win32-x86-openssl-0.9.7m.msi [PGP] [MD5] Other files

Apache 1.3.41 is also available

2008-01-19

Apache 1.3.41 is the current stable version of the 1.3 series, and is recommended over any previous 1.3 release. This release is basically a security fix release. For details see the Official Announcement and the CHANGES_1.3 and CHANGES_1.3.41 lists. Use the Apache 1.3.41 version only if you must use a third party module that is not available as an Apache 2.x module. Modules compiled for Apache 2.x are not compatible with Apache 1.3, and modules compiled for Apache 1.3 are not compatible with Apache 2.x. Unix Source: apache_1.3.41.tar.gz [PGP] [MD5] Unix Source: apache_1.3.41.tar.bz2 [PGP] [MD5] Unix Source: apache_1.3.41.tar.Z [PGP] [MD5] Other files

Apache FTP module for Apache HTTP Server released as 0.9.2-beta

2008-06-30

The Apache HTTP Server Project is pleased to announce the release of Apache FTP module for Apache HTTP Server, version 0.9.2 as beta. Not recommended yet for production use, it is still missing several features and accomodation for spec-incompatible clients. Users are encouraged to test and provide feedback on this beta release. For information about this module subproject, see the mod_ftp module project page. Unix Source with LF line endings: mod_ftp-0.9.2-beta.tar.gz [PGP] [MD5] Win32, Netware or OS/2 Source with CR/LF line endings: mod_ftp-0.9.2-beta-crlf.zip [PGP] [MD5]

Verify the integrity of the files

It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures. Please read Verifying Apache HTTP Server Releases for more information on why you should verify our releases. The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using % pgpk -a KEYS % pgpv apache_1.3.24.tar.gz.asc or % pgp -ka KEYS % pgp apache_1.3.24.tar.gz.asc or % gpg --import KEYS % gpg --verify apache_1.3.24.tar.gz.asc httpd-2.2.9.tar.* is signed by Jim Jagielski 08C975E5 httpd-2.0.63.tar.* is signed by Jim Jagielski 08C975E5 apache_1.3.41.tar.* is signed by Jim Jagielski 08C975E5 apache_*.msi are signed by William Rowe B55D9977(CB9B9EC5) httpd-2.*-win32-src.zip are signed by William Rowe B55D9977(CB9B9EC5) mod-ftp-0.9.2-beta* are signed by William Rowe B55D9977(CB9B9EC5) Alternatively, you can verify the MD5 signature on the files. A unix program called md5 or md5sum is included in many unix distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from here, here, or here.