Get 2.4

What are you waiting for? httpd 2.4 has been the preferred stable release since 2012; httpd 2.2 is still supported, but it first appeared in 2006 and we won't keep updating it forever. Start moving to 2.4 before you have to.

The "official" list of reasons to upgrade is long but admittedly quite boring. The key takeaways for 2.4 are

• all sorts of configuration improvements
• Event MPM as the commonly used processing model on Unix, with drastically reduced thread requirements, even compared with the experimental Event MPM with 2.2
• numerous improvements in support of lean web server configurations which communicate with web applications running out of process
• new SSL features such as support for Elliptic Curve keys, OCSP for validating client certificate status, and OCSP Stapling to allow clients to validate server certificate status
  

You need this stuff!

Some of the drag on the uptake of 2.4 has been due to Linux distribution cycles, but there are also plenty of cases where the documented configuration for using third-party software with httpd is some old and heavy mechanism from when you were in high school, and the promoted configuration for nginx is a lean web server setup with segregation between front-end and application.

httpd bundled with the OS

As time goes on, more and more OS distributions are including httpd 2.4. Even when they don't, even versions from several years ago may include a version of OpenSSL new enough to support modern protocols (as well as httpd 2.4).

For situations with a sufficient level of OpenSSL bundled, other support libraries such as Expat, PCRE, and zlib are also bundled. You just need to build apr 1.latest, apr-util 1.latest, and httpd 2.4.latest.

Modern ways to configure applications with httpd

Where "Modern" == lean web server proxying application requests to separate processes

• For PHP applications
• For Python applications