Windows/Apache Web Server

Apache Server Status


Allowing people to see any information about a server, the scripts it is running, what it is doing, even showing the version numbers can be considered a security risk. It must be decided whether the server status page should be made public. I weighed the risk and decided to make the server-status page public.

Other sites also have this page enabled. To find them, search the internet for unique, static text on the page such as "total entries stored since starting:" or something similar.


The server-status page is written by the Apache mod_status module. Most of the other pages I found on different sites about it are just rewrites of the Apache documentation.

My main Apache configuration file , httpd.conf, lists all the available modules with the ones not being used commented out with a # in front of them. I found the entry:

# LoadModule status_module modules/

and removed the #. If it was not there at all, I would simply write the line in. This simple means the mod_status module loads when the Apache service is restarted. To actually use it, to the httpd.conf file I added the lines:

<Location /server-status>
SetHandler server-status
ExtendedStatus On

Turning ExtendedStatus on enables the page to report the full request and client information for each child or thread.

There is a Perl program included in most distributions of Apache called log_server_status that saves the information on the page as a single line and saves it to a log file.

Reading the Server-status Page

Some of the entries on the server-status page need an explanation, but some of that is difficult to find. Where possbile, I have pulled together what I believe is the corrct information for these entries.

The page is split into several sections. The first of which gives general, basic information about the Apache installation.

Apache server status section

Apache server status section

The only entry that probably needs explaining is Server MPM. MPM stands for Multi-Processing Module and it is these modules that bind Apache to the networks ports and are responsible for managing the threads and children to manage the requests to and from the server. The MPMs are explained in the Apache documentation.

Apache server status section

Apache server status section

The second section requires a little explanation.

The lines Parent Server Config. Generation: and Parent Server MPM Generation: refer to how the server is stopped and started. If the server service is gracefully restarted then the generation increases. I have seen server status pages where both lines have several hundred generations recorded. I doubt mine will ever get above one or two because I usually go into Windows Services and either tell the service to stop or restart which causes an immediate termination and so the generation does not increase. Apache has several pages about this such as Stopping and Restarting Apache HTTP Server, Apache MPM event, and Apache MPM worker.

The line Server load: shows three numbers, These are the server load averaged over 1, 5 and 15 minutes. Consistantly high numbers for the 5 and 15 minutes averages warrant an investigation of what the server is doing. The best explantion of these numbers I have found is at Understanding Linux CPU Load - when should you be worried? I have a quad-core processor so apparently I shouldn't be worried that all three numbers show 1.00. To be sure I looked at Windows Task Manager and that shows the sytem idle process at 98%. I looked at other public service-staus pages and one I found was at 4.03 5.04 5.59 which probably does need looking at.

I could not find anything definitive, but on the line that starts Total accesses:, the last of these, Total Duration: appears to be the total amount of time spent by the working threads in milliseconds.

The third section is a scorecard, followed by the key to it.

Apache server status scorecard section

Apache server status scorecard section

In the above illustration, the are three threads reading the reuest, two sending the request back tp the client, an one each being logged and being kept alive. What Keepalive means is that a connection is created between the server and the client, they then use the same connection to transfer all future requests as long as the client is using the site. It greatly reduces the load and work done by the server.

The fourth section are details of what the individual threads are doing, followed by the key th the columns.

Apache server status thread key section

Apache server status thread section

Apache server status thread section

Apache server status thread key section

Most of this is self-explanatory. M (Mode of operation) follows the same rules as the previous section, _, S, R, W, K etc. Thee are some common requests that keep occuring. among them are:

local goaway, streams: 0/1/1/0/1 (open/recv/resp/push/rst) - This appears to indicate a data frame error and could indicate that the stream is about to be closed. The best documentation I can find for this is in HTTP/2 request for comments 9133 document. Sometimes the data frame is maliciously malformed and the thread goes into a read state that does not terminate. A lot of threads in this state could mean the searver is under a Denial of Service (DoS) attack called Slowloris, which could eventually occupy all available threads.

explore HTTP/1.1 -I am not sure what this means yet. Many of the server-status pages I have looked at contain entries like this.

OPTIONS * HTTP/1.0 - This is basically a ping by a monitoring client to see if ithe server is online and responsive. More about OPTIONS can be found in the HTTP Semantics Request for Comments 9110 document.

The fifth and final section of the server-status page is about the SSL/TLS Session Cache Status:

Apache server status SSL/TLS Session Cache Status section

Apache server status SSL/TLS Session Cache Status section

People in some forums have reported that this section is not showing in their server-status page. This is ually caused by a mosconfiguration of the SSL Certificates. Others have reported they are getting the Apache error "SSLSessionCache: ‘shmcb’ session cache not supported"

According the the Apache document on the mod_socache_shmcb module, "The SHMCB Casche is a shared object cache provider which provides for creation and access to a cache backed by a high-performance cyclic buffer inside a shared memory segment." There are other Apache caches.

This page created November 19, 2022; last modified November 20, 2022