The latest and greatest released version of Apache is always available
from the Apache Web site in the /dist/ location:
http://www.apache.org/dist/>. If you look at that
page, one of the first things you’ll see is a link to a way of finding
a distribution point, or mirror, that’s closer to you.
| The Apache Software Foundation only supports downloading using HTTP and the Web; FTP repositories are not provided. Mirror sites may or may not provide FTP access to their distribution areas. |
Exactly how you download the software depends on your Web browser,
but it may be as simple as holding down the ‘Shift’ key and clicking
on the name of the file.
There are two types of packages you can download from the Apache site:
The source-only packages are located in the top directory of the
URL listed above; the prebuilt binaries are located in subdirectories
underneath the /binaries/ folder.
The Apache packages are named according to a formula:
apache‘, followed by1.3.12‘),win32‘ to stressi386-whatever-linux2‘,.exe‘, or.tar.gz‘) A package that is missing the optional suffix information, such as
‘apache_1.3.12.tar.gz‘, is a source-only
package. If you download such you will have to compile and build
the server yourself from scratch. Packages that include the
optional suffix have been pre-built for the named platform,
but they also include the source code in case you want or need to
rebuild the server yourself.
The version number is very important. It’s read from left to right,
and each component is treated as a number in its own right. So the
package named ‘apache_1.3.12.tar.gz‘ contains
version ‘1.3.12’, which is pronounced ‘one point three point twelve,’ and
is more recent than ‘1.3.9’.
In addition to the packages themselves, there are frequently
accompanying signature files. These are used to verify
that the packages were really built by the Apache developers, and
have the same name as the package with either a ‘.asc‘
or ‘.md5‘ suffix attached. To use these, you will
need either something that can read and verify PGP signatures (such
as PGP itself), or a tool that can generate MD5 checksums.
The MD5 checksum, if one is provided for the package, is easier to check.
You simply use your MD5 checksumming tool to generate a checksum
of the package, and then you compare that value with what’s in the
.md5 file. For example:
% md5sum apache_1.3.12.tar.gz
de3ccff384b0d4ab94c3251cb85d49d2 apache_1.3.12.tar.gz
% cat apache_1.3.12.tar.gz.md5
MD5 (apache_1.3.12.tar.gz) = de3ccff384b0d4ab94c3251cb85d49d2
Ken Coar is a ServerWatch contributor.
ServerWatch is a top resource on servers. Explore the latest news, reviews and guides for server administrators now.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
