(mm) A mininal fast web server
Home | Software | Count
  ansi xterm
  web counter
  bangla font
MS Windows
MHTTPD - A Minimal, Fast Web Server for Unix
Muhammad A Muquit

MHTTPD stands for Minimal Hypertext Transport Protocol Daemon. MHTTPD is fast, simple and very small. It supports HTTP GET and POST method (that's all you need for more than 90% of time). It also supports HTTP Basic Authentication. Authentication can be performed by name and password lookup in a text file (userid:Unix_crypted_password) or from A LDAP server directly. And the server can be compiled as a secure server (SSL). The server does not have any configuration file and will not have any. Everything needed is hard coded at the top of the single C file. Anyway, you may ask why another web server? Well I'm a programmer and I need to test many aspects of web on occasions. So, it's easy if you wrote your own web server.


  • Fast, simple, small.
  • No configuration file, everything is hard-coded.
  • A single C source file.
  • Supports HTTP 1.0 GET and POST method.
  • Supports HTTP 1.0 Basic Authentication via text file or LDAP.
  • Supports CGI 1.1 specification.
  • Access control based on IP numbers (wild card can be used).
  • Can be compiled with SSL support.
  • Two versions exists, one forks for each connection and the other uses select() to multiplex internally.

    The following CGI environment variables are supported:


    The forking version is stable and complete. But this version will become inneficient under extreme load as each connection is handled by forking a process. The select() version is not complete and has some bugs. As this version does not fork() a process to handle each connection rather uses select() to multiplex internally to handle the connection, it is very efficient under extreme load.

    Technical notes
    I kept some technical notes (mainly for my own reference) while I was writing it. Please follow this link if you want to look at it. It would be boring if you are not a Unix programmer. I warned you!

    The server should not have any buffer overflow problem. I tried my best to look into it. It terminates connection if the client does not request a page within a certain pre-configured time to handle denial of service attack. If the server is invoked as root, it does setuid() to a user and setgid() to a group (hard coded in the code, look at mhttpd.c). If the uid and the gid is not found, the server will NOT start. However if you start it as a non-root user, the server will not try to switch effective uid to any other user rather it will do things with the power of the person started it. You will have to start the server as root if you want bind to a low port ( below 1024) number. The default port it listens is 9090.


  • Download:
    File: mhttpd.fork.ssl.tar.gz
    Size: 289880 bytes
    MD5 Checksum: 7e12370692fd8177363434c5f080afc5
    Last updated: ?

    Read the mhttpd.c file for all the instructions :)
    Note: Do NOT use this server in a production environment. Use Apache instead. Also remember, it's a hacker ware, meaning it might need little tweaking. Read the source mhttpd.c.


    Muhammad A Muquit
    (A Thankgiving day hack)

    And here's the must required "powered by" logo :)
    Powered by MHTTPD
  • back Page updated: Sun Mar 31 01:59:56 2013 GMT   Copyright © 2013 muquit@muquit.com.