MHTTPD - A Minimal, Fast Web Server for Unix
Muhammad A Muquit
MHTTPD stands for Minimal Hypertext
MHTTPD is fast, simple and very small. It supports HTTP GET and POST
method (that's all you need for more than 90% of time).
It also supports
HTTP Basic Authentication. Authentication can be performed by name and
password lookup in a text file (userid:Unix_crypted_password) or from
server directly. And the server can be compiled as a
The server does not
have any configuration file and will not have any. Everything needed is hard
coded at the top of the single C file.
Anyway, you may ask why another web server? Well I'm a programmer and
I need to test many aspects of web on occasions. So, it's easy if you wrote
your own web server.
Fast, simple, small.
No configuration file, everything is hard-coded.
A single C source file.
GET and POST method.
Basic Authentication via text file or LDAP.
Access control based on IP numbers (wild card can be used).
Can be compiled with SSL support.
Two versions exists, one forks for each connection and the other uses
select() to multiplex internally.
The following CGI environment variables are supported:
The forking version is stable and complete. But this version will become
inneficient under extreme load as each connection is handled by forking a
process. The select() version is not complete and has some bugs.
As this version does not fork() a process to handle each connection rather
uses select() to multiplex internally to handle the connection, it is very
efficient under extreme load.
I kept some technical notes (mainly for my own reference) while I was
writing it. Please follow this link
if you want to look at it. It would be boring if you are not a Unix
programmer. I warned you!
The server should not have any buffer overflow problem. I tried my best
to look into it. It terminates connection if the client does not request
a page within a certain pre-configured time to handle denial of service
If the server is invoked as root, it does
setuid() to a user and setgid() to a group (hard coded in the code, look
If the uid and the gid is not
found, the server will NOT start. However if you start it as a non-root
user, the server will not try to switch effective uid to any other
user rather it will do things with the power of the person started it. You
will have to start the server as root if you want bind to a low port (
below 1024) number. The default port it listens is 9090.
Read the mhttpd.c file for all the instructions :)
Note: Do NOT use this server in a production
Apache instead. Also remember,
it's a hacker ware, meaning it might need little tweaking. Read the source
Muhammad A Muquit
(A Thankgiving day hack)
And here's the must required "powered by" logo :)