Secure your Network
Advertise on Netcraft
About Netcraft
Join Netcraft
Site Map
Netcraft Home What's that site running?
Web Server Survey
SSL Server Survey
Explore web sites
News
 Netcraft Web Server Survey Reports  Graphs  Mechanics  Developers  Servers  Most Requested Sites  Archive

SSL Survey

Jobs available at Netcraft

The Netcraft Web Server Survey is a survey of Web Server software usage on Internet connected computers. We collect and collate as many hostnames providing an http service as we can find, and systematically poll each one with an HTTP request for the server name.
In the August 2002 survey we received responses from 35,991,815 sites.

Market Share for Top Servers Across All Domains August 1995 - August 2002

Graph of market share for top servers across all domains, August 1995 - August 2002

Top Developers

DeveloperJuly 2002PercentAugust 2002PercentChange
Apache2145349857.622285912363.515.89
Microsoft1186671831.87913978525.39-6.48
Zeus7870712.117651152.130.02
iPlanet4945671.334868681.350.02

Active Sites

DeveloperJuly 2002PercentAugust 2002PercentChange
Apache1081198765.211100165066.641.43
Microsoft417604825.19407405824.68-0.51
iPlanet2140631.292089681.27-0.02
Zeus1839211.111841431.120.01

Totals for Active Servers Across All Domains June 2000 - August 2002


iPlanet is the sum of sites running iPlanet-Enterprise, Netscape-Enterprise, Netscape-FastTrack, Netscape-Commerce, Netscape-Communications, Netsite-Commerce & Netsite-Communications.

Microsoft is the sum of sites running Microsoft-Internet-Information-Server, Microsoft-IIS, Microsoft-IIS-W, Microsoft-PWS-95, & Microsoft-PWS.

Platform groupings are here.

Around the Net

Microsoft loses around 6% share this month, as register.com continues to fluctuate between using a Windows and Linux front end, and homestead.com , which originally based its business model on support from advertising, cleared away over a million sites. Homestead recently raised $5M from its investors to assist its transition to a paid for serivces model. To complete a bad news month for Microsoft's share of the survey, Reuters reports that the Federal Trade Commission will investigate the relationship between Verisign and Interland with respect to marketing domain names. The NSI domain parking system hosted at Interland is the other large repository of parked sites on the Microsoft platform. Earlier in the year large numbers of sites were reaped at Namezero, which had a controversial relationship with NSI regarding reselling domain names.

Apache SSL servers vulnerable to OpenSSL remote exploits

A detailed code review by Ben Laurie and colleagues at A.L. Digital has unearthed four remotely exploitable buffer overflows in OpenSSL. Some of these can be used to execute arbitrary code on the server, and most sites using Apache for encrypted transactions and ecommerce will be vulnerable to the attack. Coming hard on the heels of the recent vulnerabilities remote vulnerabilities in Microsoft Commerce Server, Microsoft-IIS, and the main Apacheserver, a great many ecommerce sites are presently vulnerable to direct attack over the internet.

Counter-intuitively, web site managers seem quicker to fix conventional HTTP servers than SSL servers, perhaps because they recieve more traffic, or because the http service is the conduit favoured by worm writers. Almost half of the 22 million Apache HTTP sites found by the survey are running Apache/1.3.26, whilst only around a quarter of the Apache SSL sites are running this version, which fixes the chunked encoding vulnerability. 

Explorer error allows impersonation of SSL sites

A recently demonstrated vulnerability in the Internet Explorer browser allows web sites certified by Verisign to assume the identity of other sites, including well known and widely used commerce sites. 

The vulnerability is regarded as fundamental in that the majority of people working in the digital certification industry are employed to perform identity checks on people and businesses to ensure that they are who they say are, and that the Explorer bug allows an attacker to cut directly through that process. In practice, impersonation of unrelated sites will also require that the attacker poison the DNS or engage in some form of url rewriting, and so actual attacks are likely to be thin on the ground. 

However, another possibility is that some people may utilise the vulnerability to make use of Verisign certificates as a kind of company licence. Someone in a large corporation might, instead of buying 100 certificates from Verisign,  save money by buying just one, and produce the remaining 99 using the process outlined by Mike Benham.

Who's winning in the hosting industry?

Presently, the mainstream coverage of the hosting industry is full of doom and gloom. In the last couple of weeks, Digex and Divine have each reported $50M in quarterly losses, and many of the largest companies in the industry such as Worldcom, Global Crossing, and XO, have set a course of huge losses, bankruptcy and SEC investigation.

Given the widespread coverage of these events, people could be forgiven for thinking that it was not possible to operate a hosting company at a profit, or even to grow revenue in the present environment. Yet, amidst the carnage, some companies with more carefully chosen business models have been able grow at rates which would normally be regarded as impressive, but seem outstanding in the current climate.

Taking the hosting companies identified by the Web Server Survey and restricting the analysis to those that have no known finanical problems and were already large at the start of the year, shows that eight companies companies have achieved roughly 30% growth [ rackspace is 29 and a fraction] since the start of the year, and seem set for 50% year on year growth measured by responding ip addresses.

 

Hosting Companies with fastest increase in responding ip addresses, January - August 2002

 Hosting Company  January 2002  August 2002  Change 
rackshack.net 5,48510,32988%
cybercon.com 8,60712,37344%
crystaltech.com 7,10910,18843%
interland.net 92,052125,58936%
dialtoneinternet.net 24,42932,75234%
sphere.ad.jp 8,17310,77132%
he.net 9,79112,81031%
rackspace.com 9,41912,17629%

Leading the table by a wide margin is rackshack.net which offers exceptionally cheap pricing. Rackshack also has an ISP business ev1.net, which may make its cost of ownership of bandwidth lower than for pure dedicated server vendors.

It is noteworthy that all of the fastest growing companies are all majoring in dedicated servers, although Interland and Crystaltech also have a large shared business. Dedicated servers have proved the most successful segment of the industry, though the largest shared hosters, Alabanza and Pair Networks are also showing good growth, but at a rate below the companies in the table.

Also, noteworthy from Sun's perspective, is that few of the companies continue to offer Cobalt, which was not long ago a defacto standard in the dedicated server industry. Hosters now prefer servers from IBM, Compaq, or no name boxes, with third party control panels. Notably, Rackshack dropped Cobalt near the start of the year, not long after placing the largest ever order for Cobalt servers in December.

Reports and Interactive Queries

Reports are provided showing server usage for the Internet as a whole, and for selected domains, with links to all the sites responding to the survey. A facility for you to check what server a particular site is running now is also available. The same form can be used to ensure that a particular site is included in future surveys. A directory of sites running in developer domains is also provided, A while the sites discovered by the survey can be explored.

Fair Use, Copyright

Excerpts from this survey may be reproduced if Netcraft and the url http://www.netcraft.com/survey/ are attributed.

 Netcraft Web Server Survey Reports  Graphs  Mechanics  Developers  Servers  Most Requested Sites  Archive
Your comments and suggestions are most welcome webmaster@netcraft.com © Netcraft 2002