Skip navigation

How to Update Apache on OS X Mountain Lion Server?

4340 Views 2 Replies Latest reply: Jan 9, 2013 3:01 AM by zzTontozz RSS
zzTontozz Level 1 Level 1 (0 points)
Currently Being Moderated
Jan 8, 2013 11:57 PM

Folks,

 

I have installed the latest version of OS X Mountain Lion and the corresponding OSX Lion Server.

After quite a process I managed to update PHP to the latest 5.4.10 (albeit sans internationalisation).

 

However, I haven't found a detailed set of steps via Google on how to manually update the Apache web server on this type of system.

The installed version of Apache is 2.2.22. On 2012-09-13 Apache released 2.2.23 which fixes some potential security vulnerabilities.

Given that security is an important consideration for a server I would like to update the apache web server.

 

Could someone please post the ./configure steps etc to do this?

 

I am primarily using the server on a Mac Mini for an Intranet. So, would it be better to install Apache 2.4.3 (released 2012-08-21) instead of Apache 2.2.2?

Or are the differences to great that it would break the system? Why does Apache have two different versions for a product that does the same thing?

Please advise. Thanks,

 

Regards,

 

Tony

Mac mini, OS X Server
  • Camelot Level 8 Level 8 (45,670 points)

    Given that security is an important consideration for a server I would like to update the apache web server.

     

    Maybe. Did you check the changelist to see what's new? It seems like a possible XSS flaw in mod_negotiation and MultiViews (both of which can be configured in httpd.cond) and a local path escalation issue (which isn't exploitable remotely).
    My point is that, yes, security is important, but that doesn't mean you have to jump all over every update.

     

    Could someone please post the ./configure steps etc to do this?

     

    Run:

     

    httpd -V

     

    This will show Apache's standard version data, including the compile options.

     

    You may be able to ./configure the latest Apache 2.2.x version as a drop-in replacement for Apple's version, but may have more trouble with 2.4.x

     

    If you really want 2.4.x then your best option is to install a parallel version in your own directory and run that, eschewing Apple's solution (including the GUI 'control').

     

    Or are the differences to great that it would break the system? Why does Apache have two different versions for a product that does the same thing?

     

    Apache have always maintained multiple versions/branches of httpd. 2.4 introduces new concepts and, potentially, incompatibilities. They maintain the previous version so that you can continue using (and trusting) it while newer versions are tested for compatibility. It's similar to how Apple continue to provide OS support for Lion even though Mountain Lion is the 'current' version.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.