previous up next


the mini multi-tasking HTTP/1.1 web-server

Facilities and Features

Client Support

4x is a web-server that supports both HTTP/1.1 and HTTP/1.0 clients. It automatically detects and takes advantage of the following HTTP/1.1 facilities:


On those host systems that provide the Pluggable Authentication Modules framework (Solaris, Linux, HP-UX, AIX, NetBSD, etc) 4x supports HTTP "Basic" client authentication, using PAM as the back-end database of user identities.

It does not yet support HTTP "Digest" authentication.


4x does not yet provide "virtual-host" facilities (multiple separate sites sharing a single IP address).

However, it can run attached to either a single IP address, or to all addresses available on the server system, so it can be used to provide multiple separate web-sites from a single system, at the cost of running multiple copies (each attached to a single address). Full support for vistual hosts is a planned enhancement.

4x is not a proxy server, and is not intended to ever be such.

At the time of writing, 4x does not support SSL/TLS encryption (HTTPS).


4x can be run with an option to recognise a ".cgi" file-type, thus providing an extension mechanism through the CGI/1.1 protocol. Full support for both "Parsed-Headers" and "No-Parsed-Headers" CGI programs is provided.

If CGI support is enabled, a mandatory timeout must also be specified, to prevent runaway CGI programs from needlessly consuming server system resources.

Note: CGI programs are currently run under the same user-account that the web-server itself runs as, and should therefore be vetted for security implications, such as the ability to reach files outside the document-root.

Options to run CGIs under an explicitly designated user account, and to run in a "chroot" restricted environment, are being researched.


Due to each client session being served by a single non-threaded dedicated process, 4x is naturally resistant to a number of problems, and restricts such problems to only the particular session that caused them.

By design, it does not suffer from address-space exhaustion, nor from memory-exhaustion due to overlarge fixed stack allocations, thread-races/collisions, and a number of other issues that can affect threaded servers; but it does so whilst still providing fully concurrent client sessions.

Due to its' simple multi-process mode of operation, a single process (session) crash, even though uinlikely, simply cannot bring down the entire web-server software, nor any other client session.

Also, because such a multi-process synchronous-I/O architecture has no internal race-conditions, it is much easier to reason about its' correctness even in the face of malformed inputs or malfunctioning clients. I am not claiming that 4x is completely bug-free, rather that its' architecture simply has less scope for bugs in the first place. Time will tell...

Performance and Efficiency

The downside to the aforementioned robustness and simplicity is that 4x will never be the absolute performance leader in terms of number of number of new connections per second. However, it does support a large number of concurrent clients, fundamentally limited only by the amount of physical memory and the maximum number of processes the host system allows.

System CPU CPU clock RAM Vintage O/S Max Simultaneous
Clients (without swapping)
Toshiba Satellite
CDT-4000 (laptop)
Pentium-II 233 MHz 160 Mb 1998 Solaris 8 1113
SPARCstation-10 dual HyperSPARC 180 MHz 512 Mb 1996 Solaris 2.6 2242

Care has been taken to ensure that the rate of new connections-per-second and throughput degrade gradually under load, rather than suddenly "falling off a cliff".

4x goes to some effort to avoid emmission of more network packets than necessary: it is not a "selfish" implementation in that way; and thus has reasonably good throughput on typical WAN (high-throughput, high-latency) networks.



"Missing" Features

previous up next [this site powered by m4] home mail me