November 2006 Web Server Survey

There are now more than 100 million web sites on the Internet, which gained 3.5 million sites last month to continue the dynamic growth seen throughout 2006. In the November 2006 survey we received responses from 101,435,253 sites, up from 97.9 million sites last month.

The 100 million site milestone caps an extraordinary year in which the Internet has already added 27.4 million sites, easily topping the previous full-year growth record of 17 million from 2005. The Internet has doubled in size since May 2004, when the survey hit 50 million.

Blogs and small business web sites have driven the explosive growth this year, with huge increases at free blogging services at Google and Microsoft. Domain industry juggernauts Go Daddy (U.S.) and 1&1 Internet (Germany) have also seen strong demand for low-priced domain names and shared hosting accounts.

The first Netcraft survey in August 1995 found 18,957 hosts, with the NCSA web server dominating with 57 percent market share, leading CERN (19%) and a newcomer named Apache (3.5%). Microsoft's Internet Information Server launched in February 1996, and by the survey's fifth birthday the server market was largely divided up between Apache and IIS. This month Apache leads with 60.3% market share, with Microsoft at 31.0% and Sun at 1.7%.

Previous milestones in the survey were reached in April 1997 (1 million sites), February 2000 (10 million), September 2000 (20 million), July 2001 (30 million), April 2003 (40 million), May 2004 (50 million), March 2005 (60 million), August 2005 (70 million). April 2006 (80 million ) and August 2006 (90 million).

Total Sites Across All Domains August 1995 - November 2006

Total Sites Across All Domains, August 1995 - November 2006

Graph of market share for top servers across all domains, August 1995 - November 2006

Top Developers
DeveloperOctober 2006PercentNovember 2006PercentChange
Apache6016664261.446118377660.32-1.12
Microsoft3070402131.353148700531.04-0.31
Sun3321130.3417037671.681.34
Zeus5223110.535202280.51-0.02

Continue reading

Paypal Remains Online Despite Explosion

An explosion at online payment processor Paypal caused property damage, but resulted in no injuries. The company's web site, one of the Internet's busiest e-commerce sites, remained online throughout the incident.

The explosion Tuesday night at Paypal's network operations center in San Jose shattered a window and forced the evacuation of 26 employees, according to local media reports. Law enforcement officials said they "have suspicions" about what may have caused the blast, but did not detail them. The investigation team included members of the local police bomb squad.

paypal.com site performance

A dynamically updating chart of the performance of Paypal.com is available here. Netcraft offers a web site performance monitoring service that provides detailed uptime charts, along with e-mail alerts when an outage occurs.

MySpace Accounts Compromised by Phishers

Netcraft has discovered that the social networking site, MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form is designed to submit the victim's username and password to a remote server hosted in France.

myspace-hacked.png
The hackers have engineered a fake login form on MySpace's own web site.

Netcraft has notified MySpace of the issue, although it currently remains live. Because the fraudulent login page is hosted on MySpace's own servers and does not exhibit any signs of external content, such as cross-site scripting (XSS) or open redirects, it is convincing and even security-conscious users are at risk of becoming victims. The attack is launched from a profile page, where the username is login_home_index_html, and uses specially-crafted HTML in order to hide the genuine MySpace content from the page and instead display its own login form.

myspace-hacked2.png
The modifed login form, hosted on myspace.com.
Login details are harvested by a remote server, hosted in France.

Once a user account has been compromised, personal data can be harvested. The Washington Post recently published an article outlining why it can be useful for fraudsters to obtain accounts on MySpace, and other social networking sites.

myspace-hacked3.png
Users of the Netcraft Toolbar are protected against the attack.

The attack was reported by a member of the Netcraft Toolbar community and blocked after investigation by Netcraft. Users of the Netcraft Toolbar are therefore protected against this phishing attack, as they will be warned when visiting the fake login form or when accessing the data-harvesting server in France.

Extended Downtime for Mosso

Grid hosting providers may offer advantages over dedicated servers, but they're not immune to downtime. Mosso, a utility computing start-up launched earlier this year with backing from Rackspace, has experienced a significant outage today. The mosso.com web site was offline for more than an hour this morning after a series of shorter outages yesterday.

Mosso uses a "hosting system" of clusters of servers, an approach initially seen in enterprise hosting, which can offer advantages in redundancy and performance. The company is one of a growing number of hosting providers moving to grid hosting as an alternative to discount dedicated servers, which have been enormously popular with hosting resellers and power users. Improved reliability is among the key selling points for grid systems.

mosso.com site performance

A dynamically updating chart of the performance of the Mosso.com is available. Netcraft offers a web site performance monitoring service that provides detailed uptime charts, along with e-mail alerts when an outage occurs.

Price Competition Emerges in Grid Hosting

This year's hot trend in web hosting is grid computing, which employs server clusters to bring the advantages of enterprise-level infrastructure to affordable web hosting plans. As with any trend in web hosting, it hasn't taken long for a price war to break out.

On Tuesday Los Angeles hosting firm Media Temple unveiled GridServer, offering industrial-strength specs for just $20 a month. The account comes with 100 gigabytes of disk space, 1 terabyte of monthly data transfer and the ability to host up to 100 domains. Two other prominent grid initiatives launched this year by dedicated hosting companies, ServePath's UtilityServe and Rackspace-backed Mosso, price their grid hosting plans at $99 a month. Media Temple's pricing could also prove disruptive to shared hosting providers with clustered hosting plans, including NetFirms and Cartika Hosting, which offer cheaper monthly pricing ($9.99 and $14.99, respectively) but much lower allowances for disk space and bandwidth.

Continue reading

September Phishing Site Competition Winners

Netcraft's September competition saw many internet users battling it out to gain a top spot in our phishing site reporters list.

To show our appreciation to the community, Netcraft will be sending a top of the range "Thanks for all the Phish" commemorative iPod to the five people who reported the largest number of phishing reports accepted during September.

The winners are: Leo, Giovanni, David, Patrick and Jerrid. Many thanks for your efforts! Each phishing site that is reported vastly reduces the number of victims falling prey to fraudulent activity on the Web. Netcraft has now received, reviewed and blocked more than 200,000 unique URLs reported to us as phishing sites.

The Netcraft Toolbar, which is available for both Internet Explorer and Firefox, serves as a giant neighborhood watch scheme for the Internet: members who encounter a phishing fraud can act to defend the larger community of users against the attack. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL and widely disseminated attacks simply mean that the phishing attack will be reported and blocked sooner.

In recent reviews Ziff-Davis comments "In testing on live phishing sites, IE 7 RC1 failed to identify as many phishing sites as Netcraft's free IE toolbar. " while the Washington Post remarked "I've visited countless phishing sites in the past few months, and Netcraft's toolbar has done its job almost unfailingly."