Open Source Parking Spoofing Headers to Benefit Apache

An open source initiative to reverse gains for Microsoft web server software appears to be using edited server headers to try and improve the showing of the Apache web server. Sites using the Open Source Parking service report that they are running on Apache, but appear to actually be hosted on lighttpd. Both Apache and lighttpd are open source web servers, but Apache leads in the Netcraft survey with a 59 percent market share, while lighttpd is a newcomer with just 1.2% share.

Open Source Parking was formed last year by Linux evangelist Bruce Perens to counter a 5 percent market share gain by Microsoft in the April 2006 survey, when domain registrar Go Daddy shifted 4.5 million parked domains from Linux to Windows Server 2003. The project's goals are to increase the market share for open source software and generate revenue from advertising on the parked domains to fund political efforts on behalf of the open source community. While parked domains can be challenging to track accurately, there is no evidence that the effort has made any impact on web server market share.

Open Source Parking is not the only site to intentionally alter server headers, with security concerns cited as a motivation in some instances. The issue for Open Source Parking appears to be that Perens prefers lighttpd, but many open source supporters view Apache's stats as the key metric in the market share battle with Microsoft servers. The possibility that Open Source Parking would use fake Apache headers was discussed by Perens shortly after the project was announced.

HTTP header order is often characteristic of a web server. The opensourceparking.com headers say Apache, but have the Date & Server headers last, a pattern which is identical to the lighttpd response and entirely unlike a typical Apache response. The etag is also not in Apache format, and matches the lighttpd format:


http://www.lighttpd.net

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "-968787920"
Accept-Ranges: bytes
Last-Modified: Tue, 27 Mar 2007 20:27:33 GMT
Content-Length: 3665
Date: Sun, 01 Apr 2007 10:23:53 GMT
Server: lighttpd/1.4.13

http://opensourceparking.com

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "-2025453841"
Accept-Ranges: bytes
Last-Modified: Mon, 01 Jan 2007 15:24:53 GMT
Content-Length: 2912
Date: Sun, 01 Apr 2007 10:24:30 GMT
Server: Apache/2.0.54 (Debian GNU/Linux); Hello Netcraft!

http://www.apache.org

HTTP/1.1 200 OK
Date: Sun, 01 Apr 2007 10:25:00 GMT
Server: Apache/2.3.0-dev (Unix)
Last-Modified: Thu, 29 Mar 2007 01:00:37 GMT
ETag: "921bbd-3e5f-486b9740"
Accept-Ranges: bytes
Content-Length: 15967
Cache-Control: max-age=86400
Expires: Mon, 02 Apr 2007 10:25:00 GMT
Vary: Accept-Encoding
Content-Type: text/html

Perens downplayed the significance of Microsoft's market share gains because they relied upon parked domains. "This is an 'appearance' change only, because the sites involved have no content," he wrote in announcing the service. "But managers believe figures like those in the Netcraft report, and act on them."

Apache is used by domain registrars Register.com, 1&1 Internet, Dotster and DirectNIC, while Demand Media/eNom uses Windows Server 2003.