The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
Wt is a C++ library for developing Web applications with an API that is widget-centric and inspired by existing C++ graphical user interface APIs. To the developer, it offers abstraction of Web-specific implementation details, increasing the accessibility and portability. Under the hood, the library uses the latest techniques (HTML5, Ajax, WebSockets) to handle user events and update the Web page.
Unicorn is a Unix and LAN/localhost-optimized fork of the Mongrel HTTP server. It takes full advantage of functionality exclusive to Unix-like operating systems. It will reap and restart workers that die from broken apps, and there is no need to manage multiple processes yourself. Load balancing is done entirely by the operating system kernel. Requests never pile up behind a busy worker. The server does not care if your application is thread-safe or not, as workers all run within their own isolated address space and only serve one client at a time. All Rack applications are supported along with pre-Rack versions of Ruby on Rails via a Rack wrapper. It also supports atomic log cycling, nginx-style binary re-execution without losing connections, before_fork and after_fork hooks, and optional copy-on-write-friendly memory management.
ModSecurity is an intrusion detection and prevention engine for Web applications (sometimes called a Web application firewall). Operating embedded or as part of an Apache reverse proxy, it increases Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure. It monitors HTTP traffic (including POST payloads), detects or prevents attacks, enhances logging, performs anti-evasion, and allows administrators to create custom rules to suit their specific needs. It excels in HTTP traffic monitoring and just-in-time vulnerability patching.
yaSSL is a C++ based SSL library for embedded and RTOS environments, designed for individuals who prefer to use the C++ language. For a C-based solution, please see CyaSSL. yaSSL supports the industry standards up to TLS 1.2, and also includes an OpenSSL compatibility interface.
Rainbows! is an HTTP server for sleepy Rack applications. It is based on Unicorn, but designed to handle applications that expect long request/response times and/or slow clients. For Rack applications not heavily bound by slow external network dependencies, consider Unicorn instead as it simpler and easier to debug.
KLone is a fully-featured, multi-platform framework which allows dynamic Web pages to be written in C/C++ (with the usual <% /* code */ %> style). The pages can then be embedded (in compressed and/or encrypted form) into a single executable that also contains KLone's high-performance HTTP/S server. Given its nature, it can be linked natively to any C/C++ library (database, XML, graphics, etc.), without an intermediate layer, and it is especially suited for low-resource (embedded) systems.
Httpx takes over the front-line position of binding and listening on the public address and port of your virtual Web hosting server. In this role, it scans incoming requests looking for the HTTP/1.1 Host: request header entity. Once the Host: value is found for a given request, it is routed to a UNIX domain socket in the local file system located through a cached database lookup. Over this UNIX domain socket, an inter-process descriptor pass occurs to a Web server modified slightly to receive TCP socket descriptors passed over a UNIX domain socket instead of binding, listening for, and accepting TCP sockets. This allows vhosts to share an IP address while having private, host-specific, potentially unique httpd contexts.