The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
yaSSL is a C++ based SSL library for embedded and RTOS environments, designed for individuals who prefer to use the C++ language. For a C-based solution, please see CyaSSL. yaSSL supports the industry standards up to TLS 1.2, and also includes an OpenSSL compatibility interface.
Hiawatha is a secure and advanced Web server for Unix. It has been written with security as its main goal. It features advanced access control, prevention of SQL injection and cross-site scripting, banning of clients who try such exploits, the ability to run CGIs under any UID/GID you want, and many other features. These features make Hiawatha an interesting Web server for those who need more security than what the other available Web servers are offering. Hiawatha is also fast and easy to configure.
mod_vhs is an Apache 2.2+ Web server module allowing mass virtual hosting without the need for file-based configuration. The virtual host paths are translated from any database supported by mod_ldap or mod_dbd at request time from MySQL, LDAP, PAM, or a system password file. PHP security can be basically auto-configured from the database using this module. Requests are cached by mod_ldap when configured.
muhttpd (mu HTTP deamon) is a simple but complete Web server written in portable ANSI C. It supports static pages, CGI scripts, and MIME type based handlers. It drops privileges before accepting any connections, and can log received requests. It has been tested on OpenBSD, GNU/Linux, NetBSD, FreeBSD, Mac OS X, and Cygwin. It runs successfully on 32-bits, 64-bit, little endian, and big endian systems.
Kannel is a WAP gateway. It attempts to provide this essential part of the WAP infrastructure freely to everyone so the market potential for WAP services, both from wireless operators and specialized service providers, will be realized as efficiently as possible. It also works as an SMS gateway for GSM networks. Almost all GSM phones can use it to send and receive SMS messages, so this is a way to serve many more clients than just those using a WAP phone. Kannel was among the first WAP gateways to be certified as WAP 1.1 compliant.
Das Schaefchen is a lightweight HTTP server and proxy for Unix platforms. It supports the minimum requirements of the HTTP/1.1 protocol and virtual hosts, basic authentication (which can be used to protect either files or directories), directory listing, byte ranges, reverse proxy, and FastCGI. It is an event-driven server that runs as a single process with a single thread using non-blocking I/O. It uses epoll as the event notification mechanism to multiplex control between active connections.
NatACL is a Linux firewall group policy controller for intranets and Internet. Using a internal DHCP server, it can force users to use a DHCP client, and you can block static IPs. It will bind an IP to a MAC address and enforce this usage. You can control groups that can see each other with intranet policies, or control who has access to the Internet. It also has an option to force users to authenticate themselves over the Web before accessing the Internet.
mod_sar ("sar" stands for Search And Replace) is an Apache2 module that works as an output filter. Its purpose is to search for and replace strings found in Web content before sending the content to the client. Searches performed can be case sensitive or case insensitive, depending on configuration. A good example of common usage of this module is a reverse proxy.