Hiawatha is a secure and advanced Web server for Unix. It has been written with security as its main goal. It features advanced access control, prevention of SQL injection and cross-site scripting, banning of clients who try such exploits, the ability to run CGIs under any UID/GID you want, and many other features. These features make Hiawatha an interesting Web server for those who need more security than what the other available Web servers are offering. Hiawatha is also fast and easy to configure.
Alaya is a primitive chrooting Web server with basic WebDAV support. It can serve HTTPS and HTTP, and can authenticate using PAM, /etc/shadow, /etc/passwd, or using its own authentication files that allow for 'native' users that only have access to alaya content. It's intended to be a simple method of sharing content over WebDAV, and though it can be configured with a config file, it's easy to configure by command-line switches alone. Alaya always chroots to ensure that malicious users can't use '..' within a URL to access unintended documents, and that users can't accidentally leave documents in places outside of the chroot. It has a 'ChHome' mode that chroots users into their home directory and serves content from there. It supports .cgi scripts out of a trusted path (so not from within the chrooted WebDAV share) and read-only shared directories that are outside of the chroot (allowing access to shared content when in ChHome mode).