Appweb™ — for Embedded Web Applications

appweb Appweb is an embedded web server for web applications. It is blazing fast and has an extensive suite of security features. Appweb is optimized for hosting dynamic embedded web applications via an event-driven, multi-threaded core to deliver rapid response, fast throughput and effective memory utilization. It is compact and will embed using as little as 2MB of memory (typical 2-4MB).

Appweb has a strong set of features including: HTTP/1, HTTP/2, SSL/TLS, basic and digest authentication, virtual hosting, loadable modules, sandbox resource limits, logging, service monitoring process and extensive configuration and compilation controls. Appweb supports a wide variety of web frameworks including: ESP — the amazing "C" web framework, PHP, Python, Perl and CGI.

As one of the most widely deployed embedded web servers, Appweb is being used in networking equipment, telephony, mobile devices, consumer and office equipment as well high-speed web services.

Appweb Benefits and Features:

Embedded Device Applications

board

When used in embedded devices or applications, web servers must assume they are secondary to the essential functions that the device or application must perform. As such, the web server must minimize its resource demands and should be deterministic in the load it places on a system.

Appweb excels in this regard and is:

Appweb Internals

The core of Appweb is an event-driven, multi-threaded HTTP pipeline above which modules are loaded to provide content specific handling and to extend its functionality.

modules

Appweb has the following features:

Request Pipeline

Appweb has an efficient, zero-copy request pipeline to process requests and generate responses. This consists of a mechanism of queues, packets, buffering and event scheduling. The pipeline architecture is highly optimized and uses sendfile, async I/O and vectored, scatter/gather writes to the network to avoid the costly aggregation of data and headers in a single buffer before writing to the network.

pipeline

Security

Some web servers have become more secure by a painful process of discovery. While it is no guarantee, we believe that developing a web server to be secure by design is easier than trying to engineer-in security after the fact. For embedded web servers, the task is even more difficult, as it must be done without increasing memory footprint or degrading performance.

Appweb is designed to be secure from the foundation up, by using a secure Portable Runtime (MPR). The MPR is a cross-platform layer that permits over 97% of the Appweb code to be portable. It includes many mechanisms to assist in the creation of secure application. One such facility is a safe string and buffer handling module to help eliminate buffer overflows that have plagued many products.

Sandboxing

Appweb closely controls its use of system resources via a technique known as "sandboxing". This means running the web server within tightly controlled limits so that request errors will not compromise system operation. Appweb has also been hardened against several common denial of service attacks.

Appweb can be configured to:

To build on this foundation, Appweb also provides a Secure Sockets Layer and Digest authentication and defensive counter-measures.

Licensing

Appweb is licensed via a royalty free, commercially license with options for commercial maintenance and support.

Learn More?

To learn more about Appweb, please read: