Basic security problems surrounding Apache Web Server 2.0 for Windows are likely to dissuade users from migrating to the upgraded version of the software.
In its latest survey of web servers, UK-based Netcraft reported "a string of security problems in the Windows [and other non-Unix] versions that may undermine confidence in the suitability of Apache for these platforms".
The news will not help to push users from Apache 1.3, which is used by about 60 per cent of UK websites running mainly on Linux and Unix systems.
The open source developers behind the web server tried to boost migration to version 2.0 last year, which aimed for better support of Windows systems, by beginning work on version 2.1, suggesting a level of maturity for version 2.0.
However, Netcraft reported that over 16,000 Apache Win32 sites on the web are potentially vulnerable to problems.
These include unauthorised directory traversal, the revealing of script source by appending invalid characters, and disk operating system device names causing denial of service attacks.
Netcraft stressed that these are stereotypical vulnerabilities that many other products have suffered from over the years, but which have since been fixed.
"Apache developers will be disappointed that they were not able to learn from other people's mistakes sufficiently well to pre-empt the same vulnerabilities appearing in their own server," said the report.
But Gartner Group research director Nikos Drakos maintained that version 2.0 is the only option for Apache for Windows.
"Version 1.3 is stable and widely used and many people with Unix and Linux systems will stick with what works, so adoption is slow," he said.
"But the whole point of version 2.0, with its improved mechanism to separate the operating system dependencies, is better performance on Windows.
"Those companies that have sites on Windows have a compelling reason to move to version 2.0 as version 1.3 has performance issues on Windows."
The small number of users is partly to blame for the security flaws surrounding version 2.0 for Windows, according to Drakos.
"The flaws reveal some sloppiness on the part of programmers, but new complex code always has problems," he explained.
"There are not enough users on Windows, so there is not as much feedback and the virtuous circle that improves open source software is not spinning fast enough."
The Netcraft survey acknowledged that, despite the security problems, the support for threading in Apache/2.0 is "a major performance breakthrough for the Windows version, and consequently sites using Apache on Windows have a bigger incentive to upgrade to version 2.0 than sites on Unix".
"This is reflected in the relative uptake of Apache 2.0: a little over one per cent of all Apache sites are running version 2, but among Windows servers the proportion is over seven per cent," it concluded.
Get the latest news, views and technology updates in a weekly round up of the Penguin's unstoppable march by signing up to vnunet.com's FREE Linux newsletter here.
Electronics and computer chain the latest high street retailer to fall into difficulties
Incisive Media and Investec Asset Management supported fundraiser crosses Atlantic in 40 days
Alphabet's health sciences division Verily have been messing with AI algorithms
North Korea's cyber attack capabilities are expanding fast - and turning their fire on a wider range of targets