Reports of security issues should not be reported here. Please see the security report page if you have concerns or think you have discovered a security hole in the Apache Web server software.

If you have identified a bug in the Apache HTTP Server, please fill out a problem report form and submit it. Before you do that, though, make sure you have done all of the following:

1. Verified that the bug exists in the most recent version of Apache.
2. Followed the instructions in the INSTALL file correctly
3. Tried compiling with only the distributed set of modules and with no other patches (so that we can make sure it's an Apache bug and not a bug in a module or patch provided by someone else). It is frustrating to take time and effort to track down a problem only to figure out it caused by a broken third party module.
4. Looked at the error log. Please include any related messages in your report, or state that there are none.
5. Checked the FAQ.
6. Searched the bug report database. When you are doing this, you should be sure to search closed problem reports in addition to open ones. The search form on the main bugzilla page by default applies only to open reports; to search all bug reports, begin the search with the keyword "ALL". For example, the following search will find all reported proxy bugs in Apache 2.0: "ALL httpd-2.0 mod_proxy". Some helpful queries:
   • All bugs fixed in the last 60 days
   • Frequently reported bugs (bugs with duplicates changed in the last 30 days)
   • All bugs changed in the last 10 days

Unless you are sure you have found a bug in the Apache HTTP Server, we strongly recommend that you try the Apache HTTP Server Users List before using the bug database. If you don't receive a response within a few days, then please submit it to the Apache bug database. If it's a known issue, you'll probably get a faster response from the mailing list and you will help keep developer time free for improving Apache. Most bug reports submitted are actually user configuration problems that could be easily fixed by asking in the mailing list. Do not post to the mailing list and submit a bug report at the same time. This wastes everyone's time. Post to the mailing list and wait a few days.

If you have done all of the preceding, then please select the button below and fill out the form, and we will respond to it as soon as we can.

Do NOT send configuration questions or requests for help debugging CGI! If you're tracing spam or you're here because one of your favourite Web sites now says 'It Worked! Apache is installed!' -- then contact the mail originator or the Web site's Webmaster directly, because they're just using our software and we have nothing to do with them. Don't waste your time or ours by telling us about it.

Use the links below to submit bug reports:

• Apache Bug Database. The appropriate Bugzilla projects for Apache HTTPD are "Apache httpd-1.3" and "Apache httpd-2.0".
• Old Apache Bug Database. You may look at our old Apache Bug Database, but it will not be kept up to date or maintained. Please submit new bugs to the Bugzilla database.