March 2025 Web Server Survey

In the March 2025 survey we received responses from 1,197,680,522 sites across 275,633,322 domains and 13,402,722 web-facing computers. This reflects an increase of 17.0 million sites and 976,381 domains, and a loss of 77,628 web-facing computers.

nginx made the largest gain of 5.1 million sites (+2.12%) this month, increasing its market share to 20.5% (+0.14pp). Cloudflare made the next largest gain of 3.7 million sites (+2.49%).

Apache suffered the largest loss of 451,949 sites (-0.23%) this month, and now accounts for 16.0% (-0.27pp) of sites seen by Netcraft. Microsoft experienced the next largest loss of 189,378 sites (-1.03%).

Vendor news

  • Google Cloud launched a new region in Sweden on March 6th.
  • Apache Tomcat versions 9.0.102, 10.1.39 and 11.05 were released between March 5th and 7th. These versions improve protection against a race condition allowing remote code execution on case insensitive filesystems.
Total number of websites
Web server market share
Developer February 2025 Percent March 2025 Percent Change
nginx 240,182,690 20.34% 245,275,749 20.48% 0.14
Apache 192,401,922 16.30% 191,949,973 16.03% -0.27
Cloudflare 150,432,756 12.74% 154,171,314 12.87% 0.13
OpenResty 111,442,093 9.44% 112,063,651 9.36% -0.08

Web server market share for active sites
Developer February 2025 Percent March 2025 Percent Change
nginx 36,179,069 18.38% 35,283,083 17.89% -0.49
Cloudflare 34,245,606 17.40% 35,122,370 17.81% 0.41
Apache 32,549,711 16.54% 32,140,051 16.30% -0.24
Google 18,744,996 9.52% 19,492,434 9.89% 0.36

For more information see Active Sites.

Web server market share for top million busiest sites
Developer February 2025 Percent March 2025 Percent Change
Cloudflare 229,874 22.99% 223,176 22.32% -0.67
nginx 201,058 20.11% 203,732 20.37% 0.27
Apache 178,287 17.83% 179,491 17.95% 0.12
Microsoft 41,612 4.16% 42,049 4.20% 0.04
Web server market share for computers
Developer February 2025 Percent March 2025 Percent Change
nginx 5,319,894 39.46% 5,368,409 40.05% 0.59
Apache 3,079,017 22.84% 3,066,454 22.88% 0.04
Microsoft 1,166,631 8.65% 1,166,997 8.71% 0.05
Web server market share for domains
Developer February 2025 Percent March 2025 Percent Change
Apache 51,860,896 18.88% 51,840,052 18.81% -0.07
nginx 50,684,106 18.45% 50,292,713 18.25% -0.21
OpenResty 47,057,779 17.13% 47,174,160 17.11% -0.02
Cloudflare 28,694,732 10.45% 29,368,444

Continue reading March 2025 Web Server Survey

Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates

Autopsy 4.22.0 is available. Big features for this release are BitLocker support, ability to run alongside Cyber Triage, and updates to lower-level libraries. You can download the release here and get […]

The post Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates appeared first on Autopsy.

Continue reading Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates

Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates

Autopsy 4.22.0 is available. Big features for this release are BitLocker support, ability to run alongside Cyber Triage, and updates to lower-level libraries. You can download the release here and get […]

The post Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates appeared first on Autopsy.

Continue reading Autopsy 4.22.0 Release: BitLocker Support, Cyber Triage Sidecar, Library Updates

February 2025 Web Server Survey

In the February 2025 survey we received responses from 1,180,650,484 sites across 274,656,941 domains and 13,480,350 web-facing computers. This reflects an increase of 19.2 million sites, 1.3 million domains, and 56,361 web-facing computers.

nginx made the largest gain of 12.5 million sites (+5.51%), now accounting for 20.3% (+0.74pp) of sites seen by Netcraft. Cloudflare experienced the next largest gain of 3.9 million sites (+2.68%).

OpenResty suffered the largest loss this month, reducing its market share to 2.99%. Apache experienced the next largest loss of 4.5 million sites.

Vendor news

Total number of websites
Web server market share
Developer January 2025 Percent February 2025 Percent Change
nginx 227,636,798 19.60% 240,182,690 20.34% 0.74
Apache 196,934,678 16.96% 192,401,922 16.30% -0.66
Cloudflare 146,502,560 12.61% 150,432,756 12.74% 0.13
Google 61,978,277 5.34% 62,745,061 5.31% -0.02

Web server market share for active sites
Developer January 2025 Percent February 2025 Percent Change
nginx 36,827,229 18.89% 36,179,069 18.38% -0.51
Cloudflare 32,122,224 16.48% 34,245,606 17.40% 0.92
Apache 33,614,146 17.24% 32,549,711 16.54% -0.70
Google 18,317,836 9.40% 18,744,996 9.52% 0.13

For more information see Active Sites.

Web server market share for top million busiest sites
Developer January 2025 Percent February 2025 Percent Change
Cloudflare 237,838

Continue reading February 2025 Web Server Survey

The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand

Key Data

  • darcula-suite represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customizable phishing campaigns.
  • Novel use of Headless Chrome and browser automation tool allows even non-technical criminals to quickly and easily clone any brand’s legitimate website and create a phishing version.
  • The latest version of darcula-suite is expected to launch in mid-February. 
  • Since March 2024, Netcraft has detected and blocked more than 90,000 new darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites on behalf of Netcraft clients after first exposing darcula.

Overview

The criminals at darcula are back for more blood, and they mean business with one of the more impactful innovations in phishing in recent years. The new version of their “Phishing-as-a-Service” (PhaaS) platform, darcula-suite adds first-of-its-kind personalization capabilities to the previously built darcula V2 platform, using Puppeteer-style tools to allow criminals to build advanced phishing kits that can now target any brand with the click of a button.  

In March 2024, Netcraft analysts exposed the innovative darcula phishing platform, created with advanced capabilities and pre-built phishing content aimed at many of the world’s largest brands, most notably the United States Postal service (USPS). The criminal group behind darcula is set to launch its next wave of innovation in February 2025 with darcula-suite.  

The darcula V2 platform had a major impact on more than 200 brands worldwide, which the criminal organization targeted with pre-built phishing kits in its darcula library. For example, Netcraft has identified and blocked more than 95,000 malicious darcula URLs — and taken down more than 20,000 malicious domains on behalf of clients — over the last 10 months.  

The combination of traditional phishing and smishing with AI-driven improvements make phishing a lucrative business. And, …

Continue reading The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand

January 2025 Web Server Survey

In the January 2025 survey we received responses from 1,161,445,625 sites across 273,352,681 domains and 13,423,989 web-facing computers. This reflects an increase of 11.7 million sites, 770,099 domains, and 163,336 web-facing computers.

Cloudflare experienced the largest gain of 9.7 million sites (+7.13%) this month, increasing its market share to 12.6% (+0.72pp) of sites seen by Netcraft. OpenResty made the next largest gain of 2.8 million sites (+2.49%).

Apache suffered the largest loss of 2.0 million sites (-0.98%) this month, decreasing its market share to 17.0% (-0.34pp). Google experienced the next largest loss of 413,828 sites (-0.66%).

Vendor news

Total number of websites
Web server market share
Developer December 2024 Percent January 2025 Percent Change
nginx 226,171,028 19.67% 227,636,798 19.60% -0.07
Apache 198,890,333 17.30% 196,934,678 16.96% -0.34
Cloudflare 136,757,549 11.89% 146,502,560 12.61% 0.72
OpenResty 112,584,126 9.79% 115,381,972 9.93% 0.14

Web server market share for active sites
Developer December 2024 Percent January 2025 Percent Change
nginx 36,362,945 18.81% 36,827,229 18.89% 0.07
Apache 34,037,621 17.61% 33,614,146 17.24% -0.37
Cloudflare 31,976,614 16.55% 32,122,224 16.48% -0.07
Google 19,724,966 10.21% 18,317,836 9.40% -0.81

For more information see Active Sites.

Web server market share for top million busiest sites
Developer December 2024 Percent January 2025 Percent Change
Cloudflare 241,861 24.19% 237,838 23.78% -0.40
nginx 198,724 19.87% 198,786 19.88% 0.01
Apache 182,697 18.27% 177,682 17.77% -0.50
Microsoft 42,514 4.25% 41,646 4.16% -0.09
Web server market share for computers
Developer December 2024 Percent January 2025 Percent Change
nginx 5,107,656 38.52% 5,307,532 39.54% 1.02
Apache 3,122,055 23.54% 3,088,215 23.01% -0.54
Microsoft 1,219,404 9.20% 1,166,024 8.69% -0.51
Web server market share for domains
Developer December 2024 Percent January 2025 Percent Change
Apache 53,825,093 19.75% 53,044,316 19.41% -0.34
nginx 49,627,315 18.21%

Continue reading January 2025 Web Server Survey

The Truth of the Matter: Scammers Targeting Truth Social Users

Key Data

  • Threat actors immediately target new Truth Social users — Netcraft received more than 30 messages within hours of creating an account.
  • Truth Social’s structure gives threat actors easy access to target groups with more than 100,000 members.
  • Advance Fee Fraud scams average $250, with some scammers asking for as much as $1,000 at once on Truth Social.
  • Central European, French-speaking threat actor prey on global victims by impersonating trusted brands including: Spotify, Disney+, EasyPark, Sky, Netflix, and Google.

Overview

Truth Social — the social media platform created by Trump Media & Technology Group (TMTG) in 2022 — is being abused to deploy scams at scale, from phishing websites to investment scams, according to Netcraft analysis. 

Case in point: The Netcraft team received more than 30 scam messages within just a few hours of creating a single account on Truth Social. And, the cost of falling for these scams can be high. 

The Federal Trade Commission (FTC) reported that 1 in 4 Americans who reported losing money to fraud since 2021 said it started on social media. During this same time period, reported losses to scams on social media hit $2.7 billion, far higher than any other method of contact. But this doesn’t include the large portion of scams that go unreported – and only looks at the United States. The true cost of social media scams worldwide is likely billions, if not trillions. 

Looking more closely at Truth Social, Gizmodo explored consumer complaints filed with the FTC over the past two years. According to the research, the complaints about scams are “the most shocking, if only because there are such large sums of money involved.” 
This blog post details Netcraft’s initial analysis of threat actors and malicious campaigns being used on Truth Social to target its users. Netcraft continually …

Continue reading The Truth of the Matter: Scammers Targeting Truth Social Users

The Truth of the Matter: Scammers Targeting Truth Social Users

Key Data

  • Threat actors immediately target new Truth Social users — Netcraft received more than 30 messages within hours of creating an account.
  • Truth Social’s structure gives threat actors easy access to target groups with more than 100,000 members.
  • Advance Fee Fraud scams average $250, with some scammers asking for as much as $1,000 at once on Truth Social.
  • Central European, French-speaking threat actor prey on global victims by impersonating trusted brands including: Spotify, Disney+, EasyPark, Sky, Netflix, and Google.

Overview

Truth Social — the social media platform created by Trump Media & Technology Group (TMTG) in 2022 — is being abused to deploy scams at scale, from phishing websites to investment scams, according to Netcraft analysis. 

Case in point: The Netcraft team received more than 30 scam messages within just a few hours of creating a single account on Truth Social. And, the cost of falling for these scams can be high. 

The Federal Trade Commission (FTC) reported that 1 in 4 Americans who reported losing money to fraud since 2021 said it started on social media. During this same time period, reported losses to scams on social media hit $2.7 billion, far higher than any other method of contact. But this doesn’t include the large portion of scams that go unreported – and only looks at the United States. The true cost of social media scams worldwide is likely billions, if not trillions. 

Looking more closely at Truth Social, Gizmodo explored consumer complaints filed with the FTC over the past two years. According to the research, the complaints about scams are “the most shocking, if only because there are such large sums of money involved.” 
This blog post details Netcraft’s initial analysis of threat actors and malicious campaigns being used on Truth Social to target its users. Netcraft continually …

Continue reading The Truth of the Matter: Scammers Targeting Truth Social Users

December 2024 Web Server Survey

In the December 2024 survey we received responses from 1,149,724,280 sites across 272,582,582 domains and 13,260,653 web-facing computers. This reflects an increase of 8.6 million sites, 550,526 domains, and 146,420 web-facing computers.

nginx experienced the largest gain of 6.4 million sites (+2.92%) this month, and now accounts for 19.7% (+0.41pp) of sites seen by Netcraft. Cloudflare made the next largest gain of 2.6 million sites (+1.90%).

Apache experienced the largest loss of 1.1 million sites (-0.54%) this month, reducing its market share to 17.3% (-0.23pp). OpenResty suffered the next largest loss, down by 1.0 million sites (-0.88%).

000webhost shutdown

Earlier this year, Hostinger announced the closure of its 000webhost brand, which provided free web hosting. It has now shut down all remaining 000webhost sites, resulting in the number of sites hosted at Hostinger dropping by just under 50% this month – from 15.3 million to 8.1 million.

Most of the sites Hostinger lost this month no longer exist – only around 114,000 moved to competitors.

Vendor news

Total number of websites
Web server market share
Developer November 2024 Percent December 2024 Percent Change
nginx 219,759,986 19.26% 226,171,028 19.67% 0.41
Apache 199,979,734 17.52% 198,890,333 17.30% -0.23
Cloudflare 134,206,904 11.76% 136,757,549 11.89% 0.13
OpenResty 113,588,554 9.95% 112,584,126 9.79% -0.16

Web server market share for active sites
Developer November 2024 Percent December 2024 Percent Change
nginx 36,316,193 18.92% 36,362,945 18.81% -0.10
Apache 34,282,183 17.86% 34,037,621 17.61% -0.25
Cloudflare 31,345,424 16.33% 31,976,614 16.55% 0.22
Google 18,476,835 9.63% 19,724,966 10.21% 0.58

For more information see Active Sites.

Web server market share for top million busiest sites
Developer November 2024 Percent December 2024 Percent Change
Cloudflare 239,325 23.93% 241,861 24.19% 0.25
nginx 198,976

Continue reading December 2024 Web Server Survey

November 2024 Web Server Survey

In the November 2024 survey we received responses from 1,141,129,846 sites across 272,032,056 domains and 13,114,233 web-facing computers. This reflects an increase of 10.1 million sites, 277,239 domains, and 110,998 web-facing computers.

Cloudflare experienced the largest gain of 2.6 million sites (+1.96%) this month, and now accounts for 11.8% (0.12pp) of sites seen by Netcraft. Google made the next largest gain of 1.4 million sites (+2.39%).

nginx experienced the largest loss of 6.6 million sites (-2.92%) this month, reducing its market share to 19.3% (-0.75pp). Microsoft suffered the next largest loss, down by 634,406 sites (-3.24%).

Vendor news

Total number of websites
Web server market share
Developer October 2024 Percent November 2024 Percent Change
nginx 226,359,600 20.01% 219,759,986 19.26% -0.75
Apache 199,150,231 17.61% 199,979,734 17.52% -0.08
Cloudflare 131,624,333 11.64% 134,206,904 11.76% 0.12
OpenResty 113,940,338 10.07% 113,588,554 9.95% -0.12

Web server market share for active sites
Developer October 2024 Percent November 2024 Percent Change
nginx 36,782,559 18.98% 36,316,193 18.92% -0.06
Apache 34,610,609 17.86% 34,282,183 17.86% -0.00
Cloudflare 31,263,058 16.13% 31,345,424 16.33% 0.20
Google 19,110,196 9.86% 18,476,835 9.63% -0.24

For more information see Active Sites.

Web server market share for top million busiest sites
Developer October 2024 Percent November 2024 Percent Change
Cloudflare 238,294 23.83% 239,325 23.93% 0.10
nginx 200,444 20.04% 198,976 19.90% -0.15
Apache 186,870 18.69% 184,687 18.47% -0.22
Microsoft 43,904 4.39% 43,604 4.36% -0.03
Web server market share for computers
Developer October 2024 Percent November 2024 Percent Change
nginx 5,053,891 38.87% 5,132,851 39.14% 0.27
Apache 3,131,957 24.09% 3,118,996 23.78% -0.30
Microsoft 1,170,825 9.00%

Continue reading November 2024 Web Server Survey