A few days ago the Google online security blog posted an article on web server software distribution across the Internet and the corresponding number of web server software across servers distributing malware. The numbers report a slightly larger fraction of Apache servers compared to the Netcraft web server survey.

The analysis is based on crawl information and only root URLs were examined, therefore hosts that did not present a root URL (e.g. /index.htm) were not included in the statistics. This may have contributed to the disparity with the Netcraft numbers.

Global web server software distribution

Web server software across servers distributing malware

Summary and Conclusion

The statistics shows that there seams to be a much higher rate of malware distribution coming from IIS web servers. In Asia Microsoft’s IIS web server are overrepresented, mainly due to software piracy according to Google. The lack of software patches and updates not available for pirated versions of IIS allows for inclusion of malicious software, which in turn affects the overall statistics. In Western Europe and the US the numbers are reversed.

However I believe that IIS falls short when it comes to security compared to Apache as the latter is much easier to configure and maintain. Running on *nix servers also adds to this equation compared to an MS OS.

More on global software piracy and numerous other statistics can be obtained from NationMaster.com. This great resource also allows you to compare stats and build visual comparisons in (almost) any way you like.