A lightweight, production-ready HTTP/1.1 server written in C with TLS/SSL support. Ideal for embedded systems, education, or as a foundation for web services.
Features:
- ✅ HTTPS with modern TLS 1.3/1.2
- 🔑 Certificate-based authentication
- 🚀 Multi-client concurrency (fork-based)
- 🛡️ Security headers (HSTS, CSP, X-Content-Type)
- 📁 Static file serving & directory listings
- C compiler (
gcc/clang) - OpenSSL 3.x
- GNU Make
# Clone repository
git clone https://github.com/khantsithu/http-server-in-c.git
cd http-server-in-c
# Install OpenSSL (macOS/Homebrew)
brew install openssl
# Build (adjust OpenSSL paths in Makefile if needed)
make build-
Development (self-signed):
mkdir -p certs openssl req -x509 -newkey rsa:4096 -keyout certs/key.pem -out certs/cert.pem -days 365 -nodes
-
Production (Let’s Encrypt):
certbot certonly --standalone -d yourdomain.com # Symlink to project certs/ ln -s /etc/letsencrypt/live/yourdomain.com/ certs/production
| Variable | Default | Description |
|---|---|---|
PORT |
8080 |
HTTP port |
HTTPS_PORT |
8443 |
HTTPS port |
SSL_CERT |
certs/cert.pem |
Certificate path |
SSL_KEY |
certs/key.pem |
Private key path |
# HTTP only
./server
# HTTPS (with certs)
./server --https# Fetch HTML page
curl -k https://localhost:8443/
# Test security headers
curl -I https://localhost:8443/- 🔒 Never commit certificate files (add to
.gitignore) - 🔄 Automate Let’s Encrypt renewal:
certbot renew --quiet --post-hook "killall server && make run" - 🚫 Use firewall rules to restrict port access
- 📈 Monitor with tools like
fail2banornginxreverse proxy
- Fork the repository
- Create a feature branch (
git checkout -b feat/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feat/amazing-feature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for details.