While we will certainly need to move to IPv6 when all of the IPv4 space is gone, right now, there is no reason to run Apache with IPv6 unless you need it. Disabling it is easy. Just a couple of quick changes to the Listen directive. I often do this as part of our ongoing optimizations for clients that use our Linux server management service.
IPv6 is on by Default
By default, Apache will listen on all IPs, both IPv6 and IPv4. (Assuming your system has IPv6 support). This is controlled by the Listen directive:
Turn off IPv6 in Apache
To turn off IPv6 in Apache, just change the Listen directive to:
This will limit Apache to listening only to IPv4 connections. Repeat this for port 443 if you want to stop Apache from listening for HTTPS on IPv6.
While I’ve not seen any security issues by leaving this on, I always like to minimize the threat surface as a matter of habit. If you only need Apache to listen on a set of IPs, specify just those IP addresses. Many dedicated server providers are turning up their IPv6 connections, so you don’t want to leave them exposed if you are not using them.