A web server will typically run as a daemon (system service) under a single application process. That initial process will then spawn child processes that handle virtual servers, individual websites, or even individual requests. As such, a web server could spawn hundreds or even thousands of processes per day, per hour, or even per minute.
For security, child processes normally run as unprivileged users (i.e. nobody) to prevent hackers from gaining access to the server operating system through a back door in the web server. Dynamic web applications can also serve as an added security risk, so a web server may run scripting modules as separate CGI programs, rather than as part of the web server itself.
SSL and TLS are standard on all web servers and facilitate the use of secure transactions via the HTTPS protocol.
Web servers use compression to speed up requests and serve web pages and content using less bandwidth. Gzip compression is a standard method of delivering compressed data.
The standard HTTP port for web servers is port 80, and the standard port for HTTPS is 443; however, most web servers can be configured to run on virtually any port.