WWW Services Guide
Written by Scott Ostrander   
Thursday, 02 February 2006 07:45

This page addresses common questions about the University of Utah School of Computing Web services, found at: http://www.cs.utah.edu. Suggestions for additions and modifications to this page are welcome through e-mail to: This email address is being protected from spambots. You need JavaScript enabled to view it..

Personal Web Pages

  • How do I put my home page on the Web server?

    You can setup your own Web pages by putting your HTML files in a directory in your home dir called public_html. e.g. /home/username/public_html (where username is your UNIX login name.) Your page will be visable via the following http://www.cs.utah.edu/~username URL.

NOTE: Be sure that you are logged into the SoC and not the CADE. The CADE does not have access to our filesystems or user directories. Login to shell.cs.utah.edu if you do not have a personal SoC workstation.

It is also important to remember that your Web space counts in your total quota for your SoC account.

 

  • Can I use a .public_html directory in my home directory?

    No, the server only looks at public_html. You can always symlink the dir via: cd ~ && ln -s public_html .public_html if you prefer accessing the directory via .public_html

     

  • Why don't I show up linked on the graduate or undergraduate students page?

    This process is automatic and the script is run daily/weekly. If you need to have your material linked in, e-mail This email address is being protected from spambots. You need JavaScript enabled to view it. with your URL, your full name and .bio_file.

     

  • What's the best way to let someone e-mail me from a Web page?

    To provide a link on your Web pages for people to send you e-mail the easiest method is to use a mailto URL. Make sure to specify the full Internet hostname (including the domain name component) in the hostname info portion of this URL. For example:

     

    Suggestions for additions and modifications to this page are welcome through e-mail to username@cs.utah.edu.

     

    Only if you need to have specific information passed (for instance the output of an HTML form) should you consider using a CGI e-mail program.

    Note that putting your e-mail address on a Web page is an open invitation for spam e-mail, as some companies use software to scour the Web for e-mail addresses to add to their mailing lists. You may want to investigate obfuscating your email address with javascript or some other scripting language. Also be sure that your CGI program and/or form does not allow open relaying of e-mail. Failure to do such could mean the revocation of your CGI and/or web privileges.

     

  • How do I use imagemaps?

    Our Web services support both internal and external imagemaps. For more information see:

    http://hoohoo.ncsa.uiuc.edu/docs/tutorials/imagemapping.html

    Though both internal and external imagemaps are supported, it is often easier to create HTML based, external imagemaps in your Web pages.

     

  • Can the server include information into a Web page on the fly?

    Yes. Our Web server provides this functionality through Server Side Includes (SSI). Files using server side include directives must have a .shtml extension to have them parsed and their directives performed. All server side include commands, except for the exec command, are enabled.

    See: http://hoohoo.ncsa.uiuc.edu/docs/tutorials/includes.html for a general tutorial on server side includes.

    See: http://www.apache.org/docs/mod/mod_include.html for specific details.

     

  • How do I set permissions on my Web Pages?

    Since the Web server is run from a UNIX system, permissions on your Web pages and sub-directories should be set using the UNIX chmod command.

    When setting permissions on directories, set User, Group and Other permissions to Read and Execute. When setting file permissions, set User, Group and Other permissions to Read.

    An example:

     

    chmod 0755 my_directory

    chmod 0644 my_file

     

    For more information, see the chmod man page.

    Note: It is very important that you do not set permissions using the Windows file property settings, as Windows Access Control List (ACL) permissions can confuse the UNIX Web server and cause your pages to be inaccessible, in spite of how the permissions appear from UNIX.

    Finally, you must have your home directory be scannable by others in order for the web server to have access to your public_html dir. Or you must 'bless' the directory and use group perms. (See below.) If you wish MultiViews to work, then the directory must be readable as well as scannable.

    chmod o+x ~username

     

  • How do I restrict access to my Web pages?

    General info on limiting access to ones Web pages can be found at:

    http://hoohoo.ncsa.uiuc.edu/docs/setup/access/Overview.html.

    You should also be careful in setting the UNIX file permissions on your HTML files. For a typical, unprotected document, giving the owner read and write privileges while limiting the group access and everyone else to read only, should be used. If you are trying to protect the file for only certain eyes to see, make sure that only the group www can read the file and that all others are locked out.

    You can change the group ownership of a file with the chgrp command. File permissions can be set with chmod. See their respective man pages for further information.

    If you are setting up a .htaccess file with a password file to limit access to only certain users, it is a good idea to create a separate directory to store your password file and add a .htaccess file to that directory with the limit clause set to "deny from all". This will prevent anyone from accessing the password file through the Web server.

    An example:

     

    AuthName "My Name"
    AuthType Basic

     

        deny from all

     

  • How do I make a file that only the Web server can read, but others can't?

    Sometimes you will have files that you wish to restrict the access on, to only the Web server and yourself. Files such as .htaccess and .htpasswd and even some CGI programs fall into this category.

    It is impossible for users to create files for the www-only group. Only the Web server can access files in this group, so that permissions can be set for only the Web server and the owner to have access to the file on any level.

    A special binary, bless-www-only, located in /uusoc/opt/bin can be used to "bless" your file after you have created it and set the permissions via the chmod command. You'll probably want to chmod it to mode 0640. Run bless-www-only without any arguments to get a usage. Note that if you later move blessed files across file system boundries they will loose their blessed status and will revert to your default GID. You will have to re-bless them to regain the www-only status.

    You will now have a secure file, which only you can edit and only you and the Web server itself can access.

  • Where is the htpasswd binary located?

On shell.cs.utah.edu it is located in /usr/bin/. Either add that location to your path or call it by the absolute path.

  • How can I point my SoC Web space to a different server?

    You can use the Redirect directive within the per-directory .htaccess file to redirect lookups elsewhere. So for example, to redirect all accesses of your local Web-address/URL to http://www.somewhere-else/~username instead, add the line:

     

        Redirect /~
    username
         http://www.somewhere-else/~
    username

     

    to your /home/username/public_html/.htaccess file.

    For more information on the Redirect directive see:

    http://hoohoo.ncsa.uiuc.edu/docs/tutorials/howto/Redirect.html.

     

  • Why am I getting a "Server Misconfigured Error" or "Internal Server Error" when I try to access my Web space?

    The most common reason this type of error message is generated is due to a syntax error in a .htaccess file, syntax errors with your scripted page, or permission problems on a scripted page. You may look at the error logs. For more information on writing CGI's under the suEXEC model please see http://www.apache.org/docs/suexec.html If you are using php, please read the suPHP documentation. Details on the logs are located further below on this page.

     

  • Is there a way to provide custom error messages?

    Yes. The Web server is configured to allow overriding of FileInfo directives, so a .htaccess file can be used along with the ErrorDocument directive, to redefine the error message that's returned to a browser, based on the number of the error.

    For example:

     

        ErrorDocument 403 /~
    username
      /errors/forbidden.html

     

     

  • What extensions are supported for directory index files and in what order of precendence? The directory index order is as follows:

    index.html index.shtml index.pl index.php index.php3 index.php4 index.py index.cgi index.xml index.htm

     

  • What information can be added to server generated directory indexes?

    Your per-directory .htaccess file, besides being useful in restricting access to your Web pages, can also be used to change what information is shown in server generated directory indexes. Some nifty directory indexing features are available that allow individual descriptions for files and subdirectories as well as automatically scan in HTML titles from your documents. You can turn these additional features on or off by creating a .htaccess file within the relevant directory and setting the particular IndexOptions you want.

    For instance, in your .htaccess file:

     

        IndexOptions FancyIndexing ScanHTMLTitles

        AddDescription "C source file" .c

     

    will provide a fancy directory index listing that describes HTML files using the contents of their title headers, and the .c files as being C source files.

    For more information see: http://hoohoo.ncsa.uiuc.edu/docs/tutorials/index-tutorial.html andhttp://hoohoo.ncsa.uiuc.edu/docs/setup/srm/IndexOptions.html.

     

  • What's a CGI program?

    CGI stands for Common Gateway Interface. A CGI program is basically an extension of the Web server's functionality through outside scripts or compiled programs. For more information see: http://hoohoo.ncsa.uiuc.edu/cgi/overview.html.

     

  • What languages are supported for CGI's and/or Scripting?

    Perl, PHP, and Python are all supported.

    Perl should be invoked via /usr/local/bin/perl

    Python should be invoked via /usr/bin/python

    Please see the PHP Documentation for details on how to write php pages.

     

  • How can I run my own CGI programs?

    Our server is configured to allow the execution of CGI programs from anywhere in your public_html space via suEXEC.

    For your personal CGI programs, you only need to name the file with the .cgi extension and set the permissions of the program to be executable with the chmod command. See the chmod man page for further information. Note also, if for any reason you change your default login group, be sure to change the group ownership of your cgi_bin directory and all CGI programs to match your new default group, or suexec will not be able to execute the programs.

  • How can I test my CGI program?

    Here are some tips:

     

    • Write your CGI such that it can additionally be run from the command line.
    • Write your CGI so that it can return error messages on its standard output since its standard error stream isn't accessible.
    • Avoid using compiled languages since the Web server's architecture is not fixed. The current servers are SuSE Linux Intel systems, but this isn't guaranteed to remain that way.
    • Perl is in /usr/bin/perl, python in /usr/bin/python
    • Be sure to check the error logs

     

  • What databases are supported?

    There are no (SQL) databases supported by the web servers.

 

    • How do I secure my wiki/php/installed programs?

      Be sure to restrict access to the admin section of the program via an .htaccess file. THIS IS NOT AN OPTIONAL STEP.  If your pages are compromised via the admin section of your installed program YOU WILL LOSE web privileges.  An example entry would be:

Order deny,allow

deny from all

allow from cs.utah.edu

 

It is also CRITICAL that you keep your programs patched.  Failure to keep your programs up-to-date may result in your web space being locked and/or your web privileges being removed.

 

 


  • Class Web Pages

  • How can I find the web page for a School of Computing course?

    Classes are currently hosted by the CADE.

     


    Web Resources

  • Documentation on Apache?

    The Apache manual is online.

     

  • What newsgroups are there for the Web?

    There's an ever growing number of USENET newsgroups dealing with the World Wide Web. Here's a partial list:

     

    news:comp.infosystems.www A general WWW newsgroup.news:comp.infosystems.www.browsers.x A WWW newsgroup on browsers for the X Window System. news:comp.infosystems.www.announce A moderated newsgroup for announcements of new Web sites/pages.

     

  • What are the specifications for HTML markup?

    The authoritative source for information on HTML, is the W3C (World Wide Web Consortium).You can find their material covering HTML, CSS, DOM, XML and everything else.

     


    The School of Computing Web Server

  • What platform does our Web server run on?

    Our servers are currently dual-core Athlons running Ubuntu Linux, and are dynamically load-balanced via a virtual IP address on a Foundry ServerIron.

     

  • What Web server software do we run?

    We are running Apache 2.x.

     

  • How is our Web server configured?

    We support the following modules

        core_module (static)
        log_config_module (static)
        logio_module (static)
        mpm_prefork_module (static)
        http_module (static)
        so_module (static)
        alias_module (shared)
        auth_basic_module (shared)
        auth_kerb_module (shared)
        authn_file_module (shared)
        authnz_ldap_module (shared)
        authz_default_module (shared)
        authz_groupfile_module (shared)
        authz_host_module (shared)
        authz_user_module (shared)
        autoindex_module (shared)
        cgi_module (shared)
        deflate_module (shared)
        dir_module (shared)
        env_module (shared)
        fastcgi_module (shared)
        geoip_module (shared)
        include_module (shared)
        ldap_module (shared)
        mime_module (shared)
        negotiation_module (shared)
        perl_module (shared)
        python_module (shared)
        rewrite_module (shared)
        ruby_module (shared)
        setenvif_module (shared)
        ssl_module (shared)
        status_module (shared)
        suexec_module (shared)
        suphp_module (shared)
        userdir_module (shared)

     

  • What kind of logging does the Web server do?

    Logs are in the NCSA combined format.

    Here's an example access log line (note that the example log entry is all one line though your browser may be word wrapping it):

    foo.com - - [09/Feb/1996:17:22:31 -0700] "GET /index.html HTTP/1.0" 200 4024 "http://www.bar.gov" "Mozilla/1.2N (Windows; I; 32bit)"

     

  • How do I get data from the Web logs?

    Logging for the Web server can be found in /uusoc/sys/logs/www/YYYY/Month.

    Logs will have the format of servname-logtype-date e.g. /uusoc/sys/logs/www/2005/January/www.cs.utah.edu-access_log.2005_Jan_8

    The current day's logs will be uncompressed and not DNS resolved. A nightly cronjob runs the old logs through a DNS resolver and then gzip's them.

    You may use the grep command to easily find items related to your Web space. See the grep man page for further information.

    You can then run your log entries through a Web analysis program such as analog that is provided in /usr/bin on shell.cs.utah.edu.

    Also a general summary of web stats is provided via awstats on the Facility Support Stats Website.

    Error logs are in the same directory as the access logs. Just replace the word "access" with "error". If you are having problems with your CGI's not working, check the error logs. They will usually give you the reason why.

    Server logs exist from mid September, 1999, to the present. (Prior to January 2005, the log file names were slightly different, but the log format is the same.)


  • I self-manage my own machine and want to run a web server, but how do I get around the firewall?

 

Run your web server on port 8080 instead of port 80. Note that some OS distributions set apache to run SSL on port 8080 by default.  This is not requried and may be turned off if you wish.