Difference between revisions of "Web Service"

From Tardis
Jump to: navigation, search
(CGI Status)
(Ruby: Enabling)
Line 29: Line 29:
  
 
=== Ruby ===
 
=== Ruby ===
 +
Ruby scripts can be run using '''mod_ruby'''. To enable interpreting of files add the following to a <code>.htaccess</code> file:
 +
 +
Options +ExecCGI
 +
RubyRequire apache/ruby-run
 +
AddHandler ruby-object rbx
 +
RubyHandler Apache::RubyRun.instance
 +
 +
All files that end with .rbx will now be interpreted with Ruby.
 +
'''NB:''' The .rbx file must have the Execute bit set or else a 403 Forbidden error will occur.
  
 
=== Databases ===
 
=== Databases ===

Revision as of 23:37, 2 April 2009

Admin Information

Usage Information

The web service currently runs on davros, which also hosts the disks with the web content. You can find your webspace at: /tardis/www/users/USERNAME/. If this directory does not exist, please contact an Admin.

This should contain two directories: pages/ and cgi-bin/. Nothing should be put directly in the top level directory and while this is currently allowed for some users it will be deprecated shortly. The pages/ directory may be used to serve static content, and PHP. Most common libraries are already installed, but if you require a particular library please speak to an Admin.

Pages can be externally accessed via http://www.tardis.ed.ac.uk/~USERNAME/. CGI scripts can be found http://www.tardis.ed.ac.uk/~USERNAME/cgi-bin/.

NOTE: CGI in user directories is presently broken due to a combination of suEXEC and a non-standard hosting path. It will be fixed when we have our new webserver with Lenny installed (which comes with the apache2-suexec-custom package).

Note on installing web applications

Tardis is frequently crawled by web-indexing services, and hence sites hosted on Tardis are very visible to the outside world, often unexpectedly. Unmaintained galleries, blogs, etc. are frequent targets for spammers.

If you install a web-facing applicaions (eg. Gallery, etc), you MUST:

  • Keep all web-facing applications on Tardis updated with the latest security patches. Subscribe to the relevant security mailing lists.
  • Disable anonymous user input or use effective CAPTCHAs (A good option is reCAPTCHA), if such an option exist.

While we will disable insecure applications if we find them, we cannot guarantee to. Security of Tardis services is the responsibility of all of the project members, and the existence of insecure applications may jeopardise the project's continued existence.

Supported Software

PHP

Tardis (grudgingly) runs PHP4/5, and we can install extensions if you require them.

Python

Ruby

Ruby scripts can be run using mod_ruby. To enable interpreting of files add the following to a .htaccess file:

Options +ExecCGI
RubyRequire apache/ruby-run
AddHandler ruby-object rbx
RubyHandler Apache::RubyRun.instance

All files that end with .rbx will now be interpreted with Ruby. NB: The .rbx file must have the Execute bit set or else a 403 Forbidden error will occur.

Databases

MySQL and PostgreSQL are available. See: Database Service.

Web Applications

Currently there are some packages which are installed site-wide on the webserver which you should be able to make use of. For these, see their individual pages for details. Any other popular Webapps should probably be manage globally if at all possible.