Difference between revisions of "Web Service"

From Tardis
Jump to: navigation, search
Line 2: Line 2:
  
 
== Usage Information ==
 
== Usage Information ==
The web service currently runs on [[mara]], which also hosts the disks with the web content.
+
The web service currently runs on [[mantis]], which also hosts the disks with the web content.
 
You can find your webspace at: <tt>/tardis/www/users/USERNAME/</tt>. If this directory does not exist, please [[Contact | contact an Admin]].
 
You can find your webspace at: <tt>/tardis/www/users/USERNAME/</tt>. If this directory does not exist, please [[Contact | contact an Admin]].
  
This should contain two directories: <tt>pages/</tt> and <tt>cgi-bin/</tt>. Nothing should be put directly in the top level directory and while this is currently allowed for some users it will be deprecated shortly. The pages/ directory may be used to serve static content, and PHP. Most common libraries are already installed, but if you require a particular library please speak to an Admin.  
+
This will contain the following directories: <tt>pages/</tt> and <tt>cgi-bin/</tt> (though cgi-bin is now on-request). The pages/ directory may be used to serve static content, and PHP. Most common libraries are already installed, but if you require a particular library please speak to an Admin.  
  
 
Pages can be externally accessed via http://www.tardis.ed.ac.uk/~USERNAME/. CGI scripts can be found http://www.tardis.ed.ac.uk/~USERNAME/cgi-bin/.
 
Pages can be externally accessed via http://www.tardis.ed.ac.uk/~USERNAME/. CGI scripts can be found http://www.tardis.ed.ac.uk/~USERNAME/cgi-bin/.
 
'''NOTE''': CGI in user directories is presently broken due to a combination of suEXEC and a non-standard hosting path. It will be fixed when we have our new webserver with Lenny installed (which comes with the apache2-suexec-custom package).
 
  
 
=== Note on installing web applications ===
 
=== Note on installing web applications ===
  
Tardis is frequently crawled by web-indexing services, and hence sites hosted on Tardis are very visible to the outside world, often unexpectedly. Unmaintained galleries, blogs, etc. are frequent targets for spammers.
+
Tardis is frequently crawled by web-indexing services and hence sites hosted on Tardis are very visible to the outside world, often unexpectedly. Unmaintained forums, galleries, blogs, etc. are frequent targets for spammers.
  
 
If you install a web-facing applicaions (eg. Gallery, etc), you '''MUST''':
 
If you install a web-facing applicaions (eg. Gallery, etc), you '''MUST''':
 
* Keep all web-facing applications on Tardis updated with the latest security patches. Subscribe to the relevant security mailing lists.
 
* Keep all web-facing applications on Tardis updated with the latest security patches. Subscribe to the relevant security mailing lists.
* Disable anonymous user input or use effective CAPTCHAs (A good option is [http://recaptcha.net/ reCAPTCHA]), if such an option exist.
+
* Disable anonymous user input or use effective CAPTCHAs (A good option is [http://recaptcha.net/ reCAPTCHA]).
  
While we will disable insecure applications if we find them, we cannot guarantee to. Security of Tardis services is the responsibility of '''all''' of the project members, and the existence of insecure applications may jeopardise the project's continued existence.  
+
While we will disable insecure applications if we find them, we cannot guarantee to. Security of Tardis services is the responsibility of '''all''' of the project members, and the existence of insecure applications may jeopardise the project's continued existence.
  
 
== Supported Software ==
 
== Supported Software ==
  
 
=== PHP ===
 
=== PHP ===
Tardis (grudgingly) runs PHP4/5, and we can install extensions if you require them.
+
Tardis runs PHP4/5, and we can install extensions if you require them.
  
 
=== Python ===
 
=== Python ===
Line 63: Line 61:
  
 
* [[Wiki Service]]
 
* [[Wiki Service]]
* [[Blog Service]]
 
  
 
== Useful Tricks ==
 
== Useful Tricks ==

Revision as of 18:07, 18 March 2010

Admin Information

Usage Information

The web service currently runs on mantis, which also hosts the disks with the web content. You can find your webspace at: /tardis/www/users/USERNAME/. If this directory does not exist, please contact an Admin.

This will contain the following directories: pages/ and cgi-bin/ (though cgi-bin is now on-request). The pages/ directory may be used to serve static content, and PHP. Most common libraries are already installed, but if you require a particular library please speak to an Admin.

Pages can be externally accessed via http://www.tardis.ed.ac.uk/~USERNAME/. CGI scripts can be found http://www.tardis.ed.ac.uk/~USERNAME/cgi-bin/.

Note on installing web applications

Tardis is frequently crawled by web-indexing services and hence sites hosted on Tardis are very visible to the outside world, often unexpectedly. Unmaintained forums, galleries, blogs, etc. are frequent targets for spammers.

If you install a web-facing applicaions (eg. Gallery, etc), you MUST:

  • Keep all web-facing applications on Tardis updated with the latest security patches. Subscribe to the relevant security mailing lists.
  • Disable anonymous user input or use effective CAPTCHAs (A good option is reCAPTCHA).

While we will disable insecure applications if we find them, we cannot guarantee to. Security of Tardis services is the responsibility of all of the project members, and the existence of insecure applications may jeopardise the project's continued existence.

Supported Software

PHP

Tardis runs PHP4/5, and we can install extensions if you require them.

Python

There are two options for running Python scripts, mod_python and mod_wsgi.

mod_python

mod_python is the original python script hosting option. It supports both a simple Publisher handler, a PSP handler (like PHP or ASP), CGI compatibility handler as well as being able to write your own handlers.

To enable the Publisher hander add the following to a .htaccess file:

AddHandler mod_python .py
PythonHandler mod_python.publisher

To enable PSP interpreting of files add the following to a .htaccess file:

AddHandler mod_python .psp
PythonHandler mod_python.psp

mod_wsgi

mod_wsgi is designed to be a generic interface for running python based web applications such as webpy, django or even hand written applictions. To enable interpreting of wsgi files add the following to a .htaccess file

Options +ExecCGI
AddHandler wsgi-script .wsgi

Ruby

Ruby scripts can be run using mod_ruby. To enable interpreting of files add the following to a .htaccess file:

Options +ExecCGI
RubyRequire apache/ruby-run
AddHandler ruby-object rbx
RubyHandler Apache::RubyRun.instance

All files that end with .rbx will now be interpreted with Ruby. NB: The .rbx file must have the Execute bit set or else a 403 Forbidden error will occur.

Databases

MySQL and PostgreSQL are available. See: Database Service.

Web Applications

Currently there are some packages which are installed site-wide on the webserver which you should be able to make use of. For these, see their individual pages for details. Any other popular Webapps should probably be manage globally if at all possible.

Useful Tricks

If you're lazy and don't like case sensitivity you can add this to your .htaccess file:

# Be lenient about case
CheckSpelling On
CheckCaseOnly On

Redirecting a URL to a new location:

Redirect /~username/oldurl http://www.tardis.ed.ac.uk/