Web Service

From Tardis
Revision as of 14:02, 10 April 2009 by Dcoles (talk | contribs) (Davros is retired)
Jump to: navigation, search

Admin Information

Usage Information

The web service currently runs on mara, which also hosts the disks with the web content. You can find your webspace at: /tardis/www/users/USERNAME/. If this directory does not exist, please contact an Admin.

This should contain two directories: pages/ and cgi-bin/. Nothing should be put directly in the top level directory and while this is currently allowed for some users it will be deprecated shortly. The pages/ directory may be used to serve static content, and PHP. Most common libraries are already installed, but if you require a particular library please speak to an Admin.

Pages can be externally accessed via http://www.tardis.ed.ac.uk/~USERNAME/. CGI scripts can be found http://www.tardis.ed.ac.uk/~USERNAME/cgi-bin/.

NOTE: CGI in user directories is presently broken due to a combination of suEXEC and a non-standard hosting path. It will be fixed when we have our new webserver with Lenny installed (which comes with the apache2-suexec-custom package).

Note on installing web applications

Tardis is frequently crawled by web-indexing services, and hence sites hosted on Tardis are very visible to the outside world, often unexpectedly. Unmaintained galleries, blogs, etc. are frequent targets for spammers.

If you install a web-facing applicaions (eg. Gallery, etc), you MUST:

  • Keep all web-facing applications on Tardis updated with the latest security patches. Subscribe to the relevant security mailing lists.
  • Disable anonymous user input or use effective CAPTCHAs (A good option is reCAPTCHA), if such an option exist.

While we will disable insecure applications if we find them, we cannot guarantee to. Security of Tardis services is the responsibility of all of the project members, and the existence of insecure applications may jeopardise the project's continued existence.

Supported Software


Tardis (grudgingly) runs PHP4/5, and we can install extensions if you require them.


There are two options for running Python scripts, mod_python and mod_wsgi.


mod_python is the original python script hosting option. It supports both a simple Publisher handler, a PSP handler (like PHP or ASP), CGI compatibility handler as well as being able to write your own handlers.

To enable the Publisher hander add the following to a .htaccess file:

AddHandler mod_python .py
PythonHandler mod_python.publisher

To enable PSP interpreting of files add the following to a .htaccess file:

AddHandler mod_python .psp
PythonHandler mod_python.psp


mod_wsgi is designed to be a generic interface for running python based web applications such as webpy, django or even hand written applictions. To enable interpreting of wsgi files add the following to a .htaccess file

Options +ExecCGI
AddHandler wsgi-script .wsgi


Ruby scripts can be run using mod_ruby. To enable interpreting of files add the following to a .htaccess file:

Options +ExecCGI
RubyRequire apache/ruby-run
AddHandler ruby-object rbx
RubyHandler Apache::RubyRun.instance

All files that end with .rbx will now be interpreted with Ruby. NB: The .rbx file must have the Execute bit set or else a 403 Forbidden error will occur.


MySQL and PostgreSQL are available. See: Database Service.

Web Applications

Currently there are some packages which are installed site-wide on the webserver which you should be able to make use of. For these, see their individual pages for details. Any other popular Webapps should probably be manage globally if at all possible.