Web Server SAS Lecture 6. Course Overview and Goals This course will teach you how to install, configure, and administer a Web server that runs on a Unix.

Web Server

SAS Lecture 6

Course Overview and Goals• This course will teach you how to install, configure, and administer a Web server that runs on a Unix system and can be used to deliver dynamic content.

About Your Classmates…

• Introductions• What do you do?• What do you do with computers?• Why are you taking this class?

How does the World Wide Web Work?• Works on a client/server model. The Web server is the server component. The Web browser is the client component. Purpose of the Web server is to provide documents to clients.

• Web servers, Web browsers, and the information that is shared between them through the Hypertext Transfer Protocol (HTTP) protocol make up the World Wide Web.

History of the World Wide Web• Grew out of the Internet, a network of networks designed that began in the early 1970’s and was used to support a variety of services (including telnet, ftp, Usenet, email, and gopher) that communicated via TCP/IP (Transmission Control Protocol/Internet Protocol).

• In 1989, Tim Berners-Lee at CERN developed a new system to simplify document distribution and to allow documents to be linked together. Called the “WorldWideWeb.”

Web History, con’t.

• In 1993, the National Center for Supercomputing Applications (NSCA) released to the public a NCSA server software and a GUI Web browser called Mosaic. Quickly became popular. • Mosaic became Netscape

Who is a Webmaster?

• A Webmaster is someone responsible for the content and/or management of a Web site and/or a Web server.

What Roles Do Webmasters Play?

• Web Designers – Create graphical elements and determine layout of Website. • Content Providers- Create and edit HTML documents. • Web Developers – Write CGI, Java, JavaScript, ASP, PHP, and other scripts or programs that are used to deliver dynamic content.

Webmaster Roles, con’t.

• Administrators – Responsible for maintaining the Web server software and often the operating system and hardware where the Web server is installed.

• For most organizations, these responsibilities tend to be split over multiple job positions except for very small and simple Web sites.

Planning Your Server

• How and where will you host it?

• What kind of hardware will you use?

• What kind of Operating System will the hardware run?

• What Web server software will you use?

• What domain name will your site use?

• Answers to above questions usually determined by budget, staffing, and existing infrastructure of your organization.

Hosting Your Server: Use an ISP (Internet Service Provider)• Free Page Site – For personal use, limited space and tools, adds advertisements. (examples: Yahoo, Tripod, Xoom, etc.)

• Personal Page Site – For personal use, usually included with dialup account (about $20 per month), 2-20 MB disk space, none or limited access to server-based technologies for delivering dynamic content, generally under your ISP’s domain. (Website URL usually looks something like: http://www.yourisp.com/~yourusername)

Hosting Your Server, con’t.• Virtual Host – For business or personal use, share a machine with other domains, can use your own domain (http://www.yourdomain.com), should provide a fairly wide range of tools for building more complex Websites, costs based on disk usage and traffic, ranges from $10 to several hundreds of dollars a month. Generally available through all ISPs and Hosting-only providors such as Highway Technologies (http://www.hway.net) and YourDomainHost (http://www.yourdomainhost.com)

Hosting Your Server, con’t.

• Dedicated Server – For business use, ISP owns and runs the machine, your organization dictates the configuration and has exclusive access to the system, expensive.

• Co-Located Server – For business use, your organization owns the hardware and software and is responsible for maintaining it, ISP houses the system and provides a network connection, pricing determined by bandwidth requirements.

Hosting Your Server: Do It Yourself: Networking Options• For an Intranet Server– Need a LAN (local area network).

• For an Internet Server – Need a dedicated Internet connection. Internet Connectivity Options: • POTS (up to 56Kbps) – not practical for business use

• ISDN (128Kbps) – only a good choice if cable or DSL is not available

• Cable (512Kbps – 10Mbps) • DSL (128kps – 1.54 Mbps+) • T-1 (up to 1.54Mbps) – full, fractional, or burstable

• T-3 (up to 45 Mbps)

Finding an ISP

• Setting up a Internet Web site will require you to purchase some level of services from an ISP. • The List – http://thelist.com

Hosting Your Server: Hardware Options

• Need to select a machine architecture (i.e Intel Compatible PC, Sun, Macintosh G4).

• Processor speed and number of processors.

• RAM and Disk Space.

• NIC card.

• Price can range from several hundred dollars to thousands of dollars.

Hosting Your Server: Operating System Options• Commercial Versions of Unix (i.e. Solaris, Irix, HP-UX, AIX, MacOS X).

• Free Versions of Unix (i.e. Linux, FreeBSD).

• Microsoft Windows (9x, NT, Windows 2000).

• Novell NetWare

• Windows vs. Unix – raises issues of easy of use, stability, scalability, open source, and pricing.

Hosting Your Server: Web Server Software Options• According to the Netcraft Web Server Survey (http://www.netcraft.com), as of January 2000, three Web server software distributions support over 90% of all Web servers on the Internet: • Apache 61.66% • Microsoft Internet Information Server 19.63% • Netscape Enterprise 7.22%

Web Server Software Options: Apache

• “The standard” for UNIX web servers.

• Originally based on NCSA httpd code.

• Can be installed under most Unix variants and Windows. Binary versions available for many operating systems.

• Uses file-based configuration, although GUI tools are also available.

Introduction to Apache, con’t.• Unix versions very stable. Windows version less mature (beta-level code).

• Very Fast and uses resources efficiently.

• Freely distributed source code. Can be modified for commercial or non-commercial use.

• Price: Free

• See http://www.apache.org for more information.

Web Server Software Options: Netscape Server

• Sometimes referred to as the iPlanet server

• Distributed through Sun-Netscape Alliance called iPlanet.

• Server packages: iPlanet/Netscape Enterprise Server, Netscape Fast-Track Server.

• Runs under Windows NT, Solaris, Irix, HP-UX, Digital Unix, AIX, Linux (coming soon).

Netscape iPlanet Server, con’t.• Uses Web-based administration.

• Can be resource intensive.

• Price: $1495 per processor for Enterprise Server

• See http://www.iplanet.com/products/infrastructure/web_servers for more information.

Web Server Software Options: Microsoft Internet Information Server

• Most popular for NT-based web servers.

• Runs only under Windows NT Server. IIS v4 is the most popular release. IIS v5 was released with Windows 2000 Server.

• GUI-based administration. Web-based administration available as well.

• May not scale well.

Microsoft IIS, con’t.

• Source code not available. Extendable through Microsoft’s Internet Server API (ISAPI).

• Price: Free with NT Server 4.0

• See http://www.microsoft.com/ntserver/web/default.asp for more information.

Important Notes about Web Server Hardware• Web Servers need fast disk access and a lot of RAM to handle high-volumes of traffic.• Not unusual to see web servers with 1GB of RAM and 10,000RPM hard drives.

• Processor speed and performance becomes very important when delivering dynamic content via CGI scripts, Server Side Includes or other web applications.

Uniform Resource Locator (URL)• URL: a fancy way of saying “web site address”• Anatomy of a URL:

http://internet.rutgers.edu:80/ITI520/index.html

Protocol Hostname Port Number Path To File

HTTP – An Introduction

• HTTP – The Hypertext Transfer Protocol• The protocol used between web clients (browsers) and web servers.• Web browsers “ask” for a specific web page from the server, who returns the content

Web Servers: Implementation and Performance

Erich Nahum 28

What do HTTP Requests Look Like?

GET /images/penguin.gif HTTP/1.0User-Agent: Mozilla/0.9.4 (Linux 2.2.19)Host: www.kernel.orgAccept: text/html, image/gif, image/jpegAccept-Encoding: gzipAccept-Language: enAccept-Charset: iso-8859-1,*,utf-8Cookie: B=xh203jfsf; Y=3sdkfjej<cr><lf>

• Messages are in ASCII (human-readable)• Carriage-return and line-feed indicate end of headers• Headers may communicate private information

• (e.g., browser, OS, cookie information, etc.)

Web Servers: Implementation and Performance

Erich Nahum 29

What Kind of Requests are there?

Called Methods:• GET: retrieve a file (95% of requests)• HEAD: just get meta-data (e.g., mod time)• POST: submitting a form to a server• PUT: store enclosed document as URI• DELETE: removed named resource• LINK/UNLINK: in 1.0, gone in 1.1• TRACE: http “echo” for debugging (added in 1.1)• CONNECT: used by proxies for tunneling (1.1)• OPTIONS: request for server/proxy options (1.1)

Web Servers: Implementation and Performance

Erich Nahum 30

What Do Responses Look Like?HTTP/1.0 200 OK

Server: Tux 2.0Content-Type: image/gifContent-Length: 43Last-Modified: Fri, 15 Apr 1994 02:36:21 GMTExpires: Wed, 20 Feb 2002 18:54:46 GMTDate: Mon, 12 Nov 2001 14:29:48 GMTCache-Control: no-cachePragma: no-cacheConnection: closeSet-Cookie: PA=wefj2we0-jfjf<cr><lf><data follows…>

• Similar format to requests (i.e., ASCII)

Web Servers: Implementation and Performance

Erich Nahum 31

What Responses are There?• 1XX: Informational (def’d in 1.0, used in 1.1)

100 Continue, 101 Switching Protocols

• 2XX: Success 200 OK, 206 Partial Content

• 3XX: Redirection 301 Moved Permanently, 304 Not Modified

• 4XX: Client error 400 Bad Request, 403 Forbidden, 404 Not Found

• 5XX: Server error 500 Internal Server Error, 503 Service Unavailable, 505 HTTP Version Not Supported

Installation

• The Apache2 web server is available in Ubuntu Linux. To install Apache2:• At a terminal prompt enter the following

command:

sudo apt-get install apache2

Configuration

• Global Configuration/etc/apache2/apache2.conf

• Ports configuration/etc/apache2/ports.conf

• Virtual Host configuration/etc/apache2/sites-available/Copy file : 000-default.conf to sitename.conf (example, siam.adser.com.conf)•Add symlink to /etc/apache2/sites-enable/ :

sudo a2ensite siam.adser.com.conf

Vitual Hosts Configuration/etc/apache2/sites-available/ siam.adser.com.conf :

<VirtualHost 192.168.56.101:80> //IP add and port

ServerAdmin [email protected]

ServerName siam.adser.com

ServerAlias www.siam.adser.com

DocumentRoot /var/www/html/siam.adser.com/ //loc. index

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Security

• TLS/SSL TLS, or transport layer security, and its

predecessor SSL, secure sockets layer, are secure protocols created in order to place normal traffic in a protected, encrypted wrapper.• Enable ssl

sudo a2enmod ssl

Generate Key

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt•penssl: This is the basic command line tool provided by OpenSSL to create and manage certificates, keys, signing requests, etc.•req: This specifies a subcommand for X.509 certificate signing request (CSR) management.•-x509: This option specifies that we want to make a self-signed certificate file instead of generating a certificate request.

• nodes: This option tells OpenSSL that we do not wish to secure our key file with a passphrase. • -days 365: This specifies that the certificate we are

creating will be valid for one year. • -newkey rsa:2048: The rsa:2048 tells OpenSSL to

generate an RSA key that is 2048 bits long.• -keyout: This parameter names the output file for

the private key file that is being created.• -out: This option names the output file for the

certificate that we are generating.

The rsa:2048 tells OpenSSL to generate an RSA key that is 2048 bits long.

The rsa:2048 tells OpenSSL to generate an RSA key that is 2048 bits long.

Configure host ssl• /etc/apache2/sites-available/default-ssl.conf<IfModule mod_ssl.c>

<VirtualHost _default_:443>

ServerAdmin [email protected]

ServerName your_domain.com

ServerAlias www.your_domain.com

DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on

SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost>

Configure host ssl• Enable SSL configuration on site• sudo a2ensite default-ssl.conf

• Restart apache service• sudo service apache2 restart

• Open your site• https://server_domain_name_or_IP

End Slides…

• Practice make perfect…• Any question?