Access Information Through World Wide Web
For a user to create a home page, the subdirectory specified by the UserDir directive in the configuration file (public_html in the example) must be created in the user's home directory. The user should place all publically available documents under this directory. The user may want to create a welcome page for presentation when the server resolves URLs of the form http://wwwhost.my.domain.name/~joe. The server will attempt to resolve a URL of this form to reference a welcome document in the public_html directory. If a welcome document is not found, a directory listing will be presented to the client instead.
For the server to properly access a user's home pages, the permissions on the user's home directory must be set to allow the server to read through the home directory into the public_html subdirectory. This can be done by setting the user's home directory so that it has world execute permissions (chmod a+x). The public_html directory must be set to allow world read and execute (chmod a+rx). Finally, the documents in the public_html directory should have permissions which allow world reading (chmod a+r).
An alternative to having users home pages in subdirectories of their home directories is to create a special directory tree under /usr/local/WWW/htdocs/. This directory tree will typically have a subdirectory for each user who will be creating public documents accessible via the httpd daemon. With this arrangement special permissions need not be set on users' home directories, maintaining some additional security. If this method is implemented, the UserDir directive shown in the example should probably be omitted. This will disable the support of URLs of the form http://wwwhost.my.domain.name/~username.
For example, you could create a /usr/local/WWW/htdocs/home/ directory. Under this directory you could create a subdirectory for each user who will be creating public documents. If the user is to be able to freely modify the directory contents, the ownership and permissions must be set accordingly. The permissions must also be set to allow the server to access this directory. This usually means making the directory world readable (chmod a+r). A user's home page can then be accessed using a URL such as http://wwwhost.my.domain.name/home/joe/.
What has been presented here has been designed to get a basic server up and running. Many topics are left out, including proxy support and special access control. The CERN httpd daemon is a very flexible and configurable WWW server. For further research you will probably want to explore the online documentation provided by CERN at www.w3.org/hypertext/WWW/Daemon/Status.html.
Eric Kasten has been a systems programmer since 1989. Presently he is pursuing his master's in computer science at Michigan State University, where his research focuses on networking and distributed systems. Well-thought-out comments and questions may be directed to him at email@example.com. You may also visit his home page at petroglyph.cl.msu.edu/~tigger/.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide