• Server Side Scripting
• Log Files
• Server Side Includes
• Password Protecting Directories

Server Side Scripting

There is no general cgi-bin on camac to which users have access, but users can create a cgi-bin directory within their public_html directory within which they may place their cgi scripts (permissions on this directory should be set to read/write/executable on user and executable for Group and World (711)).

Perl and PHP are all available on camac. All files transferred to the student server camac (using SCP, this is a secure file transfer protocol) are allocated read/write privileges on User, read privileges on Group and read privileges on World (that is 644) by default. For security purposes and in order for php scripts to run it has been recommended that the php files be given read/write/executable privileges on User alone (that is 700). The directory containing such files should be set to read/write/executable on user and executable for Group and World (711). It is advisable to keep all your PHP files in one directory. These changes can be done using an SSH client that allows the user to set the permissions on the files on the server. One such client is WinSCP, available via the Start/Programs menu on most ISS lab machines. Where it is unavailable, the latest versions of both WinSCP and Putty can be downloaded from http://camac.DCU.ie/files. Once the student has logged into their account using this client, the student should right-click on the directory in which the php files are to be located on the server or the file itself and select properties. A table detailing permissions will be displayed allowing the user to select the required permissions; for instance in the case of changing a file's permissions the Owner should be ticked for R (Read), W (Write) and X (Executable) while all other boxes in this table should be left blank.

To use Perl or PHP, the appropriate pathway or "shebang line" must be included as the first line of your file. The shebang line for Perl is:

#!/usr/dist/bin/perl

while for PHP it is:

#!/usr/dist/bin/php

Please be aware that server side scripts will run as the user and could affect your web account. For this reason any scripts you write are executed at your own risk and ISS takes no responsibility for unexpected results. Scripts which pose a security risk will be removed.

Further information is available on:

• Perl
• PHP

Log Files

Camac log files can be found at the following locations:

access log:

/usr/local/apache2/var/logs/access_log

error log:

/usr/local/apache2/var/logs/error_log

suexec log:

/usr/local/apache2/var/logs/suexec_log

Server Side Includes

The Student webserver, camac, supports Server Side Includes (SSI). By using the extension .shtml, the webserver will parse SSI commands. Further information on SSI is available online.

Password Protecting Directories

Two files are required in order to password protect a directory:

1. a .htaccess file
2. a .htpasswd file

The .htaccess file will indicate the type of access required and the location of the password file. The .htpasswd file contains the usernames and passwords in an encrypted format and ideally should not be accessible by a browser (it should be stored outside of the public_html directory). These files should be uploaded as ASCII and not BINARY.

The .htaccess file

This is a simple ASCII file and should go in the directory you wish to protect. .htaccess files affect the directory they are placed in and all sub-directories. This file indicates the location of the .htpasswd file which contains your usernames and passwords. A basic .htaccess file looks like this:

AuthUserFile /usr/local/you/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName "Enter your password"
AuthType Basic

require valid-user
            

The .htpasswd file

To create the .htpasswd file you must use SSH * to access your account and (presuming you are in the top directory outside the public_html directory) use the command:

htpasswd -c /.htpasswd username

You will be prompted twice for the password you wish to set.

Further information on.htaccess etc.

Note: WinSCP is a program used for transferring files, while PuTTY supports telnet and SSH connections (it is advisable to use SSH). If WinSCP or PuTTY are not available on your machine they can be downloaded from http://camac.DCU.ie/files.