Using the ECN Web Group Server

This document describes how to create and maintain an “entity” web site under the Purdue University Engineering Web Cluster, https://engineering.purdue.edu.

The Engineering web cluster serves pages for individual users, as well as research and academic groups. Web pages for research and academic groups are called “entities”. This document focuses on the “entities” aspect of serving web pages on a server that has strong provisioning for file and execution security.

The first step toward creating and maintaining an entities web site is requesting the creation of an entity from the ECN webmasters or ECN site specialists. Requests can be made using the ECN Web Hosting Request form.

Applications can be developed for an entity in three ways: Apache served applications using CGI programming, Plone served applications, or Ruby-on-Rails served applications. Be sure to indicate which type of application environment is needed when making the request for a new entity.

URL Structure

The Engineering Web Cluster uses a unified addressing scheme for user and entity type web pages. User web pages have a URL that begins with a “tilde” character, then the user's login-ID:

https://engineering.purdue.edu/~user/

Research and academic groups have a URL that begins with an entity identifier, without the “tilde” character:

https://engineering.purdue.edu/entity/

Directory Structure

Entity web pages are stored in the filesystem using a path to a web group directory located at “/web/groups”. The full name of the directory will include the entity name, such as “/web/groups/entity”.

Inside of the entity directory will be three types of directories:

• A “public_html” directory for all files that will be made publicly available by the web server,
• A “private” directory for private storage,
• A “var/logs” directory that will contain the log files for all web server file transfers (“access_log”) and error messages (“error_log”).

The directory structure looks like this:

Apache runs as the user-ID of the entity - Any files stored in the “public_html” directory will need to be readable by the entity's user-ID. For security purposes the top level directory, “/web/groups/entity”, is set to be accessible only by the entity's user-ID or group-ID.

Apache serves up web pages based on the files stored in the “/web/groups/entity/public_html” directory, where “entity” is the name of the entity.

Web Page Management Hints

The Engineering Web Cluster servers web pages out to the Internet based on the files and scripts stored in the “public_html” directory. In order to update a web site, place the files into the right directory and check that the web page works successfully.

In order to control the behavior of the web server, log on to the host “templeton.ecn.purdue.edu” using a secure shell window (such as “slogin templeton.ecn.purdue.edu”). This will allow for controlling whether the server is running or not, and whether the server will be started automatically when the system is booted. Use the “help” command to see a list of options for controlling the web server.

Type 'help' for list of available commands

web> help
Available commands:

  accesslog    Show the most recent messages in the access log
  add          Add a module to the web server
  disable      Disable the web server from starting automatically
  enable       Enable the web server to start automatically
  errorlog     Show the most recent messages in the error log
  exit         Same as quit
  help         Show a list of available commands
  list         List entities
  quit         Quit the command shell
  remove       Remove a module from the web server
  restart      Restarts the web server if already running
  select       Select current entity
  start        Start the web server if not already running
  status       Show the current status of the web server
  stop         Stops the web server if currently running

Below are sections showing how to add files and adjust service by the Apache web server.

Apache Hints

Private data files should take advantage of storing the files into the “private” directory whenever possible. This will help avoid accidental disclosure should the permissions on the “public_html” be set incorrectly. Places where a private “htpasswd” is needed could use the “private” directory to store the password file.

When using the remote console, commands such as “accesslog” and “errorlog” show the last set of log file lines so you can debug web applications.

By default, an Apache web server does not enable "php7" nor "python". Using the "add" and "remove" commands, the Apache web server can be configured to use php version 7 with "add mod_php7", and/or configure python with "add mod_python".