WebTools
view release on metacpan or search on metacpan
install.txt view on Meta::CPAN
/tmp OR +---- tmp
For 'conf','drivers','htmls','jhtmls','libs','modules' directories you
need only 'read' access.
For 'db' directory you need 'read' access (and 'write' if you use DB FLAT
- default)
For 'logs','mail' you need 'read' and 'write' access (default these
directories are not used)
You need also full access to 'tmp' directory (your system directory or
your own)
Now let see some examples:
-------------------------------------------------------------------------------------------------
CASE 1: You are some good user(july) on some good free
host(newald.proscriptum.com) :-)))
Let 'july' user has home directory: /home/july (we use virtual host:
july.newald.proscriptum.com)
His full cgi-bin directory is: /home/july/public_html/cgi-bin
So his webtools directory can be: /home/july/public_html/cgi-bin/webtools
Now we can upload WebTools-1.27.tar.gz to our home directory and after
that to install script.
After installation our process.cgi has permission mode set to 0755,
directories have permission modes: 0755 and any other files: 0444
Features:
- Our host is virtual, so Apache change user to 'july' when we start
process.cgi!
In other words we are ready to configure package whitout any hidden traps!
Evrything is ok, so let run script: perl -c process.cgi
-------------------------------------------------------------------------------------------------
CASE 2: You are some user (and you has not virtual host) under Open BSD
OS.
User: snm
Server: www.jozefina.bg
User home directory: /home/snm
His full cgi-bin directory: /home/snm/http/cgi-bin
So his webtools directory can be: /home/snm/http/cgi-bin/webtools ,
please install package into this directory!
Now let suppose that your scripts running with Apache's user (i.e. Apache
can't write into your directories when they has 755 permissions!). That
can be a problem, we realy need to write into db, logs, mail and tmp
directories, so we must chmod these directories to 0777 (BUT THIS IS
UNSECURE). To decide problem we must create these directories in our home
directory, for example:
/home/snm/webtools/db
/home/snm/webtools/logs
/home/snm/webtools/mail
/home/snm/webtools/tmp
then we can chmod to 0777 these directories! (other user can't read/write
'snm' directory, so they can't access and these directories too :))
After this you MUST move files from original(installed) directories to
directories we've just created (preserve attributes/permissions when files
are moved). Ok, is evrything done? Actualy not at all, you also need to
edit "config.pl". Please run 'pico' or some other editor and change path
to new location of db, logs, mail and tmp directories! (or use install.cgi
to modify config.pl file!)
--------------------------------------------------------------------------------------------------
CASE 3: You have root access! Well is not a good idea to install webtools
with root access! You can login with some other user and install package
in directory you want and chown/chmod if need (using root). With root
access you can install package on way you want and can resolve problems
very fast (if you want you can run your scripts with 'www' user and so
on...). You can create directories (db,logs,mail, tmp ...) into some
private directory (where nobady except Apache can read/write)...
NOTE: Please be very careful when install any scripts/modules with root
access. You bring responsibilty for your actions!
--------------------------------------------------------------------------------------------------
SECURITY SETTINGS:
Before you can go life in web you have to check security settings of your
web server!
Here we suppose that you haven't root access, so you can't make any
changes to server if any security fixes are required.
- First of all you have to check ability of externel user to access your
directories:
(If you are owner of web server and you are the only one user on it e.i.
no body else can access remotely) you can close your eyes and leave this
check unperformed. Other else you have to check whether other user can
"cd" your directory. If that is possible you need to fix that (contact
your system administrator and ask him to protect your directory of
unauthorized access!)
- Secondry you need to check ability of web users to access and/or read
your datas and/or scripts:
Immediatly go to your "webtools/htmls" directory and "vdir"(or "ls -l")
this direcory. It should contain file "env.html" and it shoultd be with
permission: 644 (or 444) depending of your OS defaults. These "htmls"
actualy are embedded Perl files, so it is extreamly important these files
(htmls) to be unaccessable and unreadable from Web interface i.e. line
like this: http://your_server/cgi-bin/webtools/htmls/env.html should
return NOT html page, it MUST return "Internal Server Error" because
Apache must interpret these files as scripts!!! If that is not true, you
have to set other extension for all files in webtools/htmls (.whtml ,
.cgihtml , .htm or .cgi are supported) That mean, that you need to correct
all files that access these ".html" files (and given examples too). Other
solution (when you have access to server) is to forbid ".html" to be read
in cgi-bin directory (you need to edit httpd.conf -> please read Apache's
documentation to learn how to do that).
NOTE: You can configure config.pl so extensions .whtml, .cgihtml and so on
to be treated as .html!!!
- Finnaly solution (and in many cases the best):
You can install webtools into ../cgi-bin/webtools and after that you can
move all directories and files in your "secure" home directory where no
body except you can read/write these files! Ofcource you must leave at
least "process.cgi" in your web based cgi-bin/webtools directory and
"conf" directory too, after these operations you must edit your config.pl
file and mark changes of new webtools directory structure (you should edit
section "[PATHS]" in config.pl). That is all but don't forgot to set
variable $check_module_functions = "on" (that is internal build way to
check your configuration!)
NOTE: Please preserve permissions of directories and files in.
NOTE: Apache's should handle (in httpd.conf) .cgi and .pl file with
AddHandler!
Example: AddHandler cgi-script .cgi .pl
AFTER INSTALLATION:
( run in 0.520 second using v1.01-cache-2.11-cpan-5511b514fd6 )