YOUR WEB SERVER
Your web server is the software that serves your website’s content to a customer’s browser (Netscape, Internet Explorer, Opera, etc.). The web server software’s basic functionality is quite simple — it takes a file name passed through a command, gets the file and sends it across the Internet so it can be viewed on the requesting computer’s browser software. The web server software also tracks hits to the site, records and reports error messages, etc. Server-side technology is used to increase the functionality of a web server beyond its ability to deliver standard HTML pages — for example, CGI scripts, SSL security, and Active Server Pages (ASPs).
Today’s web servers are used in such a variety of situations that it is necessary for the tools used to administer them to be quite sophisticated. Thus, more and more add-on options are available for web-related software development tools.
All of the major web servers, including Apache, Microsoft IIS, and Netscape Enterprise Server, have comparable functionality. This means that your choice of web server software may be based more on personal preference than on actual hard-core functionality considerations.
Apache
This is the most widely used web server and is probably the most stable and fastest of the web servers available. As Table 4 indicates, Apache holds the top position in the web server market space, and has almost three times as many installations as second place Microsoft IIS.
| Server | September Count | September % | August Count | August % | Change |
|---|---|---|---|---|---|
| Apache | 7,979,368 | 66.86% | 7,705,536 | 66.94% | -0.08% |
| Microsoft IIS | 2,853,576 | 23.91% | 2,765,375 | 24.02% | -0.11% |
| Netscape | 112,352 | 0.94% | 109,898 | 0.95% | -0.01% |
| Zeus | 101,128 | 0.85% | 99,044 | 0.86% | -0.01% |
| WebSTAR | 94,442 | 0.79% | 91,315 | 0.79% | 0.00% |
| WebSite | 27,543 | 0.23% | 28,979 | 0.25% | -0.02% |
| Other | 765,715 | 6.42% | 711,486 | 6.18% | +0.24% |
Apache was originally based on the httpd code that many say started the Web revolution. Prior to Apache 2.0 (the latest version), Apache was a largely Unix product that used a number of tricks in order to execute within other operating systems.
Apache 2.0, however, represents a major rewrite of previous Apache versions. Among the many changes, one of the most important is that Apache 2.0 supports a wide array of platforms in more efficient ways. Thus it is now possible to develop Unix- and Windows-specific execution models that make the best use of a specific operating system. This is because Apache 2.0 provides a new execution environment that separates the core functionality of the Apache system from the system that supports and processes requests. Thus Apache 2.0 is easily supported under a wide variety of operating systems: UNIX (of course), Windows (all versions), Linux, Mac OS X, BeOS, and more.
Apache web servers are released as “open source” with no fee for usage; there are also a lot of modifications and modules made for Apache. The source code for most operating systems (all versions of Windows, freebds, many versions of UNIX including Linux, etc.) is distributed in what is known as a “tarball.” A tarball is just a source code directory tree that is packaged with the UNIX tar command and then compressed into a zip file. The most recent repository of Apache source code can be found at www.apache.org.
However, Apache isn’t for everyone — setup and maintenance of the server requires familiarity with command-line scripting tools. Also, Apache lacks browser-based maintenance capabilities or GUI configuration/administration tools. Some users will be unhappy with the lack of visuals, Wizards, and browser-based administration tools.
Although there is no official support for Apache, the apache.org website is very useful. Bug reports and suggestions are distributed via the site’s bug report page. Other questions can be directed to forums such as the one hosted by Serverwatch.com and Apache-server.com. Also check out newsgroups such as the one hosted by Google. Apache gurus can usually be found lurking about all of these sites. Be sure to bookmark not only the Apache.org site and Apache-server.com sites (they both provide a wealth of information), but also Apacheweek.com — this site is an essential resource for anyone running an Apache server. You can also find third-party companies that offer full commercial support for a fee.
NOTE
If you would like a basic tutorial on how to install Apache, go to www.serverwatch.com/tutorials/article.php/1126341 for “The Newbie’s Guide for Installing Apache.” Bookmark the Serverwatch.com website — it provides a wealth of information on all kinds of server software.
Microsoft Internet Information Server (IIS)
IIS receives high marks for superior installation, performance and maintenance. IIS especially earns kudos for its ease of installation and the quality of its management interface, which is provided separately from other interfaces. Another good feature is that IIS can be managed remotely via a web browser. However, IIS can operate only within a Windows environment.
The IIS 5.0 (included in Windows 2000) and the updated version, IIS 5.1 reflect only minor changes from the original IIS version 3.0 that came with Windows NT 4.0. But with IIS 6.0, which is bundled with Windows 2003 Server and XP Professional, there was an almost complete rewrite of this web server platform. IIS 6.0 sports a new execution model, better management facilities, and significantly increased performance. However, IIS 6.0 currently only supports Windows 2003 Server and XP Professional.
THE .NET FRAMEWORK
Some readers may have heard all of the buzz about the .NET Framework, but don’t really understand what it is all about. Let’s me see if I can give you a short explanation.
Microsoft .NET is software that connects information, people, systems, and devices. It spans clients, servers, and developer tools. The .NET Framework is Microsoft’s new programming model for developing, deploying, and running XML web services and all types of applications-desktop, mobile, or web-based.
The .NET Framework is the infrastructure for the overall .NET Platform. The common language runtime and class libraries (including Windows Forms, ADO.NET, and ASP.NET) combine to provide services and solutions that can be easily integrated within and across a variety of systems. The .NET Framework provides a fully managed, protected, and feature-rich application execution environment, simplified development and deployment, and seamless integration with a wide variety of languages.
For a more detailed overview of .NET, check out Microsoft’s “Getting Starting in .NET” web page, which can be found at www.microsoft.com/net.
Although this limits the deployment platforms for IIS-based web services, it also provides a number of benefits, including greater cooperation with the host operating system and easier management and control through a variety of standard OS tools and utilities. IIS 6.0, paired with Windows 2003 Server, offer admirable levels of integration with the .NET Framework.
Microsoft provides free online support through its knowledge base, which can be found at www.Microsoft.com. You can also obtain fee-based per incident service through the Microsoft Certified Support Center. If you purchase “support incidents” you can receive quick and knowledgeable technical support through an 800 number.
Netscape Enterprise Server (NES)
This web server runs a distant third in the web server market, but it still offers a “complete” web server package for any website. It provides support for the HTTP 1.1 protocol plus security enhancements in PKCS #11, FIPS-140 compliance, 128-Bit Step-Up Certificates, and Fortezza support. (Fortezza, Italian for “fortress,” is a family of security products — PCMCIA cards, serial port devices, server boards, etc. – that are trademarked by the U.S. National Security Agency and used extensively by the military). It also comes with a built-in search engine, log analysis tools, advanced content publishing, server clustering and administrative rights delegation. It supports most Windows operating systems and most of the UNIX family including Digital UNIX, SGI IRIX, Sun Solaris, and IBM AIX.
NES is a good web server for a traffic intensive website since it has features such as SSL 3.0 support with client-side certificate authentication, SNMP and SMTP support and centralized server management. Technical support is free for the first 90 days only, then it gets a little pricey; you can opt for “per incident” based support or an annual subscription based support that ranges from $400 to $600. However, Netscape offers decent free support on its website (http://wp.netscape.com/enterprise/v3.6/).
Xitami
This is a freeware, robust, entry-level web server that will work with just about any operating system (although Mac support is not currently available). This web server is perfect for someone operating on a tight budget, especially if the hardware used for the web server is an older Pentium. Installation is simple. There are no wizards but there is a browser-based interface and command-line support that is efficient and intuitive. Documentation is thorough and makes the process of getting up and running understandable for both novices and pros. The website www.imatix.com/html/xitami/ provides extensive online documentation, help via email, and a link to a discussion group. Third-party support is available for a fee.
Zeus
This web server ranked fourth in the September 2003 Security Space Web Server Survey, and it may be just the ticket if you envision an e-commerce business with room to grow. Although a bit pricey (around $1400), Zeus is a scalable, secure, and high-performance web server. Zeus can be found underpinning business-critical solutions for web-hosting, content providers, and secure e-commerce companies.
What makes Zeus so popular is that it uses a small number of single-threaded I/O processes, which are capable of handling tens of thousands of simultaneous connections. Whereas the front-runner, Apache, uses a dedicated I/O process for each connection request, limiting it to 256 simultaneous connection requests.
But to handle the kind of I/O processing that Zeus offers you need either very fast equipment or a good cluster of servers. Fortunately, Zeus comes native with web server clustering support enabling a set of web servers to act as a single web server for the end user and allowing the load of serving web pages to be balanced across a set of different computers and (assuming your website has the bandwidth) multiple connections.
But unless you need the power Zeus offers, go with another web server because you will not realize any measurable benefit from Zeus over Apache (or another web server) unless your website experiences regular high traffic volume. Another possible downside to Zeus is that it runs primarily on Unix-based systems, and thus it is difficult to configure if you are not familiar with the command-line nature of the Unix family. You can find extensive documentation and online support for Zeus products at http://support.zeus.com/.
Log Files
Okay, you’ve installed your web server software and even remembered to install and configure a firewall. It’s now time for you to understand your web server log files.
Your web server creates records — called log files — of everything that happens on the server. Log files are actually huge files that contain a record of each and every activity that occurred on your web server. When I say “everything” I mean “everything” — every request for an HTML page, every graphic file requested, every request to have an active page executed, and every CGI script that ran. The web server considers each of these events a “hit.” When the e-commerce industry first started ballyhooing the amount of traffic a certain site received, it was referring to the number of hits as tracked by the web server log files. Therefore, the definition of a hit, as far as web server log files are concerned is: Anything the web server is asked to do when servicing the demands created by the traffic flowing through its content, i.e., your website. Please note that the number of “hits” is not an accurate indicator of the number of people that are actually visiting your site. For the all-important “people count” or “unique visitor” statistics you need “log analysis software” to interpret website activity data.
As long as your web server has its logging feature activated, all of the activity on your website is stored in records. These records keep the details of which pages were requested, when they were requested and even information, such as, who initiated the request, the initiator’s IP address and the type of browser used, along with how the initiator found your website. All of this information is stored in files named “Access Log,” “Error Log” (such as a page that no longer exists) and “Referrer Log.” By providing instant, ongoing, fairly exact and specific snapshot of the website’s traffic patterns, these log files provide website owners with a plethora of raw data concerning their customers.
Because log files provide a record of all user activity, they have great value. You will even find the historical information useful. Maintain these files either in an encrypted form on the web server or store them on a separate machine offline.
Log files are important to the effective management of your website in three different ways. First, there’s the overall “load” placed on the web server. For example, at any time did the site’s activity exceed the capacity of the hardware and/or software? If so, this is a “heads up” that you need to improve your site’s ability to handle the traffic peaks. Perhaps you need to upgrade the server hardware or install a higher-capacity web server software package.
Second, there’s the measurement of the traffic or number of visitors that come to your website, what they look at, and how long they stay. This gives you good insight into what is succeeding or not succeeding on your web pages and in your marketing campaigns.
Third is security. The first line of defense against hackers is your log files. How? By monitoring your log files on a regular basis, you can spot suspect goings-on. You should also install trap macros (macros are small simple programs written to automate specific tasks) to watch for attacks on the server. While you are at it, also create macros that run every hour or so to check the integrity of “passwd” and other critical files. (The macros should be programmed to send email to the system manager if a change is detected.)
Log files expand very fast. If you are using an Internet hosting company to host your site, it will schedule these files to be rotated in such a way that older log files are regularly deleted. Believe me when I say you want to preserve these files. The easiest way is to institute a system and schedule wherein the log files are emailed to you automatically for organization and storage. This will guarantee that you will have immediate access to your data. However, this “raw” data is merely the tip of the iceberg and to be of any real use it needs to be analyzed — that’s where log analysis software steps in.
EAN: N/A
Pages: 159