You can manually telnet into port 80 of a web server to test out some fundamental things. Here's an example session; telnet w3 80 <----- Use port 80 Trying... Connected to SPIDER.ALMADEN.IBM.COM. Escape character is '^]'. HEAD / HTTP/1.0 <----- Must be all caps and you <----- must hit enter twice. HTTP/1.0 200 Document follows Date: Wed, 12 Feb 1997 19:38:32 GMT Server: NCSA/1.5.1 Content-type: text/html Connection closed. You can also say GET instead of HEAD to get the whole document. The second token there is the document you want, in the example, you're getting the root document. For example, this will work ... Connected to SPIDER.ALMADEN.IBM.COM. Escape character is '^]'. GET /cgi-bin/echo-it HTTP/1.0 GET /cgi-bin/echoit HTTP/1.0 <----- Again, you must <----- hit enter twice. HTTP/1.1 200 OK <----- And all this is returned. Date: Fri, 08 Mar 2002 23:39:40 GMT Server: IBM_HTTP_Server/1.3.6.2 Apache/1.3.7-dev (Unix) mod_fastcgi/2.2.2 Connection: close Content-Type: text/html
No data from standard input.
Request environment:
TZ=JST-9 DOCUMENT_ROOT=/dfs/prod/ips/htdocs HTTPS=OFF ... ---------------------------------------------------------- Back in April, 1997, Ian May wanted to provide some web pages but restrict access to only password-authorized users. This was to distribute some "wbi" (webby) stuff for a Stanford class. The key was to make some httpd server changes and use the .htaccess file in Ian's directory to define a password file. Here are the details. - In the httpd server's access.conf file, allow the .htaccess file to override all options with the following statement AllowOverride All - In the httpd server's srm.conf file, insure .htaccess is on the AccessFileName line, ala AccessFileName .htaccess - Ian's .htaccess file in the target directory (/www/cs/user/wbi/wdk) contained AuthUserFile /www/cs/user/wbi/wdk/.wbipasswd AuthGroupFile /dev/null AuthName WDKProtectedDownload AuthType Basicorder deny,allow deny from all allow from .stanford.edu allow from .ibm.com require valid-user satisfy all - And his .wbipasswd file contained agents:qsbMgkp2ZwUZQ - According to http://hoohoo.ncsa.uiuc.edu/docs/setup/admin/UserManagement.html#htpasswd, which is the NCSA documentation, the password file was created using their provided htpasswd command. Here's the poop from that NCSA web page, Using htpasswd to manage user files To deal with user files, we provide a program in the support directory of the distribution called htpasswd. Usage: htpasswd [-c] file userid (( Added later ... Evidently there are other versions of htpasswd, maybe for other )) (( web servers, I don't know, but I found another option for htpasswd, -m, like so )) (( htpasswd -m conf/admin.passwd userid password )) The -c, if present, tells htpasswd to create a new passwd file of the specified name instead of editing an old one. file is the pathname of the user file you wish to edit. The user parameter is the name of the user you wish to add or edit. If htpasswd finds the user you specified, it will ask you to change the user's password. Type the new password (it will ask twice). HTTPd will then update the file. If htpasswd doesn't find the specified user, it will ask you to give the user an initial password. I see the htpasswd command on eagle in /work/httpd/httpd_1.5.1b3-export/support/htpasswd. ---------------------------------------------------------- If someone calls asking for such-and-such a MIME type to be added to the server's /usr/local/etc/httpd/conf/mime.types or srm.conf file, you can push back on them and tell them they can define their own MIME types on a directory by directory basis by putting a .htaccess file in the directory. e.g. echo 'AddType application/octet-stream dsk' > .htaccess Will make files with .dsk suffixes be transmitted as MIME type application/octet-stream, which will cause it to be transmitted in binary with no interpretation of the contents, and cause the client to ask where on their disk they want this stored. ---------------------------------------------------------- A 2-15-95 note from Doug, Rick, Here are my notes on SSI on spider. Allow server-side includes: Add AddType text/x-server-parsed-html .html to srm.conf Add IncludesNoExec to list of options in access.conf. This allows includes but disallows the use of the exec feature to run cgi or /bin/sh programs via ssi. DOug ---------------------------------------------------------- A naive question and answer from Roy regarding cgi-bin scripts, A URL has /cgi-bin/imagemap/storage/... in it, where /cgi-bin/imagemap is a program, and whats after that such as "/storage/..." is sent as a parameter to the program. Or for a more detailed description, The way you read /cgi-bin/imagemap/storage/hardsoft/storage.map is /cgi-bin/ is an alias for /usr/local/etc/httpd/cgi-bin/. imagemap is a program under that directory. Once the server software finds this program, it runs it and treats anything else (storage/hardsoft/storage.map in this case) as input parameters to the program. The imagemap program treats its input parms as a location of the storage.map file, using the "DocumentRoot" variable (defined in srm.conf in the directory, /usr/local/etc/httpd/conf) which is set to /usr/local/etc/httpd/htdocs. Finally, /usr/local/etc/httpd/htdocs is a link to /www, so the imagemap program finally finds "storage/hardsoft/storage.map" in /www/storage/hardsoft/storage.map. (Whew!) And as a p.s. to that, "I've been told that the version of the NCSA web server we have has built-in imagemap support. You don't need the /cgi-bin/imagemap. Just http:/storage/hardsoft/storage.map should work."