You can manually telnet into port 80 of a web server to test out some fundamental things. Here's an example session; telnet w3 80 <----- Use port 80 Trying... Connected to SPIDER.ALMADEN.IBM.COM. Escape character is '^]'. HEAD / HTTP/1.0 <----- Must be all caps and you <----- must hit enter twice. HTTP/1.0 200 Document follows Date: Wed, 12 Feb 1997 19:38:32 GMT Server: NCSA/1.5.1 Content-type: text/html Connection closed. You can also say GET instead of HEAD to get the whole document. The second token there is the document you want, in the example, you're getting the root document. For example, this will work ... Connected to SPIDER.ALMADEN.IBM.COM. Escape character is '^]'. GET /cgi-bin/echo-it HTTP/1.0 GET /cgi-bin/echoit HTTP/1.0 <----- Again, you must <----- hit enter twice. HTTP/1.1 200 OK <----- And all this is returned. Date: Fri, 08 Mar 2002 23:39:40 GMT Server: IBM_HTTP_Server/1.3.6.2 Apache/1.3.7-dev (Unix) mod_fastcgi/2.2.2 Connection: close Content-Type: text/html FastCGI echo

FastCGI echo

Request number 1

No data from standard input.

Request environment:

TZ=JST-9
DOCUMENT_ROOT=/dfs/prod/ips/htdocs
HTTPS=OFF
...
----------------------------------------------------------
Back in April, 1997, Ian May wanted to provide some web
pages but restrict access to only password-authorized
users. This was to distribute some "wbi" (webby) stuff
for a Stanford class.

The key was to make some httpd server changes and use
the .htaccess file in Ian's directory to define a password
file. Here are the details.

- In the httpd server's access.conf file, allow the
.htaccess file to override all options with the
following statement
AllowOverride All

- In the httpd server's srm.conf file, insure .htaccess is
on the AccessFileName line, ala
AccessFileName .htaccess

- Ian's .htaccess file in the target directory (/www/cs/user/wbi/wdk)
contained
AuthUserFile /www/cs/user/wbi/wdk/.wbipasswd
AuthGroupFile /dev/null
AuthName WDKProtectedDownload
AuthType Basic

order deny,allow
deny from all
allow from .stanford.edu
allow from .ibm.com
require valid-user
satisfy all

- And his .wbipasswd file contained
agents:qsbMgkp2ZwUZQ

- According to http://hoohoo.ncsa.uiuc.edu/docs/setup/admin/UserManagement.html#htpasswd,
which is the NCSA documentation, the password file was created using their provided
htpasswd command. Here's the poop from that NCSA web page,

Using htpasswd to manage user files

To deal with user files, we provide a program in the support directory of the
distribution called htpasswd. Usage:
htpasswd [-c] file userid
(( Added later ... Evidently there are other versions of htpasswd, maybe for other ))
(( web servers, I don't know, but I found another option for htpasswd, -m, like so ))
(( htpasswd -m conf/admin.passwd userid password ))
The -c, if present, tells htpasswd to create a new passwd file of the specified
name instead of editing an old one. file is the pathname of the user file you
wish to edit. The user parameter is the name of the user you wish to add or edit.

If htpasswd finds the user you specified, it will ask you to change the user's
password. Type the new password (it will ask twice). HTTPd will then update the
file.

If htpasswd doesn't find the specified user, it will ask you to give the user
an initial password.

I see the htpasswd command on eagle in /work/httpd/httpd_1.5.1b3-export/support/htpasswd.

----------------------------------------------------------
If someone calls asking for such-and-such a MIME type to
be added to the server's /usr/local/etc/httpd/conf/mime.types
or srm.conf file, you can push back on them and tell them
they can define their own MIME types on a directory by
directory basis by putting a .htaccess file in the directory.
e.g. echo 'AddType application/octet-stream dsk' > .htaccess
Will make files with .dsk suffixes be transmitted as
MIME type application/octet-stream, which will cause
it to be transmitted in binary with no interpretation
of the contents, and cause the client to ask where
on their disk they want this stored.
----------------------------------------------------------
A 2-15-95 note from Doug,

Rick,

Here are my notes on SSI on spider.

Allow server-side includes:
Add
AddType text/x-server-parsed-html .html
to srm.conf

Add IncludesNoExec to list of options in
access.conf. This allows includes but disallows
the use of the exec feature to run cgi or /bin/sh
programs via ssi.

DOug
----------------------------------------------------------
A naive question and answer from Roy regarding cgi-bin
scripts,

A URL has /cgi-bin/imagemap/storage/... in it,
where /cgi-bin/imagemap is a program, and
whats after that such as "/storage/..." is sent
as a parameter to the program.

Or for a more detailed description,

The way you read /cgi-bin/imagemap/storage/hardsoft/storage.map is /cgi-bin/
is an alias for /usr/local/etc/httpd/cgi-bin/. imagemap is a program under
that directory. Once the server software finds this program, it runs it and
treats anything else (storage/hardsoft/storage.map in this case) as input
parameters to the program.

The imagemap program treats its input parms as a location of the storage.map
file, using the "DocumentRoot" variable (defined in srm.conf in the directory,
/usr/local/etc/httpd/conf) which is set to /usr/local/etc/httpd/htdocs.
Finally, /usr/local/etc/httpd/htdocs is a link to /www, so the imagemap
program finally finds "storage/hardsoft/storage.map" in
/www/storage/hardsoft/storage.map. (Whew!)

And as a p.s. to that,
"I've been told that the version of the NCSA web server we have has
built-in imagemap support. You don't need the /cgi-bin/imagemap.
Just http:/storage/hardsoft/storage.map should work."