TERMS AND PRIVACY:
WebTools
Copyright
(c) 2001, Julian Lishev, Sofia 2001. All rights reserved.
This code is free software; you can use it, redistribute it and/or modify
it, but WITHOUT ANY WARRANTY, under the same terms as Perl itself.
Please
keep structure of package and don't modify file names because you may
have problems with next version of this package! Also you can maintain
follow rules:
You can't add additional variables into 'config.pl' file:
Please create your own config file for your private needs. (You can place
your own config files into 'conf' directory)
You
can't add functions into package libs and modules:
Please create your own! (You can place your own libs and modules into
'libs/additionals' and 'modules/additionals' respectively)
READ THIS! IT IS EXTREAMLY IMPORTANT:
Do
NOT discard this document! You must read all this INSTALL.HTML completely.
It exaplain all problems generally in Web/CGI programming and particular
in WebTools installation. This file relate not only with installation
tips but with common security problems and holes! Don't let yourself be
misled with simple "make" installation how it described below,
but take care about directories, files, permissions, apache's configuration
and OS specific.
Note: You can install this package
ONLY one time and after that you can run different scripts via webtools,
so it is extreamly important to install package properly (now I can install
package in few minutes, but you should read all information in this document
and spend time in installation!)
REQUIREMENTS:
Perl (Perl
5.005_03 or later should work),
Unix/Linux or Windows 9x/NT/XP
Recomended:
Perl 5.6,
Unix/Linux OS,
MySQL server
Prerequirements:
Only DBI
(for SQL access, respectively for Session/Users support)
If you want to use MySQL you also need: MySQL
module
For
MS-Access you need DBD-ODBC
If you haven't SQL server you can use our build in FLAT DB (based on DBD::Sprite)
INSTALL NOTES:
First
of all you must have webtools package. It must be packed into one tar.gz
file.
Please copy this .gz file into some directory and run follow commands:
tar -zxvf
WebTools-1.22.tar.gz
cd WebTools-1.22
perl Makefile.PL
make
make install
make permissions
make clean
If you
are under Win, you must use 'nmake'. In this case please change 'make'
with 'nmake'
'nmake' you can download from ftp.microsoft.com/Softlib/MSLFILES/nmake15.exe
(about 50kb). You don't need VC++ to run nmake!
When you run command: perl Makefile.pl, you
will be asked to specify full path to your future webtools directory.
This directory must be into your cgi-bin directory!
On my private server it is:
/var/www/htdocs/cgi-bin/webtools
but on
my Win system it is:
c:/Apache/cgi-bin/webtools
(Please
realize that you need HTTP access to your process.cgi
script!)
If you don't know where is your cgi-bin directory, you still can install
package...just choose another directory! (after installation you must
move your installed package to your cgi-bin directory and if needed, change
owner of installed webtools and its permissions mode).
After
successful 'make' you must check whether evrything is OK!
Go to your webtools directory and check file mode of process.cgi it must
be: 0755
Also it must be owned by your user (you don't need root access to install
this package!)
NOTE:
You may have big problems depending of your OS and security settings!
To void this problem you must be very attentive:
- You
have only one real script: process.cgi, so it must be able to read and
write your files! So you must chmod to 0755. If Apache server don't change
user of script to your user, YOU must insure that process.cgi never will
try to read/write on directories where it has not access!
To insure this you must know very well structure of Webtools module!
webtools
-----
conf
|
+----
db
|
+----
drivers
|
+----
htmls
|
+----
jhtmls
|
+----
libs
|
+----
logs
|
+----
mail
|
+----
modules
|
/tmp OR +---- tmp
For 'conf','drivers','htmls','jhtmls','libs','modules'
directories you need only 'read' access.
For 'db' directory you need 'read'
access (and 'write' if you use DB FLAT -
default)
For 'logs','mail' you need 'read'
and 'write' access (default these directories
are not used)
You need also full access to 'tmp' directory
(your system directory or your own)
Now let
see some examples:
-------------------------------------------------------------------------------------------------
CASE 1: You are some good user(july)
on some good free host(newald.proscriptum.com) :-)))
Let 'july' user has home directory: /home/july
(we use virtual host: july.newald.proscriptum.com)
His full cgi-bin directory is: /home/july/public_html/cgi-bin
So his webtools directory can be: /home/july/public_html/cgi-bin/webtools
Now we can upload WebTools-1.22.tar.gz to our home
directory and after that to install script.
After installation our process.cgi has permission mode set to 0755, directories
have permission modes: 0755 and any other files: 0444
Features:
- Our host is virtual, so Apache change user to 'july' when we start process.cgi!
In other words we are ready to configure package whitout any hidden traps!
Evrything is ok, so let run script: perl -c process.cgi
-------------------------------------------------------------------------------------------------
CASE 2: You are some user (and
you has not virtual host) under Open BSD OS.
User: snm
Server: www.jozefina.bg
User home directory: /home/snm
His full cgi-bin directory: /home/snm/http/cgi-bin
So his webtools directory can be: /home/snm/http/cgi-bin/webtools
,
please install package into this directory!
Now let suppose that your scripts running with Apache's user (i.e. Apache
can't write into your directories when they has 755 permissions!). That
can be a problem, we realy need to write into db,
logs, mail and
tmp directories, so we must chmod these directories
to 0777 (BUT THIS IS
UNSECURE). To decide problem we must create these directories in
our home directory, for example:
/home/snm/webtools/db
/home/snm/webtools/logs
/home/snm/webtools/mail
/home/snm/webtools/tmp
then we can chmod to 0777 these directories!
(other user can't read/write 'snm' directory,
so they can't access and these directories too :))
After this you MUST move files from original(installed) directories to
directories we've just created (preserve attributes/permissions when files
are moved). Ok, is evrything done? Actualy not at all, you also need to
edit "config.pl". Please run 'pico' or some other editor and
change path to new location of db, logs,
mail and tmp
directories! (or
use install.cgi to modify config.pl file!)
--------------------------------------------------------------------------------------------------
CASE 3: You have
root access! Well is not a good idea
to install webtools with root access! You
can login with some other user and install
package in directory you want and chown/chmod
if need (using root). With root access you can install package on way
you want and can resolve problems very fast (if you want you can run your
scripts with 'www' user and so on...). You
can create directories (db,logs,mail, tmp
...) into some private directory (where nobady
except Apache can read/write)...
NOTE: Please be very careful when install
any scripts/modules with root access. You bring responsibilty for your
actions!
--------------------------------------------------------------------------------------------------
SECURITY
SETTINGS:
Before
you can go life in web you have to check security settings of your web
server!
Here we suppose that you haven't root access, so you can't make any changes
to server if any security fixes are required.
- First of all you have to check ability of externel user to access your
directories:
(If you are owner of web server and you are the only one user on it e.i.
no body else can access remotely) you can close your eyes and leave this
check unperformed. Other else you have to check whether other user can
"cd" your directory. If that is possible you need to fix that
(contact your system administrator and ask him to protect your directory
of unauthorized access!)
- Secondry you need to check ability of web users
to access and/or read your datas and/or scripts:
Immediatly go to your "webtools/htmls" directory and "vdir"(or
"ls -l") this direcory. It should contain file "env.html"
and it shoultd be with permission: 644 (or
444) depending of your OS defaults. These
"htmls" actualy are embedded Perl files, so
it is extreamly important these files (htmls) to be unaccessable and unreadable
from Web interface i.e. line like this: http://your_server/cgi-bin/webtools/htmls/env.html
should return NOT html page, it MUST return "Internal
Server Error" because Apache must interpret these files as
scripts!!! If that is not true, you have to set other
extension for all files in webtools/htmls (.whtml
, .cgihtml , .htm
or .cgi are supported) That mean, that you
need to correct all files that access these ".html" files (and
given examples too). Other solution (when you have access to server) is
to forbid ".html" to be read in cgi-bin directory (you need
to edit httpd.conf -> please read Apache's documentation to learn how
to do that).
NOTE: You can configure config.pl so extensions .whtml, .cgihtml and so
on to be treated as .html!!!
- Finnaly solution (and in many cases the best):
You can install webtools into ../cgi-bin/webtools and after that you can
move all directories and files in your "secure" home directory
where no body except you can read/write these files! Ofcource you must
leave at least "process.cgi" in
your web based cgi-bin/webtools directory and "conf"
directory too, after these operations you must
edit your config.pl file and mark changes of new webtools directory structure
(you should edit section "[PATHS]"
in config.pl). That is all but don't forgot to set variable $check_module_functions
= "on" (that is internal build
way to check your configuration!)
NOTE: Please preserve permissions of directories and files in.
NOTE: Apache's should handle (in httpd.conf)
.cgi and .pl
file with AddHandler!
Example: AddHandler cgi-script .cgi .pl
AFTER
INSTALLATION:
- Before you can be able to run any srcipt (and examples) you must
configure your 'config.pl' file!
For example of configuration please read HELP.doc (found into 'docs' directory)
- If evrything is configured properly, then go into telnet(console) and
cd to your webtools
directory.
Execute
follow line: perl -c process.cgi
Evrything must be "OK" before you can go ahead. Now open one
browser's window and type follow url: www.your_host.com/~your_user/cgi-bin/webtools/process.cgi
where:
~your_user is your
user name (remove it if you have your own server/virtual host)
cgi-bin/webtools
is your http based webtools directory and
process.cgi is your
base (only one) script!
Into browser's window you will see your current configuration. Please
check it for problems/errors.
Clear them all and then set variable $check_module_functions to 'off'
Now you are ready to lear webtools and run all examples into docs/examples
directory!
INSTALL.CGI
(WEB BASED CONFIGURATOR)
At versioin 1.16 of WebTools, proscriptum.com released new feature for
easy making of WebTools configuration. This new feature allow remote configure
of config.pl file via Web interface i.e. you can make different adjustment
to almost every aspect of WebTools configuration. So at this point I will
recommend that script for configuration purposes instead of manual edit
of config.pl. Also with "install.cgi" you have unique chance
to create structure of MySQL and/or Flat DB without any additional work.
(for MS Access you still have to do manual work)!
Get started:
First
of all you need to insure that install.cgi has proper permissions mode
(755 i.e. must be executable and install.cgi must be able to write/read
./conf/config.pl and ./db/ directory)!
I have to explain: install.cgi need to write/rewrite config.pl file so
please set needed permissions for conf directory and for config.pl file!
Also install.cgi need to create files into database directory (./db/)
At last install.cgi must have correct shebang (default it is: /usr/bin/perl)
This rule is important for install.cgi on the same way as it is important
for process.cgi So it is not a bad idea if you change shebang on these
two scripts at once (of course do it in case of wrong Perl location!)
For advanced web programmers I will mention that install.cgi script is
not accessable on default (security restriction). So if you want to use
it, then you have to edit install.cgi (see first paragraph of script):
- Set $install_script_available to '1' to enable script.
- Set proper Admin user and respective password for script access!
When you have done with WebTools configuration set again variable $install_script_available
to '0'! That will keep "hackers" away from your server! :-)
Work with install.cgi is absolutely clear. Just run script on that way
and enjoy :-)
http://www.yourserver.com/cgi-bin/webtools/install.cgi
#-----------------------------------------------------------------------------------------
# Step by Step Installation example:
#-----------------------------------------------------------------------------------------
tar
-zxvf WebTools-1.22.tar.gz
cd WebTools-1.22
perl Makefile.pl
>
/usr/local/apache/cgi-bin/webtools/
make
make install
make permissions
make clean
cd ..
rm -rf WebTools-1.22
cd /usr/local/apache/cgi-bin/webtools
ls -l -a
perl -c process.cgi # Must be "ok"
lynx www.your_server.com/cgi-bin/webtools/process.cgi
# Should see webtools in check mode...see your current
configuration and edit where is needful!
pico conf/config.pl (or use install.cgi to
modify config.pl file!)
Edit where
is needful...
lynx www.your_server.com/cgi-bin/webtools/process.cgi
#Check again ...ok?
pico conf/config.pl (or use install.cgi to modify config.pl file!)
Edit:
$check_module_functions = 'off';
# Now evrything is ok, so you could set "off"
value!
lynx www.your_server.com/cgi-bin/webtools/process.cgi?file=env.html
# If you want to configure properly your DataBase
driver with webtools please go to docs/
# directory to find out how!
#With line above you call simple script example...
#----------------------------------------- END -------------------------------------------
AUTHOR:
Julian
Lishev,
e-mail: julian@proscriptum.com
|