WASD Hypertext Services - Technical Overview
[next] [previous] [contents]
8 - HTTPd Server Administration
All server configuration files, with the execption of the authentication
databases, are plain text and may be modified with any prefered editor.
However the majority of this can also be administered on-line through a browser.
A menu of administration functions
is provided by the server.
In addition a Web Update facility allows
some administration of file system portions of the Web.
See 11 - HTTPd Web Update.
If authorization is in use (see 7 - HTTPd Authentication and Authorization) it is
recommended that the path to these reports be controlled via authentication and
authorization, using both host and username restrictions, similar to the
following:
[WHATEVER-REALM]
/httpd/-/admin/* host.ip.addr,~WebMaster,~WhoEverElse,r+w
To restrict server administration to browsers executing on the server
system itself use a restriction list similar to the following.
[VMS]
/httpd/-/admin/* localhost,~WebMaster,r+w
8.1 - HTTPd Server Reports
The server provides a number of internally generated reports.
- Statistics -
Server process up-time, CPU-time and other resources consumed,
number of connections processed, number of requests of each HTTP method, type
of processing involved (HTTPd module used), number of bytes processed, etc.
- Configuration -
A tabular summary of the server's current configuration. This is
a convenient method for viewing the information from the HTTPD$CONFIG file.
- Mapping -
All loaded mapping rules. In addition a query-form interface allows the
user to input a path and watch the rules as the server resolves it.
- Path Authorization -
If authorization is in use (see 7 - HTTPd Authentication and Authorization) this
report lists the paths with associated authorization and access control.
- User Authentication -
List any users that have been authorized since the server was last started,
the realm authorized from, the group it applies to (if any), and what the
user's capabilities are (allowed HTTP methods). A time-stamp and counters
provide additional information.
- Request -
Lists current requests (always shows at least your own connection accessing
this report :^) and if enabled by configuration a history list of the most
recent requests. Enabled by the configuration parameter [RequestHistory].
- Script -
Provides some DCL, CGI and CGIplus scripting information.
- DCL module statistics (same information as displayed in the server
statistics report). These are cumulative for the entire life of the system
(unless zeroed).
- Subprocess information show how many actual subprocesses exist at the time
of the report. The soft-limit specifies how many CGIplus scripts
are allowed to continue existing before the least used is deleted and the
hard-limit show how many subprocesses may actually exist at any one
time (the margin allows for subprocess deletion latency). A count of how many
times the CGIplus subprocesses have been explicitly purged (button available on
this report page). The life-time of zombie processes (in minutes,
zero implying use of zombies is disabled) and the number that have been purged
due to expiry. CGIplus subprocess life-time (in minutes, zero implying
indefinite), the number purged due to life-time expiry and the number of
CGIplus subprocesses that the server has actually purged (deleted) to maintain
the soft-limit margin specified above.
- Each of the allocated subprocess data structures is listed. There may
be zero up to hard-limit items listed here depending on demand for DCL
activities and the life of the server. Items with a PID shown indicate an
actual subprocess existing. This can be a zombie subprocess or a CGIplus
subprocess. If no subprocess is indicated then the other information
represents the state the last time the item's associated subprocess completed.
Information includes the script (URL-style path) or DCL command, total count of
times the item has been used and the last time it was. The zombie count
indicates the number of time the same subprocess finished a request and entered
the zombie state. The CGIplus column indicates it is/was a CGIplus
script and shows the total number of times that particular script has been/was
used. If the subprocess is currently in use the client information show the
client host name.
- If any subprocesses are associated with any data structure a
purge button is provided that forces all subprocesses to be
deleted. This can be useful if a new script image is compiled and it is
required all scripts now use this. If a script is currently processing a
request the subprocess deletion occurs when that processing is complete. The
purge button does not force a subprocess to delete, so a
second button forces all subprocesses to delete immediately.
This can be used to forceably clear errant scripts, etc., but be warned script
processing is indiscrimately stopped!
- Activity -
Provide a graphical snapshot of server activity of a given period.
This is dynamic data, held in memory only, and so is current only from the
latest server startup. It is enabled by the configuration parameter
[ActivityDays]. The administration menu provides several, represented
as a period of hours before the present time. Number of requests and bytes sent
to the client are represented by a histogram with respective means for each
during the period by a line graph. A greyed area indicates no data
available for that time (i.e. before the latest server startup, or in the
future).
Activity data is accumulated on a per-minute basis. This is the maximum
granularity of any report. When reports are selected that can display less
than this one minute granularity (i.e. with periods greater than four hours)
the value shown is the peak of the number of minutes sampled
for display. This better represents the load on the server than would a mean
of those samples.
For browsers recognised as capable (with v4.3 of the server these are
Netscape Navigator 3.0ff and Microsoft Internet Explorer 3.02ff) this report
is JavaScript-enabled, and if in focus the browser refreshes itself at an
interval appropriate to the reporting period. If not in focus, the report is
automatically refreshed when the browser is brought back into focus.
The graph is an image map, various regions of which allow the selection of
other reports with different periods or durations. This allows previous
periods to be examined at various levels of detail using the graph for
navigation. Various sections may have no mapping as appropriate to the current
report.
The following example shows the layout for a four hour report. The upper
and lower sections have distinct functions. The middle 50% of the upper
section allows the same end time (most commonly the current hour) to be
examined over twice the current period, in this case it would be over eight
hours. The left 25% allows the previous fours hours to be viewed (if such data
exists), and for non-current reports the right 25% allows the next four hours
to be viewed. The lower half can be divided into sections representing hours
or days depending on the period of the current report. This allows that period
to be viewed in greater detail. For single hour reports this section, of
course, is not mapped.
Remember that the URL of the mapped section will be displayed in the
status bar of the browser. As the URL contains time components it is not a
difficult task to decipher the URL displayed to see the exact time and period
being selected.
8.2 - HTTPd Server Revise
The server provides a limited configuration revision facility.
- Configuration -
A form-driven interface allows the current configuration of the server to be
altered on-line. This configuration may then be saved to the on-disk file and
then the server could be restarted using the new parameters. The source of the
current configuration can be either the server itself (from it's volatile,
in-memory parameters) or from the on-disk configuration file. In addition it
is possible to directly edit and update the on-disk file.
- Mapping -
No form-driven interface is currently available for changing the mapping rules.
However it is possible to directly edit and update the on-disk file. The
mapping rules could the nbe reloaded, changing the current server rules (see
8.3 - HTTPd Server Action).
- Path Authorization -
No form-driven interface is currently available for changing the path
authorization configuration. However it is possible to directly edit and update
the on-disk file. The path authorization directives could the be reloaded,
changing the current server authorization (see 8.3 - HTTPd Server Action).
- User Authentication -
User authentication comprises a number of dialogues that allow the
authentication databases to be administered. These include:
- creating databases
- deleting databases
- accessing databases for administering usernames
- listing usernames within databases
- adding usernames
- deleting usernames
- modifying username permissions and other data
- reseting in-server (cached) authentication information
Chapter 7 - HTTPd Authentication and Authorization covers authentication detail.
8.3 - HTTPd Server Action
The server allows certain run-time actions to be initiated.
- Statistics Zeroed -
All counters are zeroed (except the number-of-times-zeroed
counter!)
- Mapping Rules Reload -
Reloads the path mapping rules from the on-disk file into the running server.
Caution! If changing CGIplus script mapping it is
advised to restart the server rather than reload. Some conflict is possible
when using new rules while existing CGIplus scripts are executing.
- Path Authorization Reload -
Reloads the path authorization directives from the on-disk file into the
running server.
- User Authentication Cache Purge -
For efficiency reasons authenticated user information is cached for a limited
period within the running server. All this cached information may be
completely purged using this action, forcing subsequent requests to be
reauthenticated from the on-disk database.
[next] [previous] [contents]