Web Hosting

From Fishcakes Wiki

Stuff: Web Hosting

Notes about Web Hosting including cPanel Control Panel and other hosting issues.

cPanel Control Panel

• cPanel Tutorial
• Web Host Manager (WHM) Tutorial
• Client Exec

Horde Webmail Setup

Use the following instructions to configure your Horde Webmail account:

1. Login to Horde, usually via www.yourdomain.com/webmail.
2. Select Options > Global Options > Personal Info:
   • set Full Name.
   • set From Address.
3. Select Options > Global Options > Locale & Time:
   • set Language to English (British).
   • set Time Zone to Europe/London.
   • tick Display 24-hour Times.
   • set Date Display Format to Mon 29/01/07.
4. Select Options > Global Options > Display Options:
   • set What application to display after login to Mail.
5. Select Options > Mail > Personal Info:
   • set Full Name.
   • set From Address.
   • set Signature.
   • leave Save Sent Mail to Default and Horde will create a Sent folder.
6. Select Options > Mail > Server & Folder Info:
   • DO NOT TICK use iMAP folder subscriptions as this will not work with most clients!
   • set Drafts Folder to Drafts.
   • set Trash Folder to Trash.
   • set Spam Folder to Spam.
7. Select Options > Mail > Deleting & Moving Messages:
   • tick Return to mailbox listing.
   • set Move spam messages to spam folder.
   • tick When deleting move to Trash folder.
   • ensure Trash folder is Trash.
8. Select Options > Mail > Address books:
   • tick Save Recipients Automatically.
   • select Name and Email in the 'Select all fields to search... section.
   • set Address Book to My Address Book.
9. Hit your browser's Refresh button to reload the page.
10. Check that the new folders are displayed.
11. Log out of Horde

Configure Entourage iMap account

1. Launch Entourage
2. Select Tools > Accounts > Create New to open the Accounts window.
3. Click New to create new account
   • Account Type iMap
   • Select OK
4. Account tab
   • set Account Name
   • set Name
   • set Email Address
   • set Account ID (email address)
   • set iMap Server to mail.studiovoltaire.org
   • set Password
   • set SMTP Server to mail.studiovoltaire.org
   • tick SMTP Server requires authorisation
5. Options tab
   • set Default Signature
   • leave rest as defaults
   • tick download Complete messages in InBox
   • tick partially retrieve messages over 20 kb
6. Advanced tab
   • untick store sent messages
   • untick store drafts
   • tick mark messages as deleted
7. Click OK to save settings
8. Right click new Account Folder
   • select Receive Complete Folder List
9. Double-click on each folder to update
   • Drafts
   • Sent
   • Spam
   • Trash
10. Go to Tools > Accounts > Edit Account > Advanced tab:
    • tick store sent messages > select folder Sent
    • tick store drafts > select folder Drafts
    • tick move messages to deleted folder > select folder Trash
11. Go to Tools > Accounts > Edit Account > Options tab:
    • tick download complete messages in InBox
12. Click OK to save settings

Parallels Pro Control Panel

This is the Control Panel for United Hosting, formerly called Ensim Pro and now merging towards Plesk.

• www.parallels.com/en/pro/docs

RoundCube Webmail

• http://www.roundcube.net
• http://trac.roundcube.net

Import Address Book Contacts

Here is a workflow how to import your Address Book Contacts into Roundcube Forum Post:

1. Export your contacts into a CSV file If you can only export into vCards (as from MacMail) then you can convert your vCards to a CSV file e.g. with this webtool http://labs.brotherli.ch/vcfconvert/
2. Inside your CSV file you need at least the columns: firstname, surename, name, email
3. Import this with phpMyAdmin

   Go to the table "contacts" in the database "roundcube" (or whatever you named it). Import format CSV, In the field “column names” enter the name of the columns in same order as inside your csv file e.g. “firstname, surename, name, email”

4. After a successful import you might want to run the following SQL on the table roundcube.contacts

update contacts set user_id = 1, changed = NOW()

(user_id is your roundcube user_id from table roundcube.users)

SSH Access

Enter my domain name and port (15554) into those fields and click Open.

http://www.oreillynet.com/pub/a/wireless/2001/11/20/secure_webcam.html

Symbolic Links

Just wanted to start off by thanking you for all the help getting us up and running. So far, RZ has provided far and away the best support I've ever experienced. Can't tell you how great it is to finally have our hosting with someone who seems to get it!

Now for today's issue: Symbolic Links & SSH

We need to install the MediaWiki CMS in a variety of locations, both on our main domain (fishcakesmedia.com) and on client domains (we are only reselling to our design clients). We already do this on our in-house server by creating symbolic links between a base set of code and the secondary installations.

With that in mind, I'd like to get SSH access for our primary domain fishcakesmedia.com, but also wanted to first see if it's possible to setup some sort of cPanel/WHM protocol to allow us to do this without the need for issuing Unix commands. We'd be more than happy to pay to have something like this setup.

I've done a quick search of the forums but couldn't find any advice on this, so would appreciate your suggestions on the best course of action.

2. Migrating Domains

We have a number of client hosting accounts which we are planning to migrate to our RZ hosting space and we'd also like to migrate the domain name management with them. We've looked at the enom option, but would prefer to just transfer them to RZ and let you deal with that side of things as you can offer a better price to our clients then we could with enom. Please could you let me know how to set this up.

Want to setup symbolic links between folders so that I can run multiple sites using one set of code for Mediawiki. I understand that I will need SSH to allow me to issue unix cm symbolic link

• rz forum — symbolic links

Web Robots

Need to work on implementing this for private sites.

• Web Robots FAQ

.htaccess File and Server Side Includes

.htaccess File

The .htaccess file is Apache's directory-level configuration file which provides the ability to customize configuration for requests to the particular directory, and is commonly used for:

• Authorization, authentication: .htaccess files are often used to specify the security restrictions for the particular directory, hence the filename access. The .htaccess file is often accompanied by an .htpasswd file which stores valid usernames and their passwords.
• Customized error responses: Changing the page that is shown when a server-side error occurs, for example HTTP 404 Not Found.
• Rewriting URLs: Various server-side PHP scripts use .htaccess to rewrite ugly URLs to shorter and prettier ones.

See also:

• wikipedia.org htaccess
• askapache.com htaccess
• dinsol.com htaccess tutorial

Below are some of the things you can do with .htaccess.

Block Users from Accessing Your Web Site

You can deny access to a particular individual or domain by modifying the .htaccess file using either an IP address or a domain name:

<Limit GET>
order deny,allow
deny from 123.456.789.000
deny from 456.78.90.
deny from .aol.com
allow from all
</Limit> 

In the example above, a user from the exact IP number 123.456.789.000 would be blocked; all users within a range of IP numbers from 456.78.90.000 to 456.78.90.999 would be blocked; and all users connecting from America Online (aol.com) would be blocked. When they attempted to browse your web site, they would be presented with the 403 Forbidden ("You do not have permission to access this site") error.

Change Your Default Home Page

In order to browse your site by specifying the domain name only (e.g., http://www.fishcakesmedia.com) instead of having to specify an exact page-name (e.g., http://www.fishcakesmedia.com/page-name.html), you must have an index page in your public_html folder. Default acceptable file names for index pages include index.htm, index.html, index.cgi, index.shtml, index.php, etc. Note that they're all named index.*.

There is also a default order of precedence for these names. So if you have both a file named index.cgi and a file named index.html in your folder, the server will display index.cgi because that name takes a higher precedence than index.html.

With .htaccess you can define additional index page-names and/or change the order of precedence. To define your index page as page-name.html add the following line to your .htaccess file:

folderIndex page-name.html 

This will cause the server to look for a file named page-name.html. If it finds that file, it will display it. If it does not find that file, it will return a 404 Missing Page error.

To change the order of precedence, enter a folderIndex command with multiple file names on the same line. The order in which the file names are listed (from left to right) determines the order of precedence. For example,

folderIndex page-name.html index.cgi index.php index.html 

Customise Error Messages

If you want to override the server's error pages, you can use .htaccess to define your own messages. An example of the syntax is:

ErrorDocument 500 /error_500.html

Disable or Enable folder Browsing

Due to security concerns it is a good idea to remove the default Apache setting that allows folder indexing, which allows the contents of a folder to be displayed in the browser when the folder doesn't have an index page. For example, if you make an http call to a folder such as http://www.fishcakesmedia.com/images/, it would list all the images in that folder without the need for an html page with links.

To disable this for a folder and sub-folder, add the following line to your .htaccess file:

# disable directory listing
Options -Indexes
# end disable directory listing

To enable this option for specific folders, you can reactivate it by adding the following line to your .htaccess file:

# enable directory listing
Options +Indexes
# end enable directory listing

Make Site Class B

Class B means that all of the traffic to http://www.yourdomain.com is politely and silently redirected to http://yourdomain.com, losing the need for the www on your domain. As the www classification is now deprecated, all websites should try to achieve this. See no-www.org for more info.

The process of making your domain a Class B is quite simple. All you need to do is create or modify a file called .htaccess located in the root directory of your site and add the following lines, changing the red text to match your domain.

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.domain\.com$ [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L] 

Override SSI Settings

By default, only pages ending in the .shtml extension will parse server-side includes (SSI) on most servers. You can override the default server configuration so that SSI will work with .html documents by adding the following lines to your .htaccess file:

AddType text/html .html
AddHandler server-parsed .html 

If you want both .html and .htm documents to parse SSI, create your .htaccess file with these lines:

AddType text/html .html
AddHandler server-parsed .html
AddHandler server-parsed .htm 

Prevent Hot Linking and Bandwidth Leeching

What if another web site owner is stealing your images and your bandwidth by linking directly to your image files from his/her web site? You can prevent this by adding this to your .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?fishcakesmedia.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]

With this code in place, your images will only display when the visitor is browsing http://www.fishcakesmedia.com. Images linked from other domains will appear as broken images.

You can also provide an alternative image to display on the hot linked pages, for example, an image that says "Stealing is Bad ... visit http://mydomain.com to see the real picture that belongs here." Use this code to accomplish that:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?fishcakesmedia.com/.*$ [NC]
RewriteRule \.(gif|jpg)$  [R,L]

Prevent viewing of .htaccess or other files

To prevent visitors from seeing the contents of your .htaccess file, place the following code in the file:

   <Files .htaccess>
   order allow,deny
   deny from all
   </Files>

If you want to prevent visitors from seeing another file, just substitute that file's name for .htaccess in the Files specification.

Redirect to a New Page or folder

If you re-do your entire web site, renaming pages and folders. Visitors to the old pages will receive the 404 File Not Found error. You can solve this problem by redirecting calls to an old page to the new page. For example, if your old page was named old-page.html and that page has been replaced by new-page.html, add this line to your .htaccess file:

Redirect permanent /old-page.html http://www.fishcakesmedia.com/new-page.html

Now, when the visitor types in http://www.fishcakesmedia.com/old-page.html, they will be automatically redirected to http://www.fishcakesmedia.com/new-page.html.

If you've renamed a folder, you can use one redirect line to affect all pages within the folder:

Redirect permanent /old-folder http://www.fishcakesmedia.com/new-folder/

Note that the old page or folder is specified using the system path relative to your public_html folder, while the new page or folder is specified by the absolute URL.

If this doesn't work for you then try this to redirect the url http://yourdomain.com/jpcl (upper or lower) to a specific file:

# redirect URL
RewriteRule ^jpcl$ jpcl.html
RewriteRule ^JPCL$ jpcl.html
# END redirect URL

Excellent for redirecting commonly used urls without the need for the .html extension.

Register Globals

To turn register_globals off, edit .htaccess file:

php_flag register_globals off
Order allow,deny
Allow from all

Server Side Includes (SSI)

Server Side Includes (SSI) is a server side web scripting language which allows you to include the contents of a file into another via the Web Server. It basically allows you to paste the contents of one or more files into another. It does have some security issues. See Wikipedia Server Side Includes.

Using Server-Side Includes (SSI)

Apache web server has a variety of configuration options available to the server administrator. In a shared hosting environment, you don't have access to the main Apache configuration so you inherit the default configuration. However, you can override some of the default settings by creating (or editing) a file named .htaccess.

This is a simple ASCII text file placed in your public_html folder or in a sub-folder of your public_html folder. You can edit this file in any text editor and then upload it to the folder you want the setting modified. The file must be uploaded in ASCII (not BINARY) format, and the file permissions must be set to 644 (rw-r--r--) to allow the server to access the file, but preventing visitors from accessing the file through their web browser which is a major security risk.

Commands in the .htaccess file affect the folder that it's placed in and all sub-folders. If you place the .htaccess file in your public_html folder, it will affect your entire website. If you place it in a sub-folder then it will affect only that folder plus all sub-folders of that folder.

Most .htaccess commands are designed to be placed on one line. If your text editor wraps lines automatically, you should disable that function before saving and uploading your file. Also, note that .htaccess commands are case-sensitive.