Permissions for Common File Types

In a previous post, I explained how to use chmod to change file permissions and also provided some security tips to ensure your file permissions are not more permissive than they need to be. Looking back on those posts, I think it would be useful to list some common file types and the maximum permissions that those files should have. The maximum means that there is no legitimate reason for those files to be any more permissive.

(r = read, w = write, x = execute) (Owner, Group, Other)

1. Executables – CGI files – Perl scripts, for example, often need to be executable. 755 (rwx r-x r-x)
2. Regular HTML and PHP files – These only need to be read by the outside world. 644 (rw- r– r–)
3. Private files – Sometimes text data files are stored on the server but do not need to be seen. 600 (rw- — —)
4. World writable – use these only if absolutely required by the application. 666 (rw- rw- rw-)
5. Full permissions – almost never necessary and could cause security problems. 777 (rwx rwx rwx)

There are other combinations, but these are the common permissions for files on most Linux servers. Only change file permissions if necessary. Otherwise, keep them as conservative as possible. This will ensure the security of your website(s) and server.

Software That Requires Perl Modules

When you install perl applications on a server, they will invariably require you to install additional modules for support. This is part of the unfortunate reality of running perl applications. Typically, the required module names will be displayed like this, Date::Format or File::Tail.

If you have ever tried to find the modules in your YUM or APT repositories, you probably had difficulty. That is because the naming scheme is different in Linux package management. For example, in most APT repositories, Date::Format is found in the package, libtimedate-perl, which also includes Date::Parse and some others. When you search for packages, just search for the keywords “date” and “format”, leaving off the “::”.

If you are sure the modules are not found in your package repository, you will have to install them manually. CPAN (Comprehensive Perl Archive Network) is a program that takes some of the pain out of installing perl modules, but it is still not a particularly enjoyable adventure. For more information about installing modules with CPAN, see this tutorial.

Photo Source: Wikimedia Commons

Advantages of Server-Side Scripting

Server-side scripting means that a script that is executed on a website will be processed by the server and then displayed as regular HTML in the user’s browser. The alternative to it, client-side scripting relies on the user’s own browser, often including plugins, to execute the designated scripts. Both are common, but there are some decisive advantages to taking care of scripting on the server side.

When a website relies on the client’s browser or plugins to execute the script, the assumption is that the necessary plugins or features are actually installed and enabled. If the user does not have the necessary requirements or chooses not to use them, those features on the site will be unavailable. Examples of client-side scripting include Java and Adobe Flash.

With server-side scripting, everything happens internally before the user ever sees the site. By the time the user gets to the page, it is already displayed correctly, and it will be the same content for every user. They do not have to download any extra tools or plugins. Examples of server-side scripting include PHP, Perl, and ASP.

Photo Source: Wikimedia Commons

Understand absolute and relative paths

When dealing with a web server, it is important to understand the relationships of one file to another, those files to the server, and those files to the Web. When creating hyperlinks or configuring various website options, particularly PHP or Perl scripts, you will need to know both absolute paths and relative paths.

Absolute Paths

There are two types of absolute paths you will encounter. The first is directly related to the Web and the website’s domain name. For example, the path to myfile.html might be:

http://www.mywebsite.info/folder/folder3/myfile.html

On the server, the absolute path would be something like:

/home/user/public_html/folder/folder3/myfile.html (useful in configuring scripts)

Relative Paths

With a relative path, the server looks at where the user currently is then moves either forward deeper into a directory or goes up to any number of parent directories. For example:

folder3/myfile.html

Inside the html file, you might need to link to an image in a directory that is two steps higher:

../../images/myimage.jpg (which is the absolute path: http://www.mywebsite.info/images/myimage.jpg)

With this knowledge, you should be able to link within documents and configure scripts.

Scripting language roundup

Every website has code. HTML code is the backbone of the Web, but for more advanced features on a website and especially for web applications, you need a good scripting language. Here are a few, some basic, some more complex that are free for Linux servers:

Javascript – Built into web browsers, this is a client-side language. The down side is that end users might disable it or not have it fully supported.

Perl – Old, reliable, and trusted, Perl comes with many Linux distributions, but it is not the easiest to setup and maintain.

PHP – Like Perl, it is a server-side language and has become increasingly popular. It can be run inside of Apache or as its own executable.

Python – Many programmers prefer Python for more advanced applications, although it does not dominate the Web.

JSP – Normally Java apps run on the client side, but with an Apache Tomcat HTTP server, you can have Java Server Pages (JSP).

In a future post, we will learn how to setup each on a dedicated server.

Photo Source: Flickr

Find and replace text in multiple files

Question: How can I find and replace text in multiple files?

Answer: If you have perl installed on your server, you can easily use it to perform the function you need. Even if you do not have root access to the server, basic user SSH access will be enough.

Let’s start with a simple example. If you wanted to replace every instance of the word “captain” with the word “major” in all of your html files, you would enter the follow from the command line:

perl -pi -e "s/captain/major/g;" *.html

That is all it takes. Perl will search every html file in the current path and change all of the captains to majors. This is very useful if you need to edit multiple files at once and do not want to go through the trouble of opening, changing, and saving each one.

Photo: Flickr

How to troubleshoot an Internal Server Error

Question: My CGI script is giving me a 500 Internal Server Error. What should I do?

Answer: It is one of the most dreaded errors Apache can throw at you: the 500 Internal Server Error. When you get it, you often have no idea what caused it or why. Here are a few things you can do to troubleshoot it.

1. Check the location. Make sure you have uploaded the scripts in the right place.

2. Check the upload method. Your FTP program should upload Perl scrips in ASCII not in binary mode.

3. Make sure the file permissions are set to 755 to make the script executable.

4. Often times modifications to the script, if required to configure, can cause an error. You might have slipped in an unsupported character or made a typo.

If it still does not work, try running the script from the command line and see if it spits out an error. If you still cannot figure it out, you might want to talk to the developer. The script just might be incompatible with your server. Most importantly, don’t give up.

Photo: Flickr

Installing Scripts and Software

Question: How do I install scripts and software on my shared hosting account?

Answer: A lot of that depends on the type of shared hosting account you have. If you have a Linux account, you should check with your provider to see what packages are available to you. Most will include PHP, Perl (CGI), and in some cases Java server (Tomcat).

Chances are, your web hosting provider will also include easy install scripts in your hosting plan. Check the features page of your hosting plan to see what is available. Then, you should also check your control panel to see if you can install software from there. Many web hosts include content management systems, e-commerce shopping carts, and even photo galleries.

If you still cannot find what you are looking for from your web host, you will need to make sure whatever script you want to install is compatible. Make sure you have the right version of PHP and MySQL or Perl and whatever requirements go along with it. The other thing you will need to keep in mind is that updates will be your responsibility. Some software, like WordPress, can be updated within the backend rather easily. Others will require more work.

Photo: Flickr

Finding good free scripts for your website

A good web hosting company often provides its website owners with automatically installable scripts for various popular tasks: blogging, photo albums and e-commerce, to name a few. In some special situations, however, it becomes necessary for a webmaster to search for free, reliable scripts on the web. Whether they are Perl, PHP, or ASP scripts, there are some good places to look.

Hotscripts. Hot Scripts is one of the older more well-known script repositories. It provides links, ratings, categories and annotations of thousands of Javascript, C, PHP, Flash, ASP, CGI, Python, and other scripts. This site lists both free and commercial scripts.

PHP Resource index. Another well-known and trusted site, PHP Resource Index lists both free and commercial scripts, allowing users to vote and comment on them. It currently has around 4,000 scripts indexed. Its sister site, CGI Resource Index, lists Perl and CGI scripts.

There are many other script indexes and repositories. Whichever ones you choose, it is important to be mindful of security, not just of your own website but of the entire web server. You will be responsible for installing any updates to your scripts and making sure they are secure. It is also important to understand that you, not your web host, must make the scripts work since you acquired them from third parties.

Photo: Flickr