Jaguar has made significant improvements to aspects of Mac OS X. These features make setting up a home Web server easier and more powerful than ever, and I'll touch on some of them while digging deeper into the homemade Dot-Mac project.
Previously, you learned how to configure a home machine into a Web server, handle the dynamic IP address, and test connections. In this piece you're going to learn how to:
I also have some exciting news at the end of the article, so stay tuned.
Assuming that everything went well in the last article, you should have your home Web server up and running. At any time you can type in your "virtual domain" or IP address and see the default Apache Web page found on your computer. If this is the case, you are ready to move onto setting up a firewall to protect your computer. If not, you can Email me.
A reader pointed out in the last article that some cable providers are blocking users from running their own Web servers. If this is the case, I suggest you vote with your dollar and look into switching to another ISP.
A firewall is a security measure to prevent unwanted users from gaining access to a LAN (Local Area Network). Usually, a firewall consists of one computer that acts as a gateway to the Internet. All Internet traffic must pass through that computer.
Prior to Jaguar, Mac OS X had firewall protective measures built into the OS, but configuring these settings was a complicated task. A gentleman by the name of Brian Hill solved this problem with a shareware application called BrickHouse.
BrickHouse helps you to configure Mac OS X's firewall so you can filter out unwanted traffic to your computer or network. The importance of this is simply to keep private information private and keep nasty people from nefarious tasks.
BrickHouse makes setting up a firewall almost child's play by using a handy wizard which configures your system. It's as easy as ...
One ...
Two ...
Three!
On the final configuration screen you should hit the button to install a startup script before you apply the configuration. Unless you wish to set up more advanced options, like IP sharing, you're finished. As a quick test you may want to ensure you can still access your Web server.
The new features in Mac OS X 10.2 now feature a GUI for configuring the firewall, although you won't find them as flexible as BrickHouse. Regardless, let's go ahead and set up a basic firewall using Jaguar.
Step 1: In the Services Tab under System Preferences -> Sharing, select the checkboxes to enable the services you'd like to be able to access. In the case of running a Web server, we absolutely want to select Personal Web Sharing and turn it on.
Next, select the Firewall tab and press the Start button for the Firewall.
After you've completed these changes, it's a good idea to go to the browser, type in your domain or IP address, and see if your Apache Web page is still up and running. One problem I've found in the Jaguar GUI is that you cannot make changes to your firewall settings for port forwarding. This may be important to you if you have multiple machines, so unless you're well versed in the command line, you'll require something like BrickHouse for this.
|
I wanted to compare the use of BrickHouse to the default Jaguar options, so I asked Brian Hill, who wrote the BrickHouse application, to give me a more technical description of why you might choose to spend the $25 for his shareware program. Here are his thoughts:
"BrickHouse has the ability to create filters for non-TCP traffic, as well as specify host and network addresses in the filters. This allows you to allow traffic from a certain host, or network, but not others. BrickHouse also has an integrated firewall Log and Firewall Monitor. In addition, the IP sharing interface in BrickHouse has facilities to handle more complicated environments, including multi-homing and port redirections.
The upcoming BrickHouse 1.2 version, currently in pre-release, has the ability to automatically associate firewall configurations with Network Location/Active Interface pairings, so that the firewall configuration will switch when you go from Ethernet to Airport to Internal Modem, for example.
In addition, the 1.2 version has a fully searchable firewall log database, which will automatically archive new firewall log entries throughout the day. The 1.2 version can also export log files in a variety of formats compatible with other firewall analysis tools.
Finally, the upcoming 1.2 version of BrickHouse takes advantage of the new 'stateful' functionality in the Jaguar firewall, so that many of the filters that used to be required for some types of UDP traffic will no longer be needed, in addition to preventing certain types of stealth port scans."
Whew!
There are literally hundreds of applications and options for creating Web pages. The tools necessary for your Web site really depend on your needs. Since this isn't an article on HTML or design, I've included a basic list of some solutions, sorted by price/power:
Free
Easily Affordable
Professional
There are tons of HTML applications out there, and since I can't name them all, go ahead and leave suggestions at the end of the article. For the sake of this article, I want to use something everyone has access to, iPhoto.
My wife loves this application. There just isn't a better solution to quickly archive a bunch of graphics, format them for the publishing, export them into an HTML document, and post them on the Web. A classy application with all the grace you expect from Apple.
When we first launch iPhoto, we are confronted with our image library. Let's start by:
Next ...
Note: There is a nice little freeware application called BetterHTML Export that gives you more control and options over iPhoto's exporting abilities. I highly recommend it. If you want to learn more about using iPhoto, I also recommend iPhoto: The Missing Manual, written in part by our own Derrick Story.
The location of the WebServer folder (where we export our Web pages) is located in YourHardDrive -> Library-> WebServer. We can move this location, but that requires a bit of additional knowledge that we'll cover in a future article.
In the WebServer folder we find two additional folders, one for CGI-Executables and another for Documents. Let's ignore the CGI folder for now. When we visited our Web server in the last column, we saw a Web page with the Apache logo. This is where that page is located. You can go ahead and remove all of the current contents since you won't need them any longer.
Export your iPhoto Web page to this location, and you should be ready to view your new Web site. Once again, go to your browser, type in your "virtual domain" or IP address, and hit return.
Ta da!
|
If you are serious about the identity of your URL, you may want to take this moment to register a domain name. So far, everything we've done has led up to this moment. If a domain name is unimportant to you, save a few bucks and skip this section.
When you register a domain name, the registrar requires that you point the name to the ISP's name servers. Since we are using a Dynamic DNS service to point to our own server, we'll be using their name servers in place of an ISP's. In the last article we used a service called DynDNS.org. You can find instructions on how to point your domain to the DynDNS.org service here.
One feature that I occasionally use on .Mac is iDisk. The problem in the past was that I was unable to store large amounts of data without paying Apple large amounts of cash. Even with the recent increase to 100MB with the .Mac account, many of the files I deal with daily have a cumulative storage space of several gigs.
I travel a great deal, and all of my clients are located hundreds of miles from my location. I just don't keep every file I ever created on my laptop, and I backup to an external drive connected to my home server. My clients are also PC users, and I find file transfers easier when I can just connect to my home machine versus dealing with my laptop and their networks. I often need access to large database and graphics files, so I love being able to connect to my home server without being concerned about their firewalls.
There are several ways to ensure you can get to your files no matter your location. In this piece we'll set up one option and talk about another.
|
Related Reading 
iPhoto: The Missing Manual |
File Transfer Protocol is one of the most common ways to move files between locations. What I like about ftp is that I can use it from almost any Web browser with a connection to the Internet. Lucky for me Mac OS X has an ftp server built in, and it starts with one click of the mouse.
Now I want to mention that for certain reasons, ftp is not the safest way to connect to your computer remotely, but it is by far the easiest.
In the Sharing Preferences Pane, check "Allow FTP Access." You're now ready to login to your computer remotely. Different browsers and operating systems handle it differently, but the end result is always the same.
Open a browser window and type in ftp://youripordomainname. You should then be prompted to type in your username and password. That's it.
In general you can open a browser and type ftp://yourusername@youripordomain. The browser should then request your password.
I will point out that one of the most common security violations when using ftp is often a silly mistake. If you logon at a remote location and don't clear that browser's cache, you may have left the door open to the next person who uses that computer.
Web-based Distributed Authoring and Versioning(WebDAV), is an emerging Web-based collaboration standard. WebDAV allows you to use a remote Web server as if it were a local drive. iDisk is an example of a WebDAV solution. If you use Mac OS X and iDisk, you've probably noticed that your iDisk mounts on your computer as if it were a regular hard drive. What makes WebDAV particularly useful is it works well as a collaborative tool. A group of people can remotely develop, edit, and manage any content, all sharing the same WebDAV "drive."
It is not only a safer solution than ftp, but also possible to enable WebDAV on your OS X Web server. However, due to the complexity, we'll cover that in a future article.
Now that we've set up the basics of our home Web server, we have a platform for a wide variety of options and fun projects that we can build upon. Our very own James Duncan Davidson and I are planning to introduce some of these issues in future articles. James will be introducing you to the more technical "Unix" aspects of controlling your Web server, while I'll be introducing a number of new projects. Look for upcoming articles on setting up a mail server, Quicktime streaming, MP3 streaming, database hosting, blogging, home automation, and much more.
Alan Graham is the creator of the Best of Blogs book series and is a frequent writer on the O'Reilly Network.
Return to the Mac DevCenter.
Copyright © 2009 O'Reilly Media, Inc.