63295_1_help.do... - Transtutors.com

gasownerData Management

Jan 31, 2013 (5 years and 3 months ago)


I need to

assignment 2 by 13

October which is based
on the assignment 1 which I have already done
. I think to do
this assignment I have to complete the weekly exercises on
the server

in putty. Since I didn’t attend
most of the lectures I’ve no idea of it so I wants to get the
website done and along with assignment 2. I’ll give all the
details to access the resources needed.

ITC332 Web Server and Site Management

Assignment 2


Due date:

13 October 2011


30% of total assessment


In the first assignment you outlined the proposed structure and content of your server and site,
and indicated how the issues raised in the first four modules of the subject would be addressed.

In this, the second assignment, your site will be assessed as

to how well you have both:

achieved your earlier ambitions, and

put into practice the issues raised in the next four modules as well.

Thus the content of modules 1 through to 8 are all fair game!

This assignment requires you to prepare a brief (probably

no more than 3 or 4 pages in total)
implementation report

document, marked up in HTML or XHTML/CSS, which you will publish
in the Webspace of your experimental server in the same manner that you published your

in Assignment 1. As for Assignment 1
, you

submit your report in hard copy
form. You submit ONLY a one
page document which contains the URL of the report itself, and
to ensure that no
one (other than you and the marker) know what you have produced, don't
provide any obvious clickable l
ink on your Website anywhere that could lead others to your

implementation report

that you prepare is a BRIEF (15 paragraphs in total

one for each
criterion) document that outlines what you have done on

of the assessment criteria lis
below. Please be honest. If time constraints (say) have meant that you haven't managed to
address a particular criterion, save everyone's time by stating so up front. It will keep the marker
in a better frame of mind!

implementation report
is to c
ontain appropriate links to enable the marker to access the
evidence that proves that you have satisfied each individual criterion

ie links to the actual
resources on your site that clearly show that the criterion has been addressed. It must contain
s to ALL relevant details

URLs, configuration file directives, scripts, Web pages, password
files etc

whatever applies for each particular criterion. This is essential so that everything you
want assessed can be located quickly and without confusion.
lease note that if the paragraph
you prepare for a particular criterion does NOT contain these link(s) to your server and
Website's actual content, then regardless of what you SAY you have done, it will be
assumed that you haven't actually done so

ise you would have included links to
prove it, wouldn't you?

Please note that the assessment of some criteria (eg 9, 10, 11 etc) will necessarily involve
examining script files, log files, cron entries,and server configuration settings that are NOT
y accessible via a browser request.
You will receive an email
, via the forum, later in the
about how you will make these details visible

for marking purposes.

NOTE: If you are re
reading this page just before you submit your report URL and you
't keep, or you have mislaid the email referred to in the paragraph above, please ask
for another copy, or look at the forum posting about this. It is important!

The 15 assessment criteria

In assessing your Website, the marker will be looking for each of the following 15 criteria. Each
one will contribute 4 marks towards the maximum 60 for this assignment.

The assessment criteria are:


existence of a home page that shows you have addressed
the issues discussed in the topic
notes concerning home page design and content,


presentation of some useful information in an effective manner, and containing
appropriate metadata in ALL pages,


evidence of the application of design standards and publish
ing principles on your server
and site,


presence of a publishing policy statement and a legal disclaimer of some sort,


a feature (eg a functional guestbook), involving
dedicated Perl scripts
, a
flat file
(sgml/xml) database
, and
methods to both subm
it and view



a feature involving the use of
, and



data contained in a
PostgreSQL Relational Database
, and


a feature involving the use of
, and

locate and display

data contained in
PostgreSQL Relationa
l Database,


a site indexing application (using the

software or any other system) and its associated
site search facility,


an example of a server management activity, written in Perl and involving log files, for
example an appropriate log file rollover

strategy, usage pattern analysis, broken link
checker etc.,


any other example of an automated server management activity (not necessarily
involving log files), which utilises Perl scripts written by you (i.e. not simply something
downloaded from sites li
ke CPAN),


evidence of the automation of an activity using crontabs,


use of local authorisation files to permit/restrict access to certain site features,


evidence of at least one other feature you have put in place to increase server and file
system secu


evidence of a successful strategy put in place to promote your site (e.g. a "honeypot"),


one other feature that demonstrates something learnt in the subject,but not included

NB "Double dipping" is NOT allowed on these criteria.
For insta
nce you are NOT permitted
to point to the to one page to illustrate how you have addressed all of criteria 1, 2 and 3, nor to
claim that a good home page (criterion 1) doubles as your promotion strategy (criterion 14)!

This assignment contributes 30% of yo
ur total assessment.

Submission method

Prepare a one
page document that contains the name of your partner, the focus of your Website,
and the URL of your
implementation report

document, and submit it via the EASTS system (DE
students) or the Assignment Sub
mission Box (On
campus students). All assessment will be
performed by the marker accessing the
implementation report

document on
line, and following
the relevant hyperlinks from there. No hard
copy material will be assessed.

The "showcase"

As in past sessions, it is our intention to retain a number of the best sites in a "showcase" of
students' work. This will be used to promote the
Online Systems major

strand of the course here
at Albury, and to illustrate to prospective students the conten
t of the
Web Server and Site
subject. In addition, its URL will be a useful addition to your CV if and when you
are applying for employment in the field.

In many cases, students will end up developing a "demonstration only" site, but in others
the site
will possibly be developed with the view to it being transferred later onto a commercial server

Therefore, can you please indicate to us (as a separate one
page statement):


whether your site:


is a "demonstration" site developed for pur
ely experimental purposes in this
subject; or


is a site intended for "commercial" use later. (Note that "commercial" here is not
necessarily meant to imply that it will be used in a profit making situation

merely that it is "real" as opposed to "fiction
al" ),


whether or not you are prepared to allow the University to "showcase" your site,

and if the answer to 2 above is "yes" and the site is a real ("commercial") site,


whether you have received (in writing) permission from the site owners/administrators
that the site can be showcased.

Please ensure that the above
mentioned information is provided for YOUR site, if you want it
considered for showcasing.

The assessment item 1

ITC332 Web Server and Site Management

Assignment 1

Server and Site Proposal

Due date:

26 August 2011


20% of total assessment


In the second half of 2011, you sit back and take stock of your life. You are currently employed
by a smallish organisation

located in a largish coastal town located on the central coast of New
South Wales.

For the last couple of years you have been studying part
time by distance education at Charles
Sturt University where your specialisation

is in Multimedia and On
line Systems. You are sure
this will open new horizons to you, as the demand for computing professionals who are capable
of implementing the new Internet technologies is clearly evident, is unsatisfied and is growing all
the time.

During your studies it has become even more obvious to you that your employers are not really
up to speed with the all
pervasive nature of the Internet and the World Wide Web today. The
company has a fairly simple static Website, but this consists only of
a few out of date Web pages
hosted on the local ISP's server. You believe they do not realise the potential this site would have
if it were properly redeveloped, and hosted on
site on a company platform rather than remotely
by the current ISP.

You believe
you already have a lot of the knowledge and skills needed to do all the work for
them in this regard. What HAVE they got to lose? Ever one to offer to take on even more work
(!!), you decide to raise the issue with your boss over a cup of coffee one Friday


"Prepare us a written proposal

how about by the end of next week?" is the reply you get.

"But I'm about to go on holidays

I'll be away all of next week", you protest.

"Well, you'll have plenty of time to make a thorough job of it", she grins

'So much for the surf', you think to yourself!

In this assignment you are required to produce a comprehensive
server and site proposal

what you are wishing to implement.

Imagine that the document you produce will be forwarded to senior management to

them of the benefits of installing and running an Apache server on their existing system, an
Intel(R) Xeon(TM) CPU 2.80GHz PC with 2Gb RAM

RedHat Enterprise Linux (Kernel

PostgreSQL v7.3.21
, (ie the current configurat
ion of
), and
setting up a Website for your organisation on it.

What it should contain

Your proposal should address ALL of the important issues raised in the first four (4) modules of
this subject, and present them under the following seven (7) h

1 General introduction

This should provide the rationale for the server and site, including its aims and objectives, and
target audience. It should include answers to the questions that management would be expected
to ask. For example:

What is a
WWW server?

Why do we need it?

What can it do for us?

Who will it target?

What services will the site provide?

What hardware, software and miscellaneous equipment will be needed?

What are the likely costs?

Will we need to employ extra personnel?


Note that
the above list is by no means complete

and you are expected to identify ALL of the
relevant questions which require answers. What other questions

you expect to be asked by
management (who you can assume are not likely to be very conversant
with Web technology),
and what would be your answers?

2 Site plan

Your proposal should contain a logical site structure diagram, with accompanying explanations,
which should show the services that you intend to provide on your site, and the logical
elationships between them. There are a number of ways of arranging this diagram

as a hierarchy, maybe as a set of concentric rings, maybe using some other layout

whichever you choose, remember that it needs to make sense to a non
technical ma
person who will receive the report. Make sure it is concise and clear yet comprehensive where

3 Directory structure

Provide a diagram and a description (this time for the benefit of the system manager who will
need to set it up) of the

file system directory structure envisaged for your server and site. What
directories are needed? How are they to be arranged? What protections/permissions should they
be given, etc? You should clearly explain why such a structure has been chosen. (Refer t
o the
various "tradeoff" issues identified in Module 3 in your explanation).

4 Security

Your proposal should clearly demonstrate that all of the relevant security issues have been
addressed on your server and Website. (Refer to the relevant issues raised
in Modules 2 and 3 in
your treatment of this section).

5 Content and design

Provide a detailed description of the information content planned for your site, together with the
rationale for its inclusion. Where a choice of one medium over another, or one a
pproach instead
of another is made, justify it. Outline the manner in which important design issues, such as those
introduced in Module 3, are to be addressed, and justify why you have chosen to address them in
this way rather than some other way.
Note tha
t this section is NOT simply a list of WHAT you
intend to include on your site!

You have already produced this (in diagramatic form) in the Site
Plan section above, so you don't simply repeat it again here. Instead, you are to show that in your
choices you

are applying the concepts you learnt in Module 3, and can justify your choice of one
medium over another, one approach over another and so on.

6 Liability and copyright

Provide the text of the actual liability and copyright statements you will use on your

site. Ensure
that they address all of the relevant issues raised in Module 4.

7 Publication policy

A comprehensive policy statement must be provided. Make sure you have critically examined
the issues raised in Module 4 Topic 3, and identified:

which of t
hem apply to your site, and

how you intend to address each one.

Your publication policy statement will show evidence of your consideration of these issues.

Note that it is only for sections 6 and 7 above that you must actually implement part of
your site
for this first assignment. The document(s) you develop in those two sections must
be the actual documents that will eventually appear on your site at the end of the subject.
But for sections 1 to 5, you DO NOT need to actually implement anything on your se
and Website. This is a proposal only.

Note also that it is inevitable that as you move further into the subject, you will find that
you have either been too optimistic in your planning and will need to drop some of what
you originally proposed doing t
o fit it into the time available, or you will realise that you
originally overlooked something important and it really should be added, or both. That is
OK. The assessment in Assignment 2 does NOT require that you have stuck 100% to your
original proposal,

although naturally we would expect that you could if necessary justify
why there were differences between what was proposed in Assignment 1, and what was
implemented in Assignment 2.



Your assignment is to be produced as a HTML or XHTML/CSS document,

appropriate images and links as required. Put it in the Webspace
of your experimental

(ie below your server's

directory somewhere), but since it is for "internal"
rather than "external" viewing (ie it is between you and the lecturer

ot everyone out
there on the Web) DON'T provide any active (clickable) links to it on your site anywhere.
Just advise your lecturer of its URL when you submit your assignment.
Note that you do
NOT submit the assignment in hard
copy form. The ONLY thing tha
t will be
marked is the on
line document, which resides in the Webspace of your
experimental Web server, so the ONLY thing submitted by EASTS (DE students) or
placed in the assignment submission box (On
campus students) is a one
document clearly showi
ng the URL of your proposal document.


This assignment will also form the skeleton of part of your second assignment

namely a
report to management of the success or otherwise of your site at the end of the session.
(The other part of the assessment for
Assignment 2 is the Web server and Website itself).


Despite what was written in 1 above,

of the text in your proposal will contain
material that later should be made public. For instance, the
copyright and disclaimer

should eventually be accessible to anyone from your site home page.

Other material however should remain private. For example the
directory structure
, and the sections to do with the
security measures

that you intend to put in
place, certainly wi
ll NEVER be made publicly accessible.

Therefore, to increase flexibility, consider breaking your proposal document into separate
files, which can be logically joined together in various different ways with hyperlinks.
Later these files can be re

as necessary to form part of Assignment 2 and/or
content on your final Website itself. Separate documents makes it possible to have easy
access for legitimate users to items that are for "public" viewing, while facilitating the
restriction of access to th
e "private" items.


You may feel that the site focus that you have chosen for YOUR experimental site does
not have the "commercial" flavour of the assignment description given above. For
example your site might be
"The Inline Skate Site"

providing res
ources for those
interested in rollerblading. If this is so, don't worry. Simply address your proposal to a
(fictional or real) ISP instead. Imagine that you wish to approach this ISP with a request
that they allow you to run your Web server on one of thei
r spare platforms. Assume that
this ISP is concerned about possible risks to their reputation, and need to be satisfied that
you have thought about and addressed all the important issues, before they will allow you
to run your Web server and set up your We
bsite on their system.


Your proposal will be assessed on the basis of:

its general layout presentation, clarity and readability (20 marks),

the completeness of its recommendations (35 marks),

the accuracy and relevance of all statements made (1
5 marks),

its applicability to your site (15 marks), and

its usefulness (ie to its intended readers

senior management of your organisation) (15

for a total of 100 marks. This assignment contributes 20% of your total assessment.

It should demonst
rate CLEARLY that you have extended your reading beyond just the topic
notes provided for you in this subject. Make sure you provide all relevant references as

Assignment 1

my answer

Server and Site proposal

By :

Anthony Dura Thushani Tharika De Silva



General introduction

A web site is collection of web pages hosting on a web server and making it accessible to request
via a web browser on the World Wide Web. A web site has many benefits on an organization. It
allows business to break through the geographical barriers and be
come accessible, virtually, from
any country in the world by a potential customer that has Internet access. It offers convenience to
the customers to reach over organization at anytime from anywhere. A website gives you the
opportunity to tell potential cu
stomers what you are about and why you deserve their trust and
confidence. It create a
way communicative marketing between the organization and the
customers and also Standardize Sales Performance by far Cheaper and Much More Flexible
media than Print

When talking about a web site the basic platform behind it is a web server. A web server is
software that

runs on the web site hosting Server computer which should be connected to internet
24 hours every day. It needs to be fast, have a large s
torage capacity hard disk and lots of RAM.
But the most important is having a permanent internet address (IP address). If the IP address
changes, the web site would not be found and will appear

Its main purpose is to

web pages, which means i
t waits for requests from web browsers (
) and responds by
sending the required data back.

There are many web server programs available. The most famous and popular of all web servers

developed by the
Apache Foundation
. Not only is Apache free but it's also available
for several operating systems including Windows, Macintosh and Linux/Unix. The existing
system of this company, an Intel(R) Xeon(TM) CPU 2.80Ghz P
c with 2 Gb RAM running
RedHat Enterprise Linux( Kernel 2.4.21
53 ELsmp) and Postgre SQL v7.3.21 has the required
capacity to host a web server. Therefore this does not add any additional cost for hosting the web
server. To design and maintain the website
additional personnel will not be need as I am
specializing in multimedia and on
line systems, I’ll be able to do that by myself. Therefore the
cost for additional staff can be reduced.

The website will target mainly the Australian and the foreigners who wi
sh to travel around the
world to spend their holidays. Sri Lanka is a good selection for Australians and even Europeans
and Americans to spend their winters in a tropical country. Therefore there will be customers
from all around the world throughout the y
ear. Users of this website can get a free membership
so that they get updates of travel offers and discounts. People can get an idea about that country
through over web site to decide on their tour.


Site plan

The diagram ‘The Logical site plan’ above represents how the information on the website will be
organized. “Home”, the home page on the site is the initial page which will appear when someone types
the Company URL in the browser and enter. This page will h
ave the most important information about
the service of our company. The home page will have five navigation menus named Sri Lanka, Travel
ideas, Join us, About us, Contacts, FAQs.


Sri lanka

About Sri lanka

Sri lankan

Travel ideas


Beaches and


Adventure And
family fun


Foods and


About Us



Diagram 1:

The logical site plan

The Sri Lanka menu have two submenus named About Sri Lanka, which will expl
ain about that
country and another submenu named Sri Lanka history, which explains about the history of Sri
Lanka which will make the reader to get the feeling to visit Sri Lanka. Other navigation menu
from home page is the Travel ideas, which itself have
three navigation submenus named
Regions, Foods and Restaurants and Hotels. The Region submenu will lead to four separate web
pages which demonstrate the regions in Sri Lanka where the web site user would like to spend
their vacation in Sri Lanka. They wil
l be under the names of Beaches and Surf, Pilgrimage,
Adventure and Family Fun and shopping.

Join us navigation menu page include a sign up bars which enable the customer to join with us
and receive special offers. The About Us navigation menu from the hom
e page will demonstrate
about over company and what we will provide us to our customers. Our contact details will be
provided on the site under contacts which can be accessed from home page so that the readers
can easily contact us using the details provid
ed. One last navigation menu named FAQs which
means “frequently asked questions” will be included to the home page so that the users will find
solutions in planning their tour to Sri Lanka if they have any similar questions.


Directory Structure

















The directory structure above consists of directories and subdirectories. The name of the server
root directory in this is http. The configuration files are stored in the conf directory. httpd in this
is to run. Apache which we currently use can have thre
e configuration files httpd.conf, srm.conf
and access.conf


is the main configuration file which contains directives which indicate the location of
the server root, the port it runs on, the size of the server process pool etc…


holds the server resource map. It contains directives which map directories in the file
system to URLs in the server such as the location of web space, the file(s) to be used as index
files in directories, the file which contains directory tree access inf


contains directives which specify what is allowed in each directory and who can
access it through the web and there is a additional file called

which holds details of
the Multipurpose Internet Mail Extensions types the serv
er knows how to deal with.


directory holds the files which keep track of accesses, errors, and other information,
access_log file store passwords to be used in authentication of browser requests


files store information about maliciou
s hackers.

holds the process identification number
(PID) of the background process which is started to run the server. It is useful for identifying the
process to

when the server needs to be stopped.


directory contains the files
which are able to be served to Web clients; these contain
the content of the web site. This contains image files, video files and documents. The two files


in the
server root

directory are small executable script files used to start up and stop
the server. They are used simply to obviate the need to repeatedly type the complicated path,
command, flag and parameter sequences needed to start and stop the server.



Security of the web server and the website is the most important asset in configuring a server. In
using Apache, there are certain things to be discussed in detail regarding security. Apache is
started by the root user, and it switches to the user defined
by the

directive to serve hits. As
is the case with any command that root executes, you must take care that it is protected from
modification by non
root users. The files m
ust be writeable only by root, but so must the
directories, and parents of all directories.

You can create an htdocs subdirectory which is modifiable by other users since root never
executes any files out of there, and shouldn't be creating files in there
. If you allow non
users to modify any files that root either executes or writes on then you open your system to root
compromises. In occasions like someone could replace the

binary so that the next time
you start it, it will execute some arbitrary code. If the logs directory is writeable by a non
user, someone could replace a log file with a link to some other system file, and then root might
overwrite that file with arb
itrary data. If the log files themselves are writeable by a non
root user,
then someone may be able to overwrite the log itself with bogus data.

There are several potential security risks to the server. The first risk is the increased load on the
server. E
nabling SSI for files with


extensions can be dangerous. This is especially
true in a shared or high traffic, server environment. SSI
enabled files should have a separate
extension, such as the conventional
. This helps keep server load
at a minimum and
allows for easier management of risk.

Non Script Aliased CGI

Allowing users to execute CGI scripts in any directory should only be considered if you trust
your users not to write scripts which will deliberately or accidentally expose your
system to an
attack, if you consider security at your site to be so feeble in other areas, as to make one more
potential hole irrelevant. Or if you have no users and nobody ever visits your server.

Script Aliased CGI

Limiting CGI to special directories gi
ves the admin control over what goes into those directories.
This is inevitably more secure than non script aliased CGI, but only if users with write access to
the directories are trusted or the admin is willing to test each new CGI script/program for
ntial security holes.

To keep up
date with what is actually going on against your server you have to check the
. Even though the log files only reports what has already happened, they w
ill give you some
understanding of what attacks is thrown against the server and allow you to check if the
necessary level of security is present.


Content and design

The web site can be design in an attractive form but there are certain things to be consid
make it perfect. There should be a standard look throughout the web pages and should be unique
and provide a unique identity via the web site.

Generally all the web pages are all consistent in terms of layout and size. The other pages of the
of the w
ebsite should contain the same layout as the home page, Headings are at the same
position in all the pages and have same font style, size and color except at special instance
(hyperlinks, content in a table, etc …..). The company logo, icons, and bullets
should be at same
position in all places. Site navigation will be same and arrows and button bars are used. There
will be “page up” to move to the top of the current page and “ Return home” in every page other
than in the home page to jump back to the hom
e page. It makes it easier for the user to move
back to the home page rather than retyping the web address in the URL. The home page will
have the navigation buttons to every other page. And there will be meaningful links included
with the content such as;

the “Hotels” page will include a selection of many hotels with their
details (Name, Address, ratings etc...) The name will be in another color, by clicking on the
name it will lead to that hotels web page.

There will be a Search bar included in the gener
al layout of this website which enables the user
to search for any specific information within this website. There are some issues which will arise
in designing the website. The images used in the website have to be smaller in size but no change
in quality

so that the time taken to load a web page is less. When the user are browsing this
website they may use many types of media and equipments to do so (14”, 21”, 42” TV, iphone,
Phones, etc …) Therefore the webpage should appear the same way on every media o
the users will not be satisfied. Therefore webpage should be balance on the screens of all the

The appearance of the website is the most important thing. To make a web page touchable
images and animations can be added along with multimedi
a. A photos of places of interest in Sri
Lanka can be included in a video in the homepage to make the page attractive and other pages
can be supported with rich photos. The videos can be with less size to reduce the time taken to
load the page. A color cou
ld be selected as the theme of the website and rest of the content can
be planned along with that color.


Liability policy


Reference herein to any specific commercial products, process, or service by trade name,
trademark, manufacturer, or otherwise, does n
ot necessarily constitute or imply its
endorsement, recommendation, or favoring by the author. The views and opinions of
authors expressed herein do not necessarily state or reflect those of the author, and shall
not be used for advertising or product endo
rsement purpose


There are links to third party Internet web sites contained in the tourism Sri Lanka web
site. These sites linked from the tourism Sri Lanka web site are not under the author's
control. The author does not assume any responsibility or liabi
lity for any information,
communications or materials available at such linked sites, or at any link contained in a
linked site.


By using the tourism Sri Lanka web pages, the Internet user assumes all risks associated
with the use of this site, including a
ny risk to the Internet user's computer, software or
data being damaged by any virus, software, or any other file which might be transmitted
or activated via the tourism Sri Lanka web pages or the Internet user's access to it. The
author shall not in any e
vent be liable for any direct, indirect, punitive, special, incidental,
or consequential damages, including, without limitation, lost revenues, or lost profits,
arising out of or in any way connected with the use or misuse of the information or lack
of inf
ormation on the tourism Sri Lanka web site or with the delay or inability to use this
web site, or from any information, documents, services, software, or other material
obtained through this web site, or otherwise arising out of the use of this web site,
whether based on contract, tort, strict liability or otherwise.


The author shall not be liable for any loss or injury caused in whole, or in part, by the
actions, omissions, or contingencies beyond the author's control, including in procuring,
or delivering the information, or arising out of any errors, omissions, or
inaccuracies in the information regardless of how caused, or arising out of any Internet
user's decision, or action taken or not taken in reliance upon information furnished.


right statement

Material published on this website, including information, text, images, sounds and
audiovisual material, is protected by copyright and, where applicable, moral and cultural


Publication policy

The tourism Sri Lanka is a company in
Queensland Australia which arranges tours to Sri Lanka. In their
web site they publish about the beauty of Sri Lanka and the places to visit including images. The aim of
this web site is that advertise about the company. This web site includes the names an
d details of other
web sites which the author have no responsibility of the content of those web sites. The content in
tourism Sri Lanka web site is under copyright. The readers may not use this website as a reference in any
document without the permission

of the author of this website. The Images and text in this website
cannot be included in any other website at any instant.