Computer Laboratory

Computer Laboratory web servers and web sites

The Computer Laboratory operates a number of web sites, along with other services which use the HTTP protocol. The main server used to host most of the sites, but as of 2007, the sites are moving to use separat servers, so that individual sites can be updated or left ASIS as appropriate.

The main catagories of machines are

  • Lab Managed machines which provide external services
  • Group managed machines which are used as back ends for host proxied of a Lab Managed server
  • Internal services
  • other services using HTTP

The security model for each is termined by their exposure, and the resources they require. For example, if a machine has no access to the Lab fileservers, the security concerns are greatly reduced.

Lab Managed machines (e.g. haverhill)

The Computer Laboratory's main web server haverhill (being replaced in 2007) is characterised by:

  • software: Apache 2.2 with HTTPS (under Linux)
  • disk space: full access to all of the departmental file server (elmer)
  • Page types: nearly all pages are static files. A few CO managed CGI scripts are used.
  • hosts the lab's main site http://www.cl.cam.ac.uk/
  • hosts the personal web pages of Lab members
  • acts as a virtual host for a number of other sites
  • tunnels HTTP traffic to several internal servers that are not directly reachable from outside the Lab

This main webserver is managed by Martyn Johnson and Piete Brooks. Their email address in this regard is webmaster.

Shell login to the web server is restricted to system administrators, but the directories with the files served are accessible from all Lab administered Linux and Windows machines.

Traffic statistics and server status are available via HTTP.

Conversely, the "dynamic" server is characterised by:

  • software: Apache 2.2 with HTTPS and LAMP (under Linux)
  • disk space: very restricted access to a very small part of the departmental file server (elmer)
  • page types: the emphasis is on dynamic pages (e.g. CGI and PHP), managed by users.
  • hosts the lab's "dynamic" site http://www-dyn.cl.cam.ac.uk/
  • does not provide any other services

Main web site

The main web pages and overall site structure on http://www.cl.cam.ac.uk/ are currently maintained by Markus Kuhn and Christine Northeast. Their email address in this regard is pagemaster.

The Computer Laboratory News blog (headlines on the front page) is edited by Jan Samols and Caroline Stewart.

Many parts of the main web site are looked after by other maintainers. Where this is the case, the relevant contact details of the person(s) in charge are given at the bottom of the page.

Back end servers

Some websites (e.g. http://www.cl.cam.ac.uk/research/dtg/ are fronted by the main server, with requests being forwarded to a back end server. This ensures central logging and control, and allows extra network access controls to the machine.

Internal servers

Internal servers are not visible from outside the department, so the security concerns are much reduced. They can be user managed, with full access to Lab resources.

Other services using HTTP (e.g. CUPS, nagios, mrtg, webcams, BMCs, Netapps)

A very wide range of applications, and a growing number of embedded systems now include web management or access. These are normally blocked from access from outside the department.

Web house style

The Computer Lab’s main web pages generally follow the recommendations of the University web page style. The house style is applied on the main web site using the ucampas HTML formatting tool.