Computer Laboratory

Web servers and web sites

The Computer Laboratory operates a number of web sites, along with other services which use the HTTP/HTTPS protocols. The main server used to host most of these sites, but as of 2007, some moved to use separate servers.

The main catagories of machines are

  • Lab-managed machines that provide external services
  • Group-managed machines that are back-ends for services proxied by a Lab-managed server
  • Internal services
  • other services using HTTP

The security model for each is determined by their exposure, and the resources they require. For example, if a machine has no access to the Lab fileservers, the security concerns are greatly reduced.

Main web server

The Computer Laboratory's main web server is characterised by:

  • software: Apache 2.2 with HTTPS support (under CentOS Linux)
  • disk space: full access to all of the departmental file server (elmer)
  • Page types: nearly all pages are static files. A few CO managed CGI scripts are used.
  • hosts the lab's main site http://www.cl.cam.ac.uk/
    from /anfs/www/VH-cl/html = \\filer\www\VH-cl\html
  • hosts the personal web pages of Lab members
    from /auto/userfiles/crsid/public_html/ = \\filer\userfiles\crsid\public_html
  • offers Raven/Ucam-Webauth user authentication
  • acts as a virtual host for a number of other sites
    from /anfs/www/VH-*/html
  • tunnels HTTP traffic to several internal servers that are not directly reachable from outside the Lab

This main webserver is managed by Martyn Johnson and Piete Brooks. Their email address in this regard is webmaster.

Shell login to the web server is restricted to system administrators, but the directories with the files served are accessible from all Lab-administered Linux and Windows machines.

Server status is available via HTTP. Log files are available, filtered for individual users. Traffic statistics have not been collected since 2009.

Main server for dynamic content

Conversely, the "dynamic" server is characterised by:

  • software: Apache 2.2 with HTTPS and LAMP (under Linux)
  • disk space: very restricted access to a very small part of the departmental file server (elmer)
  • page types: the emphasis is on dynamic pages (e.g. CGI and PHP), managed by users.
  • hosts the lab's "dynamic" site http://www-dyn.cl.cam.ac.uk/
    from /auto/userfiles/crsid/dynamic_html/ = \\filer\userfiles\crsid\dynamic_html (details)
  • does not provide any other services

Main web site

The main web pages and overall site structure on http://www.cl.cam.ac.uk/ are currently maintained by Markus Kuhn and Nicholas Cuttler. Their email address in this regard is pagemaster.

Computer Laboratory News is a WordPress blog hosted on the back-end server www-dyns.cl.cam.ac.uk, administered by Piete Brooks. The "frontpage" category postings (News headlines on the front page via RSS feed) are edited by Jan Samols and Caroline Stewart.

Many parts of the main web site are looked after by other maintainers. Where this is the case, the relevant contact details of the person(s) in charge should be given at the bottom of each page.

Back-end servers

Some websites (e.g. http://www.cl.cam.ac.uk/research/dtg/ are fronted by the main server, with requests being forwarded to a back-end server. This ensures central logging and control, and allows extra network access controls to the machine.

Internal servers

Internal web servers are not visible from outside the department, to reduce security concerns. They can be user managed, with full access to Lab resources.

Other services using HTTP

A very wide range of applications, and a growing number of embedded systems, now include web management or access (e.g. CUPS, nagios, mrtg, webcams, BMCs, Netapps). Access to these from outside the department is normally blocked.

Web house style

The Computer Lab’s main web pages generally follow the recommendations of the University web page style (currently using its 2008 incarnation). House style is applied on the main web site using the ucampas HTML formatting tool.