Home » Technology » Apple & Macs (Page 4)
Category Archives: Apple & Macs
The Most Versatile VoIP Provider: FREE PORTING
JUST RELEASED: Visit the Incredible PBX WikiISP-In-A-Box: Remotely Managing Mac Web Sites Using WebDAV
If you’re using a Mac mini or any other Mac running OS X Tiger or Panther to host your web site, then you’ve probably wondered how you can update the content on your web site without sitting in front of your Mac. Today we’ll show you how to build and use your Mac’s WebDAV server to remotely manage your web site from just about anywhere. And you can use just about any computer to do it, even one of those Win thingies. All we need to do is tweak the Apache software that’s already installed with Mac OS X Tiger or Panther. When we are finished, we want a web site on your Mac that can be accessed by anyone using a garden-variety web browser without requiring a password. But we also want to be able to update the content of that web site by connecting over the Internet to the appropriate folder on the Mac using WebDAV with a username and password to keep the bad guys out. If you haven’t already read our previous article on how to use WebDAV clients and Web Folders, then start there to learn all about how to connect to a WebDAV server from another Mac, or a Windows PC, or even a Linux or UNIX computer.
As you probably know, WebDAV stands for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that "looks and feels" like any other networked hard disk. In the Windows world, WebDAV is called Web Folders. They can be used like any other mapped drive in Network Neighborhood. If you’re still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people with access rights don’t change the same file at the same time. Tiger and Panther versions of Mac OS X provide both a WebDAV client and server. So let’s get started.
In a nutshell, the WebDAV server setup goes like this. We’ll assume that your main web site was built in the default location on your Mac: /Library/WebServer/Documents. First, we’ll change the group owner of this folder so that we can get read and write access to it using WebDAV. Then we’ll set up a username and password system to support WebDAV access for you and whoever else you provide usernames and passwords to. Next we’ll activate the WebDAV mods in Apache which already are installed on your Mac. We’ll then reconfigure Apache a bit to support WebDAV access and formatting. And finally we’ll restart your web server and presto, WebDAV.
You don’t need to be a Rocket Scientist to do this, but you do have to get your hands dirty with our favorite command-line editor, Pico. For those that care about such things, Tiger actually replaces Pico with Nano, but you still can access it by typing Pico … and it works the same way. If you’ve followed other Nerd Vittles tutorials, then this one will be a breeze. Just be sure you edit carefully and, if something does go wrong, copy your backup Apache config file back over the edited one and try again. Apache errors don’t get reported in System Preferences->Sharing when you activate your personal web server. If you have problems and want to see what’s going on, activate and then run WebMin (which we previously covered on Nerd Vittles and upgraded here a few weeks ago for Tiger). Using your browser, access WebMin and choose Servers->Apache Webserver. Then start and stop the web server from there. Errors will be reported with the line number in the config file that’s causing the problem. Ctrl-C in Pico will tell you what line number you’re on in the config file. If this sounds like I’ve had recent experience, you’d be correct. That’s part of the price you pay for being a pioneer.
Changing Group Owner of Your Web Site. Open a Terminal window, and switch to root access: sudo su. Then navigate to the following folder: cd /Library/WebServer. Change the Documents folder to the Apache group: chgrp -R www Documents. Provide write access to authorized users who connect to this WebDAV folder: chmod 775 Documents.
Security Warning: Be aware that we are opening a security hole in your web site by giving Apache write (and delete) access to your main web folder and any subdirectories. We’ve had two levels of protection for your web site: Mac OS X and Apache. Now we just have one: Apache. So you would not want to put up any type of web page, CGI script, or PHP code which allows someone using a web browser to manipulate, delete, rename, or copy files into or on your web site because of the very real risk of compromising your web site files. In short, the only things now standing between your web site and the bad guys are your web pages and Apache’s internal security mechanisms. While Apache has a rock-solid track record insofar as bugs and security are concerned, there’s still always a risk. And we wanted you know about it up front. Did we mention the importance of frequent backups? Here’s an article that will tell you how to do that as well. If you ever decide you want to stop using WebDAV, here’s how to provide the double-layer of security protection once again. Open a Terminal window, and switch to root access: sudo su. Then navigate to the following folder: cd /Library/WebServer. Change the Documents folder back to the admin group: chgrp -R admin Documents. Even with the admin group enabled for Documents, you still can access your web sites with WebDAV. You just won’t be able to upload new documents or delete existing ones.
Building a Password File. We already built a password file in the Web Sites 101 tutorial on Nerd Vittles. We used that password file to manage web site access to various web directories. You probably don’t want to use the same password file for this WebDAV application unless you are building this for same set of users with the same privileges. The only trick to password files is you want to put the file where Apache can read it but your web visitors cannot. And you want to be careful not to insert blank lines in the file with just a colon. That basically lets everyone in. The format for the file is username:password, each on a separate line. And the passwords are encrypted. Here’s how to do it. Open a Terminal window and switch to root access: sudo su. Now move to the directory where we’ll put the password file: cd /usr/local. We’re going to name this password file website.pw so we can remember what it’s for. To create the file and erase any existing file without warning type: htpasswd -c website.pw admin. Think up a password you can remember, and you’ll be prompted to type it twice. Now let’s verify that the file was created: cat website.pw. You should see the word admin, then a colon, and then your encrypted password. To add additional users to the file, just type: htpasswd -m website.pw username where username is your next user. You’ll be prompted for the password. Remember, if you accidentally use the htpasswd -c syntax a second time, you will overwrite your existing file and all of its entries. So be careful. Finally, remember to make duplicate entries using email syntax for the username to assure that Windows clients can access your DAV resources: htpasswd -m website.pw joe@schmo.com.
Reconfiguring Apache to Support WebDAV. Open a Terminal window, and switch to root access: sudo su. Then navigate to the folder with Apache’s configuration file: cd /etc/httpd. First, let’s make a backup copy of the config file in case something goes wrong: cp httpd.conf httpd.conf.dav.save. Now let’s carefully edit the config file: pico httpd.conf. If you previously built the WebDAV server backup application which we covered on Tiger Vittles, then skip to the next paragraph. Otherwise, uncomment the headers_module line by searching for headers (Ctrl-W, headers, enter) and then pressing Ctrl-D while positioned over the # sign at the beginning of the line. Now search for mod_headers (Ctrl-W, mod_headers, enter) and uncomment that line (Ctrl-D while positioned over beginning # sign). Now search for dav_module (Ctrl-W, dav_module, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now search for mod_dav (Ctrl-W, mod_dav, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now press Ctrl-V repeatedly until you get to the bottom of the file. Switch to your web browser and download WebDAV snippet #1. When the code snippet displays in your web browser, press Command-A then Command-C to copy all of the code to your clipboard. Now switch back to Pico, click at the bottom of the config file, and paste code snippet #1 into the config file by pressing Command-V. Use the cursor keys to move to the BrowserMatch section of the code we just pasted and be sure "redirect-carefully" didn’t end up on a line by itself. If it did, position the cursor over the first letter "r" and press the backspace key to move it back up to the end of the previous line of code. Don’t worry if a dollar sign displays at the end of the line after you move it. This just indicates that additional text is off the screen.
We’ve got one more code snippet to cut and paste, and we’ll be all set. We want to search for the second occurrence of /Directory in the Apache config file: Ctrl-W,/Directory,enter,Ctrl-W,enter. Move the cursor to the beginning of the line and press Enter to open up a blank line. Now move up to the blank line by pressing the Up Arrow. Switch to your web browser and download WebDAV snippet #2. When the code snippet displays in your web browser, press Command-A then Command-C to copy all of the code to your clipboard. Now switch back to Pico, click on the blank line we inserted, and paste code snippet #2 into the config file by pressing Command-V.
That should do it. Save your Apache config file: Ctrl-X, Y, enter. And restart Apache by deselecting and then reselecting Personal Web Sharing from System Preferences->Sharing. Close the Terminal window by typing exit, pressing enter, and then pressing Command-Q.
Testing Your WebDAV Server. To test whether WebDAV is working, switch to your Desktop and, using Finder, press Command-K. When prompted for the server address, type http://localhost and then click the Connect button. Enter your username and password that you created in the website.pw password file, and your main web site folder should appear on your Desktop. Drag a file from your Desktop to the folder to be sure everything is working as it should. If you’ve enabled web access through your Mac and router firewalls (which we have previously covered here), then you should be able to access your WebDAV server from the Internet with your IP address or domain name. Just press Command-K from Finder and use the following syntax for your WebDAV resource: http://mydomain.com. For more details on using WebDAV clients or to use a Windows machine to access your WebDAV share, read our previous article on the subject here. Now you can enjoy remotely managing your web sites with WebDAV. So put on your travelling shoes!
Some Recent Nerd Vittles Articles of Interest…
Mac OS X Tiger Backups: The Good, The Bad, and The Ugly
Now that we’ve successfully moved our ISP-In-A-Box to Tiger, we really need a backup solution that works. Our definition of "works" is that the backup copies all of your data to an external backup device, the files are intact, and you can boot your Mac from the backup drive in the event of a catastrophic failure of your main drive. Having said that, there are some other backup solutions that can duplicate all of your data but the resultant backup set is not independently bootable. In short, it’s better than nothing, but it leaves you with a good bit of work to do in the event your main drive croaks.
Our personal favorite in the Panther days was Carbon Copy Cloner in combination with psync. You can read all about it here. Unfortunately, Carbon Copy Cloner presently doesn’t work with Tiger unless you apply the 10.4.2 update. You can run it from a Terminal window; however, the resulting backup is not bootable. The developer’s web site does indicate that an update for Tiger is in the works, but it’s not soup yet. One of the major advantages to Carbon Copy Cloner (in addition to making reliable, bootable backups) was that it also was free.
Another free alternative that has been updated for Tiger is LaCie Silverkeeper 1.1.3. The price is right (free). The backup does appear to be complete. And your Mac will boot from the backup drive. However, when we booted from the backup drive after completing the backup, we got the standard Apple Welcome screen as if you had just installed Tiger on your system. This forces you to reconfigure your language preferences, your network, and walk through the remainder of the setup process before you can access your drive. Again, this may be perfectly acceptable to some. It wasn’t what we were looking for. But the price is right, and it might be adequate to tide you over until a Carbon Copy Cloner update is released.
A free option in which the backup is actually bootable is Apple’s own Disk Utility which is included with Mac OS X. To make a bootable backup copy of your local hard disk, insert the Tiger DVD, plug in an external firewire drive, and reboot your Mac while holding down the "C" key. Select your language. Then from the menu bar choose Utilities->Disk Utility. Click on your internal hard disk from the drive list. Click the Restore tab. Now drag your internal disk drive to Source and drag your external drive to Destination. If you want to checksum your backup, read the screen instructions. Otherwise, check Erase Destination and then click the Restore button. Click OK to erase your backup drive. Once the backup completes, test your backup by rebooting your system while holding down the Option key. Choose the backup disk (far right) as your boot device. Be patient! It takes about a minute after your Mac reboots until you can make a drive choice. Once you select the backup drive, click the right arrow key, and you’re off to the races. The only drawback to this option is having to boot your Mac from the Tiger DVD disk to make a bootable backup. Otherwise, it works like a champ … and it’s free.
A fourth option is to download and then run psync from a Terminal window with the following command: sudo psync -d / /Volumes/Backup/ where Backup is the name of your backup volume. The backup appears to be complete; however, you cannot boot from the external drive following completion of the backup. So this option suffers from the same drawback as the Carbon Copy Cloner solution. One advantage of psync is that it can easily be added as a cron job which will kick off automatically at times you specify. See our article on crontab and CronniX for further details on how to implement this if you are interested in this approach.
Another personal favorite is D√ɬ©j√ɬ† Vu from Propaganda Productions. It works as a Preference Pane within System Preferences and does exactly what Carbon Copy Cloner used to do. Unfortunately, it’s not free unless you happen to own Toast 6 Titanium. If you do own Toast 6 Titanium, you can get the Tiger-compatible version of D√ɬ©j√ɬ† Vu by upgrading to Toast Titanium 6.1. Unfortunately, the Hobson’s Choice is that upgrading to version 6.1 eliminates your ability to burn music CDs using songs purchased from the iTunes Music Store, a nasty gotcha that we previously have written about. Fortunately, for $9.95 you can upgrade D√ɬ©j√ɬ† Vu only from Propaganda’s web site. If you don’t own Toast 6 Titanium, you still can buy D√ɬ©j√ɬ† Vu. It’s $24.95 for a single-user license and a very reasonable $34.95 for a household license which authorizes installation on an unlimited number of Macs in your single household. Or you can use it for 30 days at no cost. Perhaps by then the Carbon Copy Cloner update will be available.
Finally, our readers’ comments pointed us to another terrific shareware product, SuperDuper. And it really is. It has two modes: registered (for $19.95) and unregistered. The unregistered version which is free for downloading makes a perfect duplicate of your system disk to an external firewire drive which is bootable. That is exactly what we set out to do with our backup reviews in this tutorial, and it couldn’t get much simpler. You choose your internal drive as the source from the left pull-down menu and choose your firewire external drive as the target from right pull-down. Leave the default script and click the Start Copying button. Making a perfect clone of an iMac G5 with 20 gigs of data took roughly an hour. Then you can boot from the external drive to make sure everything went according to plan. It doesn’t get much easier than that, and you sure can’t beat the price.
ISP-In-A-Box: The $500 Mac mini (WebDAV and Web Folders 101)
Microsoft deserves a lot of credit for popularizing the idea of Web Folders, but the open source movement gets the accolades for making WebDAV work reliably across all the computing platforms. If you didn't already know, WebDAV stands for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that "looks and feels" like any other networked hard disk. In the Windows world, WebDAV provides a Web Folder which can be used like any other mapped drive in Network Neighborhood. If you're still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people don't change the same file at the same time. Panther and Tiger versions of Mac OS X provide both a WebDAV client and server, and today we'll walk you through configuring and using both the client and the server on your Mac. Because of the number of folks that also use Windows machines at the office, we'll also briefly touch upon how to access your Mac WebDAV resources and set up a Web Folder from a Windows XP machine.
HOW-TO Use the WebDAV Client on the Mac. We're going to start by walking through the set up process for connecting to a WebDAV server resource anywhere on the Internet. To connect to a WebDAV resource from a Mac, press Command-K from Finder. Then enter a Server Address in the following format: http://192.168.0.103/dav/. This tells Finder to use the HTTP protocol to establish a link to an IP address and folder that you designate. You also can use a fully-qualified domain name in lieu of an IP address. Typically, you'll be prompted for a username and password, and then a new volume will appear on your Desktop which can be used just like your local hard disk. When you finish using the resource, CTRL-Click on the volume and Eject it. It's that simple.
HOW-TO Use Web Folders on a Windows PC. The Windows process is a bit different as you might expect, but the results are the same. Once connected, you'll have a mapped drive that can be used just like any other network drive. The simplest way is to map a drive (see inset). To access Web Folders and save your settings, we're going to use the Add Network Place Wizard. You can access it in several ways. Either Right-Click on Network Neighborhood and choose Map Drive. Or from My Network Places, choose Add a network place. Or from Windows Explorer, choose Tools->Map Network Drive. Now click "Sign up for online storage or connect to a network server" at the bottom of the window.
When the Add Network Place Wizard appears, you'll be prompted for where to create the network place. Select "Choose another network location" and click Next. For the Internet address, use the same syntax as on the Mac: http://192.168.0.103/dav/ and click Next. Give your network place a name and click Next then Finish. Your new Web Folder will now appear in My Network Places. Just click on it to connect. Here's the gotcha with WebDAV on the Windows platform. If you access a Web Folder by IP address, when you're prompted for a username and password to log in, the username must be in email format: john@doe.org. Another "Better Idea" from our friends at Micro$oft. So when you create usernames on your Mac, keep this in mind if you want Windows users to be able to access the resources reliably. It doesn't matter what the email username or domain is, but it has to be in email format. When you finish using a web folder, be sure to disconnect. Open Windows Explorer, choose Tools->Disconnect Network Drive, and select the Web Folder you wish to disconnect.
Connecting to a WebDAV Resource. We've temporarily set up a sample WebDAV server on one of our Tiger-enhanced Macs so that you can experiment with WebDAV access from your favorite Mac, Linux, or Windows machine. For reasons which should be obvious, we've disabled writing to our WebDAV server only because we didn't want our hard disk filled up by some anonymous bozo in the middle of the night. We're also going to provide a single username and password for everyone to use. It should be stressed that neither of these scenarios is typical. First, the usual purpose of a WebDAV server is to facilitate collaboration which means all authorized users should be able to read and write to the volume. Second, you usually don't provide access to a WebDAV server for anonymous users. That's what web sites are for. But this is Wiki World, and we wanted to show you how these things are put together before you roll your own. So bear with the constraints recognizing that, when you set up your own WebDAV server, it will be much more robust.
To access the system, follow one of the client access methods outlined above. The web address using Windows is http://webify.us. For Macs, use http://dav.webify.us:82. When prompted for a username and password, use bozo for the username and forlife as the password. If you have problems with the username on a Windows PC, use bozo@webify.us. Don't forget to disconnect when you are finished playing. NOTE: This system (only) will be down for a move to its new permanent location from Thursday afternoon, May 26 until Saturday morning, May 28. Our apologies.
That about covers using a WebDAV client. For step-by-step instructions on creating your own WebDAV server on your Mac, here's a reprint of the article from our former Tiger Vittles site.
ISP-In-A-Box: Building a WebDAV Server for Remote Access
Ever wished you had several gigs of off-site disk storage so you could safely back up all your most important data and use it for remote access or collaboration. One option, of course, is a .Mac account which gives you 125MB of iDisk storage space and other goodies for $99 a year. You can increase your iDisk to a gigabyte for an additional $49.95 a year, a bargain compared to some commercial sites. Here’s another approach that’ll save you hundreds of dollars a year. Find a friend with a Mac and an Internet connection and swap several gigs of storage space on your friend’s Mac for several gigs of storage space on yours. Then follow along here, and we’ll show both of you how to build and use WebDAV servers to do exactly what the commercial firms are doing. And you can use the Apache software that’s already installed with Mac OS X Tiger.
As you now know, WebDAV stands for Web-based Distributed Authoring and Versioning. Simply put, it is an HTTP protocol extension that allows people anywhere on the Internet to collaboratively edit and manage documents and other files using the same protocol and port used for surfing the web. In the Mac world, WebDAV provides a Disk Volume on your Desktop that “looks and feels” like any other networked hard disk. In the Windows world, WebDAV is called Web Folders. They can be used like any other mapped drive in Network Neighborhood. If you’re still a little fuzzy about the WebDAV concept, think of how you link to another drive on your local area network. WebDAV gives you the same functionality across the entire Internet with virtually the same ease of use. Depending upon user privileges, of course, you can copy files to and from a WebDAV volume, and the protocol imposes versioning control through file locking to assure that multiple people don’t change the same file at the same time. Panther and Tiger versions of Mac OS X provide both a WebDAV client and server. Nerd Vittles walked you through configuring and using the WebDAV clients. So let’s tackle the WebDAV server setup now. This works with Tiger or Panther by the way.
In a nutshell, the WebDAV server setup goes like this. We’ll create a new subdirectory in the web server’s storage folder which we’ll use for WebDAV read and write access. Then we’ll set up a username and password system to support WebDAV access. Next we’ll activate the WebDAV mods in Apache which already are installed on your Mac. We’ll then reconfigure Apache a bit to support WebDAV formatting. And finally we’ll restart our web server and presto, WebDAV. You don’t need to be a Rocket Scientist to do this, but you do have to get your hands dirty with a command-line editor, Pico. If you’ve followed other Nerd Vittles tutorials, then this one will be a breeze. Just be sure you edit carefully and, if something does go wrong, copy your backup Apache config file back over the edited one and try again. Apache errors don’t get reported in System Preferences->Sharing when you activate your personal web server. If you have problems and want to see what’s going on, activate and then run WebMin (which we previously covered at Nerd Vittles and upgraded here last week for Tiger). Using your browser, access WebMin and choose Servers->Apache Webserver. Then start and stop the web server from there. Errors will be reported with the line number in the config file that’s causing the problem. Ctrl-C in Pico will tell you what line number you’re on in the config file. If this sounds like I’ve had recent experience, you’d be correct. But you won’t have to pull your hair out. I’ve already done that with mine.
Creating a WebDAV Folder. Open a Terminal window, and switch to root access: sudo su. Then navigate to the root of your web server folders: cd /Library/WebServer/Documents. Create a new WebDAV folder: mkdir dav. Change the permissions of the folder’s group to match the Apache group: chgrp -R www dav. If you want to provide write access to users who connect to your WebDAV folder, then change the permissions to allow it: chmod 775 dav.Building a Password File. We already built a password file in the Web Sites 101 tutorial on Nerd Vittles. We used that password file to manage web site access to various web directories. You probably don’t want to use the same password file for WebDAV unless you are building this just for yourself. The only trick to password files is you want to put the file where Apache can read it but your web visitors cannot. And you want to be careful not to insert blank lines in the file with just a colon. That basically lets everyone in. The format for the file is username:password, each on a separate line. And the passwords are encrypted. Here’s how to do it.
Open a Terminal window and switch to root access: sudo su. Now move to the directory where we’ll put the password file: cd /usr/local. We’re going to name this password file dav.pw so we can remember what it’s for. To create the file and erase any existing file without warning type: htpasswd -c dav.pw admin. Think up a password you can remember, and you’ll be prompted to type it twice. Now let’s verify that the file was created: cat dav.pw. You should see the word admin, then a colon, and then your encrypted password. To add additional users to the file, just type: htpasswd -m dav.pw username where username is your next user. You’ll be prompted for the password. Remember, if you accidentally use the htpasswd -c syntax a second time, you will overwrite your existing file and all of its entries. So be careful. Finally, remember to make duplicate entries using full email syntax for the username to assure that Windows users can access your DAV resources: htpasswd -m dav.pw joe@schmo.com.
Reconfiguring Apache to Support WebDAV. Open a Terminal window, and switch to root access: sudo su. Then navigate to the folder with Apache’s configuration file: cd /etc/httpd. First, let’s make a backup copy of the config file in case something goes wrong: cp httpd.conf httpd.conf.dav.save. Now let’s carefully edit the config file: pico httpd.conf. Uncomment the headers_module line by searching for headers (Ctrl-W, headers, enter) and then pressing Ctrl-D while positioned over the # sign at the beginning of the line. Now search for mod_headers (Ctrl-W, mod_headers, enter) and uncomment that line (Ctrl-D while positioned over beginning # sign). Now search for dav_module (Ctrl-W, dav_module, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now search for mod_dav (Ctrl-W, mod_dav, enter) and uncomment the line (Ctrl-D while positioned over beginning # sign). Now press Ctrl-V repeatedly until you get to the bottom of the file. Switch to your web browser and download this WebDav snippet. When the code snippet displays in your web browser, press Command-A then Command-C to copy all of the code to your clipboard. Then switch back to Pico, click at the bottom of the config file, and paste the code snippet into the config file by pressing Command-V. Use the down arrow to move to the BrowserMatch section of the code we just pasted and be sure “redirect-carefully” didn’t end up on a line by itself. If it did, position the cursor over the first letter “r” and press the backspace key to move it back up to the end of the previous line of code. Don’t worry if a dollar sign displays at the end of the line after you move it. This just indicates that additional text is off the screen… the price we pay for using a free editor. Now we should be all set. Save the config file: Ctrl-X, Y, enter. And restart Apache by deselecting and then reselecting Personal Web Sharing from System Preferences->Sharing. Close the Terminal window by typing exit, pressing enter, and then pressing Command-Q.Testing Your WebDAV Server. To test whether WebDAV is working, switch to your Desktop and, using Finder, press Command-K. When prompted for the server address, type http://localhost/dav and then click the Connect button. Enter your username and password that you created in the dav.pw password file, and a blank dav folder should appear on your Desktop. Drag a file from your Desktop to the folder to be sure everything is working as it should. If you’ve enabled web access through your Mac and router firewalls (which we have previously covered here), then you should be able to access your WebDAV folder from the Internet with your IP address or domain name using the syntax: http://mydomain.com/dav. Enjoy your new WebDAV server. Now all you need is a friend to share it with.
iTunes Bait and Switch: Say It Ain’t So, Steve
After selling over 400 million songs through the iTunes Music Store, Apple reportedly has pulled a fast one. The Bait: Remember the original iTunes promise? Songs purchased on iTunes could be copied to an unlimited number of iPods that you own and could be played on up to five Macs or PCs. And you could burn playlists to music CDs up to seven times. And you could burn individual songs to music CDs an unlimited number of times. Well, that was then and this is now according to a little blurb on VersionTracker this week. In announcing the latest release of Roxio’s award-winning CD and DVD burning software, Toast Titanium 6.1, which was supposed to fix some compatibility issues with Tiger, a not-so-subtle gotcha has been added. The Switch: "Following discussions with Apple, this version will no longer allow customers to create audio CDs, audio DVDs, or export audio to their hard drive using purchased iTunes music store content."
If true, Apple’s welching on the terms of their music license with end-users by strong-arming software developers into crippling their CD burning software may just earn them one of the biggest class-action lawsuits of the century … to the tune of 400 million already-purchased songs. Does Apple have the right to change the terms of their music license for future sales from iTunes? I suppose so. Do they have the right to change the rules for songs people have already purchased? Any first-year law student could answer that as could most folks with about an ounce of common sense. But you can still burn a CD using iTunes, you might be saying. And I would respond, "Yeah. This week." How many times in the past year has Apple made changes to iTunes that further restrict your use of music you lawfully purchased? Making iTunes the exclusive software for burning music CDs of music purchased from the iTunes Music Store will work just about as well as letting the Arab nations unilaterally set the price of oil. What’s coming next: music CDs that will only play on Apple CD players. Give us a break! Maybe it’s time for folks to take a look at allofmp3.com after all. It’s only 95¢ a song cheaper than iTunes. But we were all trying to be good citizens, except Apple apparently. If Apple can continually change the ground rules after the fact, then it’s hard to fault those who resort to tools such as PyMusique to protect their music investment.
The fundamental difference in what Roxio apparently was doing to reverse engineer the Apple encryption scheme and what Real appears to be doing is quite simple. People have always had a contractual right to copy their encrypted songs to music CDs. So, just as printer manufacturers have no right to assert the Digital Millenium Copyright Act (DMCA) to bar competitors from making compatible print cartridges, Apple has no legitimate DMCA claim to bar other companies from providing tools to perform the lawful act of making music CDs from iTunes downloaded songs. If Apple was only worried about their encryption scheme with no ulterior motives, then it would have been a simple matter to license a decryption library to Roxio for the limited purpose of making music CDs from iTunes downloaded music. That obviously didn’t happen.
It’s too bad that Apple, which has been embraced by the public as the model technology company in this country, just can’t seem to resist the temptation to jump into the legal thicket and shoot itself in the proverbial foot. Worse yet, it always seems to happen when Apple is on a roll. Makes you wonder what would happen if Apple really were in the desktop computing driver’s seat, doesn’t it? Once word spreads that Apple is beginning a process of further crippling music downloads by changing the original terms of their deal with the public, then, read my lips, the iTunes lock on music downloads is going to be history. So, Steve. Say it ain’t so. You’ve inspired a new generation of kids to actually buy their music. Don’t make them all sorry they trusted you.
About the Author. Ward Mundy is a retired attorney who spent more than 30 years providing legal and technology assistance to the federal courts in the United States. Nothing in this article should be construed as legal advice, and obviously the views expressed herein are solely those of the author.
ISP-In-A-Box: The $500 Mac mini (Upgrading to Tiger = No-Brainer)
It’s been a week since Tiger was released, and we finally got our copy even though it was several days late. Apple more than compensated for the delay by offering up a free copy of iWork or iLife. Class act, that Apple. Our project for today is to upgrade your Mac mini to Tiger. Then we’ll send you over to Tiger Vittles to upgrade the Top 10 ISP-In-A-Box projects that we built earlier this year so that they all work again. Sounds like a whole weekend project, doesn’t it? Think again. Believe it or not, it took a little more than an hour to upgrade Panther to Tiger and about one more hour to get all ten of the following applications working. If you’re from the Windows World or have any familiarity with any server platform other than Macs, you know just how incredible that is. If not, just count your blessings, twice. Tiger is a must-have upgrade. And, if you happen to have two to five Macs in your household, it’s just about the best deal on the planet. Imagine Exxon selling you gasoline for 50¢ a gallon just because you own five automobiles.
Prerequisites. For purposes of this article, we’re assuming your Mac mini came with Panther preinstalled or that you’re upgrading another Mac that already has Panther installed. You also should have installed whichever applications above that you want to use while still running Panther. Stated another way, this tutorial won’t necessarily help you if you install Tiger and then attempt to install some of the applications above. We haven’t tested new installs on Tiger yet. So, if there are some applications you want that you haven’t installed, click on the appropriate links above, and do the installs before upgrading to Tiger. You also should make certain that any of the applications you need already work under Panther. Don’t upgrade to Tiger until they do. Finally, you’ll need $9.95 if you want to enable any or all of the email servers using PostFix Enabler for Tiger. Hint: You only really need the SMTP mail server if you’re planning to use the Email Reminders or the WordPress blog.
Upgrading from Panther to Tiger. The first thing you need to do before you begin the upgrade is to read HOW-TO: Prep Your Mac for a Tiger Upgrade on our Tiger Vittles site. Then you need to review the software compatibility lists on our Tiger Vittles site: Tiger-Ready Applications: The Good, The Bad, and The Ugly. If there is some application you absolutely have to have and it’s on our Bad or Ugly lists, then you probably will want to hold off on upgrading for a while. If you need VPN software to connect to your office, that’s probably a deal-breaker. Virtually all of the VPN clients are broken with Tiger at the moment.
In a nutshell, the upgrade process we used went like this. We obviously can’t guarantee that it will work for you because we don’t know what is on your system or what condition your system is in. So proceed at your own risk and call Apple if you run into problems. They get money for this. We don’t.
Go have a snack while your Mac is indexing. Then meet us over at Tiger Vittles today to upgrade the first ten ISP-In-A-Box server applications to work with Tiger. And, while you’re there, check out how your other favorite applications are doing with Tiger.
Nerd Reminder: Don’t forget to call your mama this weekend. Flowers would be a nice touch.
ISP-In-A-Box: The $500 Mac mini (Skype = Free Phone Service)
No Mac mini would be complete without free local and long distance telephone service. Thanks to Skype, your prayers have been answered. You can call anyone in the world who also uses Skype and talk as long and as often as you like for free! You can also place conference calls to up to four other Skype users at a time anywhere in the world at no cost. And you can call plain old telephones (POTS) by dialing an existing area code (or country code) and phone number for about 2¢ a minute to most of your favorite places. There are no hidden charges! The complete rate table is here. For 30 euros or about $40 a year, Skype will provide you a real POTS phone number in the area code of your choice with free voice mail and free incoming calls. Then all your friends can call and irritate you whether they use Skype or not.
The key ingredient for Skype is you have to have some type of computer, and it has to be running the Skype software to place and receive calls. There are free versions of the Skype software to support Windows PCs, Macs, Linux, and Pocket PCs. You’ll also need a way to talk and listen on your phone calls. You can use either a microphone and speaker, or a Skype-compatible USB phone, or a Skype-compatible terminal adapter/router, or a Bluetooth or USB headset. Suffice it say, a new Skype-compatible phone solution is announced every week so do a little Googling if you don’t find what you want below.
Skype Alternatives for the Mac. Since the Mac mini doesn’t include a microphone or line input jack, you’ll need to add a microphone and a USB audio input device such as the iMic if you want to use the microphone/speaker approach on the mini. Hint: The Mac mini’s speaker leaves a lot to be desired. The better and cheapest solution on the Mac platform for U.S. users is the Plantronics Audio 45 USB Stereo Headset for about $30. The under $100 wireless solution in the U.S. is to purchase the Plantronics M3000 Bluetooth headset and the dLink DBT-120 USB Bluetooth adapter for your Mac, if it didn’t come with Bluetooth. Once you get the dLink adapter or, if you have Apple’s internal adapter, you’ll need to upgrade the firmware in order to use the headset. Note that this only works for the Mac’s bluetooth adapter and more recent dLink adapters! Just download the 1.2 Bluetooth Firmware here and install it. We’ve had mixed results with the bluetooth headset. If Skype were my only phone service, I’d recommend the USB headset on the Mac platform. [Footnote: Tiger totally resolves the Skype bluetooth headset problems.]
Skype Alternatives for Windows Users. For Windows users, there is the IPMate S90, a $50 router that allows you to use your regular telephones with your PC and Skype. While the S90 is a Windows-only solution, if you have an old clunker Windows machine sitting around, here’s a way to put it to good use. Other Windows-only solutions are the rapidBox and the VTA1000 Skype and SIP Gateway for $59.
European Alternatives. For our European friends, the easiest solution is the cordless DU@LPhone. In addition, the $60 USB Cyberphone K is available directly from Skype; however, the dialing keypad does not yet work with Macs. [See the comments for another great European alternative.]
USB Phone Alternative. Finally, an untested, but promising, USB phone which it is claimed works on both the Mac and Windows platforms for about $60 including shipping is the Dontronics USB phone made in Australia. Let’s us hear from you if you get one.
Installing and Using Skype. Skype is one of the easiest software packages you’ll ever install. Just download the latest version from here for your chosen operating system and follow the prompts. You’ll need to set up a Skype username and password as part of the installation process and, if you want to be able to call regular telephones, you’ll need to put a little money in your SkypeOut account on the Skype web site. Configuration is equally painless. Run the application and choose Skype->Preferences. Review the settings and make any adjustments desired. Most of the defaults are fine. Under the Audio tab, select your input and output devices, and you’re ready to make your first call. If you’re calling another Skype user, just enter their username and click Call. If you’re calling a POTS number in the U.S., enter +1 and then the area code and number and click Call. Test your Skype service by calling echo123.
Once everything appears to be working, feel free to try out your system by giving us a call if you speak English. Our Skype account name is wardmundy, or you can reach us through our Washington, D.C. phone number: +1-202-470-1646. Don’t forget the plus sign. Skype is picky about it. If the voice mail system answers (that also is available through Skype), leave a message together with your name, where you’re calling from with the time zone and the best time to return your call, and, of course, your Skype name. We return our calls, but it may take us a bit of time depending upon nerd volume. Final note: This is not a tech support service. If you need technical assistance, call a friend or former friend. You can’t afford us. Enjoy!
For another approach to free phone service, read our latest article on SIP telephony options.
Some Recent Nerd Vittles Articles of Interest…
ISP-In-A-Box: The Final Chapter (P2P from A to Z)
In the beginning, there was Napster. And then there wasn’t. Then, from our friends at AOL, sprang Gnutella. And Gnutella begot Limewire. Now you can download BitTorrent for free from Apple, and Napster’s once again offering unlimited song downloads … as long as your $15 check clears each month for as long as you both shall live. What’s wrong with this picture? Well, that’s for the Supreme Court to know, and you to find out. In the meantime, while the Supreme Court is deciding the future of peer-to-peer (P2P) networks in the United States, it seemed like a good time to once again propose a fresh approach to the music sharing problem and to briefly review some of the P2P software options which are available at least today on the Mac platform.
It’s the M-Chip, Stupid! We won’t wade into the legal thicket of how you should use P2P tools other than to note, as we have in the past, that Congress has really dropped the copyright ball by refusing to consider creative solutions to the music and movie downloading problems and instead opting to rubber-stamp legislation reportedly drafted by the folks they should be regulating. It would be so easy to add $100 to the price of every music or video player and make all of this litigation go away. Before you say $100 is too cheap, just consider how many music and video players you have in your home and cars and how long they typically last before you buy new ones. The tally for our family is close to 20 devices, but don’t tell your burglar friends! Think of my proposal as a reverse V-Chip for music. Let’s call it the M-Chip. Instead of locking you out of content as the V-Chip does, the M-Chip would let you in. Pay your $100 and the M-Chip would enable your music player to play any music (encrypted or not) that you can get your hands on … legally! M-Chip proceeds would go to the record companies and musicians. And, down the road when every music player had an M-Chip, why would we need encryption any longer other than to make the music moguls sleep better? The only drawback I see to this approach is the poor lawyers. What would all of them do if the ‘music problem’ just went away?
If you want to read more, here’s a link to our previous discussion of this topic. And the Electronic Frontier Foundation has a great site that explains everything which is at stake in the pending Supreme Court case. We’ll assume that the Supreme Court will do the right thing and allow P2P networking technology to coexist with the recording industry and the movie studios. But who knows? Perhaps the next big public works project can be building enough jails to house the million plus Limewire users who are on line most of every day and night. Or, we could borrow a page from the Chairman of the Senate Judiciary Committee, Senator Orrin Hatch. He believes we should blow up the computers of people who download music illegally. Isn’t it nice to finally see one of our elected representatives thinking creatively? We’d like to believe he was just frustrated by the difficulty of the copyright problem. Otherwise, just think what he might do to you for stealing something that costs more than 99¢. Death row, here we come. Three songs, and you’re out … for good.
The real problem with all the legal mess, and it is most assuredly a mess which is only getting worse, is the adverse effect it is having on an entire generation of Americans who see nothing really wrong with committing felonies before breakfast each morning… assuming they’re up at that time of the day. And, of course, there’s the chilling effect it is having on enhancement and use of an incredibly versatile and creative technology: P2P networking. Killing off technology pioneers to deter music pirates is not unlike biting off one’s nose to spite your face. In short, it’s a great way to irreparably damage the innovative spirit which has made the United States a creative force since the days of Thomas Edison. Write your representatives in Congress and urge them to look at this issue responsibly … as if their children’s futures and respect for the American legal system were at stake. They are. End of sermon.
If P2P networking is your thing, then there is no finer platform for it than the Mac. Why? That’s an easy one. The P2P tools that have been written for the Mac platform don’t include the Spyware and Trojan Horse features which you’ll find in almost all of the offerings for the Windows platform. Just try to delete a P2P application from a Windows machine, and you’ll understand what we’re talking about. The real beauty of P2P technology is that it provides an IP solution for sharing files amongst various types of computers worldwide, something we’ve all become accustomed to using local area networks. In addition to many other companies, IBM has devoted enormous resources to exploration of P2P technology for business use.
Two very different P2P technologies provide excellent results on the Mac platform. The traditional P2P solution is Limewire which includes free (with ads) and Pro versions. A better Limewire solution and the reason some folks have actually switched to the Mac platform is a product called Acquisition. It has perhaps the best user interface ever written for Mac OS X, and at $16.99 for a single-user license, it won’t break the bank either. Installation is a breeze. Download the software from here and drag the Acquisition icon to your Applications folder. Run the Application and choose Preferences to set your default download and upload folders, to turn on iTunes integration, and to specify the number of simultaneous connections you wish to support. Now enter a search term and presto! And, yes, keep in mind that downloading or uploading copyrighted material is against the law … at least in the USA. But, if all you want to do is download music, perhaps it’s time you planned a vacation to Canada with your Mac mini or Powerbook, but you’d better hurry if current news articles are to be believed.
The other great P2P solution for the Mac platform is BitTorrent which is available for free download from Apple’s web site. Go figure. Once you download the software, just drag the application to your Applications folder and start it up. Now use Google to search for BitTorrent content. HINT: The files always end with an extension of .torrent. The same copyright warnings (as above) apply, and Big Brother is probably a BitTorrent user himself. Everything you ever wanted to know about BitTorrent is available in their FAQ or Brian’s FAQ and Guide.
Finally, while we’re on the subject of music downloads, there’s been lots of buzz recently about a Russian web site (allofmp3.com) which offers music downloads for about a penny a minute, slightly cheaper than iTunes. But, is it legal? With our usual disclaimer that we’re not in the business of providing legal advice here, we can point you to some sites that discuss the issue. FadMine seems to think it’s OK. Moscow prosecutors also gave allofmp3.com the green light, at least inside Russia. And then there’s at least one California lawyer that thinks it’s not. But see this piece in the Tech Law Advisor. In the Americanized words of a famous old British insurance handbook from 1846: "You pays your money and you takes your chances." If you haven’t guessed it already, copyright law is a goldmine for lawyers and law professors at the moment because virtually nothing is settled. Another 5-4 decision from the Supreme Court should make things much clearer. Didn’t know you were gonna have to go to law school just to use your computer, did you?
Tiger Preparations. Over at our new Tiger web site, Tiger Vittles, we’re getting ready for the big day, Friday, April 29, when Apple officially releases the next version of Mac OS X. Beginning next week, we’ll walk you through the steps you should take before upgrading an existing Mac to a new operating system. For those coming from the Windows world, don’t have a heart attack. The Mac experience is downright pleasant compared to the Microsoft torture chamber you’re accustomed to. Your homework in preparation for the upgrade is to scrape together $100 and buy a firewire drive big enough to back up your entire Mac. We’ve covered all of this before including recommendations on the best firewire drives for your money. So just click here and follow the steps.
ISP-In-A-Box: The $500 Mac mini (Building a PureFTP Server … If You Must)
Ordinarily, we have put our faith in Apple when it comes to providing secure and reliable open-source tools as part of the Mac OS X bundle. The FTP service is the exception. Here are a few reasons why. While an FTP server is bundled with the latest version of Panther, at least one well-respected commentator has noted that Apple completely broke the FTP server with a security update in September, 2004. While it was subsequently fixed, the scenario suggests that minimal, if any, testing of FTP was undertaken by Apple as new security updates were released. Given the long history of security problems with FTP services in general, this is more than a little disturbing if you enjoy a good night’s sleep. The bundled FTP server also is extremely limited in the access methods and scope of access it supports. If you want more detail, here’s a link to O’Reilly’s MacDevCenter article that will tell you more than you ever wanted to know. The final straw which has led us to support a different FTP server solution is the flawless security record of one, and only one, FTP server. Pure-FTPd comes with a default configuration which is secure and there has never been a reported buffer overflow problem with the product.
That’s the science. Now some practical advice. FTP is by definition an insecure protocol for transferring files and data. It was developed during a simpler time when the Internet was limited mostly to college professors and students who had some respect for one another. User names and passwords are sent as plain text across the big bad Internet … and so is the data. So, unless you like living dangerously and have a good backup, don’t use FTP on mission-critical systems. You also need to stop and think WHY you need FTP. If you only want to put a file repository on line and don’t need to add and delete files except when you are colocated with your server, then use this free HTTP/PHP solution by dropping these two files in a folder on your web server. Then edit the descriptions text file to describe each file in the directory inserting a tab between the file name and the description. It doesn’t get much easier than that.
If you really must use FTP, configure the server to support access with different user names and passwords than those used to log in to your Mac locally. And, speaking of logs, check your FTP logs frequently to make certain you don’t have a security problem. A missing log would be a fairly good hint that something is amiss. Finally, minimize as best you can the access provided to FTP users (including yourself) and also restrict the scope of uploads to assure that some bad guy can’t trash your machine by simply filling it up with worthless data until your hard drive gags. You can further reduce your security exposure by coupling FTP access with a secure protocol such as SSH (which we already have addressed) or FTP-SSL/TLS. The latest FTP client versions of Transmit (our personal favorite) and RBrowser both support FTP-SSL/TLS.
Installing PureFTPd. There are several ways to install PureFTPd on your Mac. As usual, we’ll opt for the easy route and use a free tool which is one of the best pieces of Mac software on the planet, PureFTPd Manager. It not only installs PureFTPd, but it also provides Rendezvous support and an incredibly simple Cocoa frontend to manage everything on your new FTP server: anonymous access, authentication methods, bandwidth usage, and much, much more. To begin, download PureFTPd Manager. Double-click on PureFTPd Manager.mpkg to begin the install from your desktop. Follow the prompts and accept all the defaults unless you’re installing on a version of Mac OS X other than Panther, v10.3. Once the installation completes, run the application from your Applications folder. Enter your admin password when prompted. Now we’ll configure your new FTP server by deciding whether to activate anonymous user access and whether to support virtual users. We’ll also configure logging and virtual hosts if you want to support them.
Anonymous and Virtual User Access. We recommend you at least configure anonymous user access. Then it can be disabled. By configuring it, PureFTPd Manager will create a folder for anonymous users and set up the necessary permissions. Leave the defaults and click Continue. We also want to set up a mechanism for adding virtual users. These are users that you create to allow FTP access only to your system. They do not have regular Mac accounts. Click Continue to set up the necessary permissions for these accounts. Check all three check boxes under Server Logging and click Continue. In the System Settings screen, leave the defaults and click Continue. Finally, click the Configure button to complete your installation. Be patient while your install is completed. It can take a minute or two so don’t get nervous and start clicking a bunch of buttons. Once the installation completes, you will be presented with the PureFTPd Manager interface. If you plan to use this software regularly, do us all a favor and send $20 to the author. It encourages more great products like this one.
Managing Your FTP Server. You can start up and shut down PureFTPd in a couple of ways. The easiest is by checking or unchecking the FTP Server option in System Preferences->Sharing. Yes, PureFTPd now has replaced the default Panther FTP server in System Preferences. You also can start and stop the server by running PureFTPd Manager from your Applications folder and clicking on the Start and Stop buttons in the Server Status screen. We recommend you turn off anonymous FTP access until you really, really need it. Click Preferences and then Anonymous. To disable uploads, check the appropriate box. To disable all anonymous access, check Disable Anonymous Access. Note that you also can control bandwidth and storage space for anonymous users. For now, just disable it. Then click Show All to return to the main Preferences menu.
Managing Virtual Users. From the Server Status screen, click on User Manager and then New to create a new virtual user for your FTP server. Assign a login name and password, specify a home directory, and click Restrict User to Home Directory. If you want to restrict the user to a specified time period for access, specify the start and end time. Otherwise, click Disabled. Under the Virtual Folders tab, you can give the user access to other folders and specify the scope of access. Under the Transfers tab, you can limit bandwidth and disk storage for this user. Under the Other tab, you can create a customized Welcome Banner and restrict IP addresses for this user.
Creating a Secure FTP Server. If you want to implement FTP-SSL/TLS support for your new server, choose Preferences then SSL/TLS Sessions. Click Create a Certificate then Go Self-Signed. Fill in ALL of the certificate entries and specify a duration for your certificate (3000 works!). Now activate TLS access by choosing either Mixed Mode (for TLS and traditional FTP access) or TLS Only (clear text sessions will be refused). Restart the FTPd daemon when prompted. Then connect using one of the FTP clients we identified above that supports TLS access. For more detailed instructions on configuration of your server, read the MacDevCenter article here.
Last But Not Least. Keep in mind that if your Mac is behind a hardware-based firewall, you will need to configure the firewall to map the FTP ports to the internal IP address of your Mac. Read the firewalling section of the PureFTPd FAQ. We covered the basics in our Going Live! article. We’ll close today with our strongest recommendation yet. Turn off FTP services except when absolutely necessary unless you are restricting your FTP access to TLS connections only with no anonymous access.
Coming Events. We’re excited as you undoubtedly are that Apple’s new Tiger operating system for the Mac is just around the corner. Just a heads up that we plan to switch gears once Tiger is released and cover all of the tutorials we’ve written about thus far focusing on what’s involved in a new Tiger install. If prior OS releases are an indicator, then Tiger will bring a few surprises. To celebrate the release, we’ll be starting with a brand-new Mac with Tiger freshly installed. And, if you haven’t noticed in the right column, we’re adding a new web site, Tiger Vittles, to focus exclusively on installation and configuration of open source applications for the new Tiger OS. We hope you’ll join us for the celebration.
Free Asterisk Solutions
