The Most Versatile VoIP Provider: FREE PORTING

ISP-In-A-Box: The $500 Mac mini (HOW-TO Become A WordPress BlogMaster, Part I)

So you want to be a BlogMaster, but you want to host your blog on your very own Mac rather than paying a managed hosting service such as Blogger or TypePad. And you’ve elected to ignore our previous advice to use a hosting provider that offers MySQL database management, PHP, and blogging software as part of their feature set for free. Well, good for you! And you’re in luck because today, rejuvenated from our Spring Break cruise aboard the good ship Disney Wonder, we’re going to install the brand-new WordPress 1.5 on your Mac. This is the latest and greatest version of the blogging system that we use for Nerd Vittles which just happens to be what you’re reading now. In naming WordPress as the Web Application of the Year, ArsTechnica put it this way:


Let’s face it. Blogs are in fashion, and why not? Vanity knows no bounds, and there are some people who actually do something productive with theirs. From the influence of blogs on the coverage of the US presidential elections to every random teenager who has problems with their partner/parent/teacher/cat, blogs are out there allowing your most intimate feelings to be shared with random people at wifi hotspots. WordPress is the most prominent rising star of weblog software, completely free and with a large and active community. Styles, plugins and hacks are readily available, with problems such as comment spamming being addressed far more rapidly than competing applications.

blankWe couldn’t have said it better. So let’s get started.

Prerequisites. Before you can bring up WordPress and begin your blogging career, you first need to figure out what you want to write about. Hopefully, it will be something in which others have an interest. And with Dan Rather now retired, conservative bloggers will actually have to come up with something new to whine about. But, who cares, right? You can always change your mind tomorrow, and the next day, and the next if you install and manage your own blogging system. On the hardware and software side, you’ll need a Mac running Mac OS X v10.3, aka Panther. And you also will need to install and activate five of the applications we covered in previous sessions before you begin this installation. You’ll need the Apache Web Server, the Postfix SMTP mail server only, the MySQL database server, and PHP and PhpMyAdmin. Once you complete these tutorials, read on. Don’t attempt to install WordPress prematurely, or you’ll make a big mess, and we don’t provide mess cleanup tutorials! For a complete list of our HOW-TO articles and Mac mini resources on the Net, click here.

Downloading WordPress. If you didn’t already know, WordPress is free for the taking, but you still have to download it from here. Just click on the Download .tar.gz link. This should download the software to your Desktop and automatically decompress it into a folder named wordpress. If you just end up with a .tar.gz file, simply double-click on it to decompress it into a folder. Now click once on the folder name and change the name of the folder to blog and press the return key. Next double-click on the folder to open it. Then double-click on wp-config-sample.php to open it with TextEdit. Look for the DB_USER line and change the word username to root. Now move down to the DB_PASSWORD line and delete the word password but leave the single quotes that were surrounding it. When you’re finished, it should show two single quotes with no spaces between them. Now press Command-S to save your changes. Close TextEdit, and then single-click on the filename wp-config-sample.php. Change the filename to wp-config.php and press the return key. Close the folder. Using Finder, click on the local hard disk, and move to the /Library/WebServer/Documents folder. Now click-and-drag the blog folder on your Desktop into the Documents folder. This will make your blog accessible at any of the following addresses: http://localhost/blog/ or http://127.0.0.1/blog/ or http://your.internal.ip.address/blog/ or http://your.Internet.ip.address/blog/ assuming you have activated the security settings set forth in our Network Security article. In addition, you can access your blog at http://yourdomain.com/blog/ if you have completed the domain registration steps outlined in our Domain Names article.

Installing WordPress. Like many open source applications, WordPress is a PHP-driven application that stores its data in a MySQL database with numerous MySQL tables. So, in order to use WordPress, we first need to create a MySQL database named wordpress to house the data. We’ll do this using PhpMyAdmin. Open a web browser on your server and go to http://localhost/php/. At the top of the right frame is a field for Create new database for MySQL. Type wordpress in the space provided, change the collation sequence to ascii.bin, and click the Create button to create the new MySQL database. Close that browser window and open a new one. Now go to http://127.0.0.1/blog/wp-admin/install.php. The Welcome to WordPress screen will appear. Click on the First Step link. Fill in a title for your new blog and your email address, and then click Continue to Second Step. Surprise! The installation is complete. Just be sure you write down your username (admin) and the randomly generated password. We’ll change it in a minute.

Configuring WordPress. Now click on the login link which will take you to the login screen: http://127.0.0.1/blog/wp-login.php. Type your username and password that you just wrote down. The Admin Dashboard will display with all sorts of information about WordPress. But let’s do first things first. Click on the Users tab at the top of the screen. Type in your name and any other desired extras you want to publish with your blog. Move to the two fields provided to change your password, and type your new permanent password twice. Then click the Update Profile button. Log out and back in just to be sure everything is working as it should. In a new browser window, go to http://127.0.0.1/blog/ and Voila. Welcome to Bloggerville! From your blog’s main page, you can return to the Admin program by clicking on the Admin link. You shouldn’t have to log in again assuming cookies are enabled and functioning properly on your system.

From the Administration program, you add new articles to your blog by clicking on the Write tab. And you can View, Edit, or Delete articles by clicking on the appropriate link beside the article of interest using the Manage tab. That should be enough to get you started in your blogging career. In our next session, we’ll talk about Plugins and Templates and Themes as well as how to protect your blog from the bad guys. We’ll also go into further detail about many of the WordPress 1.5 features that have made it such a popular blogging system. Your homework is to pay a visit to Alex King’s incredible WordPress resource site. While you’re there, look through the Themes section and find a look you like for your new blog. Our personal favorite is Meadow (see inset above). We’ll walk you through installing it (or your personal favorite) in our next session. For now, get those creative juices flowing and blog your socks off!

ISP-In-A-Box: The $500 Mac mini (Chapter XV: Rock Solid Backups, Rock Bottom Price … Free!)

We’ve postponed this column several times but not because it wasn’t important. We’re firm believers that every computer deserves a rock-solid backup solution, and the one we’ll introduce you to today is as good as backups get. It also happens to be free unless you’d like to donate $5 to the author … highly recommended. Today’s backup solution is so well engineered that you actually can boot your Mac from the backup drive once you complete a full system backup. Try that on your Windows XP machine. Heh heh heh. And this last capability provides a hidden bonus included with this backup solution: you can use it to clone your small hard drive and then replace it with a larger (or faster) drive which then can be cloned from the backup drive. You also can synchronize one drive to another and schedule unattended backups at any time desired.

blankChoosing an External Backup Drive. In order to do full system backups and incremental ones, you’ll need an external USB or Firewire drive. We recommend a firewire drive because you can’t boot Mac OS X from a USB drive. Booting from a firewire drive is as easy as rebooting, holding down the alt/option key, and choosing the drive from which to boot. The drive obviously needs to be large enough to hold your backup. If money is no object, you may want to consider one of the self-powered firewire drives so you don’t have to scramble for an AC outlet to make a backup. This makes real sense with notebook computers! Or, if you’ve gotten tired of listening to music on your iPod and would rather use it for a higher purpose, Engadget has an article that will show you how to convert your iPod into a perfectly acceptable firewire drive for backups. The most cost effective solution is probably what we use ourselves. You can find a Lacie 80GB firewire drive providing incredible performance with a small footprint for just over $100. We’ve had good luck with the Lacie drives which we leave powered on and connected to two of our iMacs all the time. Backups are run in the middle of the night and never interfere with what you’re doing.

Downloading the Software. This backup solution is designed for those using a Mac with Mac OS X v10.3 aka Panther. If you’re using a different OS, you’ll need to make some adjustments which aren’t covered here. We’re going to be downloading two separate pieces of software: Carbon Copy Cloner v.2.3 and Psync, and we want the Panther versions of both products. So just click on the Psync link in this paragraph to download it to your Desktop. Install it by double-clicking on psync.pkg once it mounts on your Desktop. Just follow the prompts. Then download Carbon Copy Cloner from the link above. Once the folder is created on your Desktop, double-click on the documentation file in the folder and read it. Now drag the Carbon Copy Cloner application to your Applications folder to complete the installation.

Making Your First Backup. Plug in your external drive and power it up. Make certain that it mounts on your Desktop (you’ll see an icon) before you start up Carbon Copy Cloner. Now start CCC by double-clicking on it in your Applications folder. Once it starts up, begin by clicking on the padlock and entering your Admin password to enable all of CCC’s features. The simplest full system backup only requires a couple of steps. Click on the Source Disk pull-down and choose your local hard disk. Then click on the Target Disk pull-down and choose your external drive. Now click the Preferences button and make certain that Repair Permissions before cloning is checked, Target Disk – Make Bootable is checked, and both Synchronization items are checked. None of the options in the right column should be checked. Now click the Save button. To begin your backup, click the Clone button. When the backup finishes, check the log to make sure nothing came unglued. Then restart your Mac and hold down the alt-option key. Choose your firewire external drive as the boot device and watch as your Mac restarts from your secondary drive. How cool is that? Now send Mike Bombich five bucks. It’s the cheapest insurance you’ll ever buy.

Scheduling Regular Backups. Nothing, of course, prevents you from making a backup anytime you feel like it. However, nothing will improve your peace of mind more than scheduling regular backups so you don’t have to worry about it. Here’s how. While you have all your settings just right in the Cloning Console window, click the Scheduler button. Choose when and how often you want your backups to run and then click the plus sign (+) to add the backup script to your System crontab (that you learned all about earlier this week). Wasn’t that hard, was it? The only wrinkle, of course, is that your machine and backup drive both must be on, and your Mac cannot be in Sleep mode. Now all you need to do is check your logs once in a while to make sure everything went according to plan.

We’ve got an extra special surprise for you tomorrow. See you then.

ISP-In-A-Box: The $500 Mac mini (Chapter XIV: Remote Access and Remote Control)

Today we’re going to tackle all the flavors of Remote Access for your Mac. It’s a must-have resource for Road Warriors and anyone using their Mac as a server of almost any kind. There are dozens of great remote access tools available but, in the interest of not putting everyone to sleep at once, we’ll focus on some of the built-in (i.e. free) tools, the best of the open source tools (i.e. free), and a couple of the more popular commercial products. The prerequisites for all of these tools are having an always-on Internet connection and having an always-on Mac. And sleep mode doesn’t qualify as ON insofar as remote access is concerned.

There are two types of remote access tools in my book: safe and dangerous. Safe in this context means the connection between you (wherever you are) and your Mac server is always encrypted so that others can’t intercept your password or data. Dangerous means everything else such as FTP. We’re only going to discuss safe remote access tools, and I’d urge you to think twice about enabling or using anything else. Once someone intercepts your unencrypted password, they basically own your Mac and all the data that’s stored on it. So ask yourself if that’s a risk you are willing to take. And I think you’ll probably come to the same conclusion we have: Just Say No.

If you’ve been following our advice, then there is a hardware-based firewall of some variety between your Mac server and the Internet. And your Mac has its built-in firewall enabled as well. Before remote access will work, you’ll need to open the SSH (secure shell) port (22) by accessing the Sharing Folder under System Preferences. Just check the Remote Login box to enable other computers to access your Mac using SSH. You’ll also need to create a rule in your hardware-based firewall that passes Port 22 traffic to the IP address of your Mac. If you don’t know what your Mac’s Internet address is, just click here using a web browser on the Mac in question.

blankOnce you have enabled Remote Login, your Mac automatically starts three UNIX servers: SSH for remotely logging in to your machine, SCP for remotely copying files to/from your machine, and SFTP which is functionally identical to a traditional FTP server except the connection is secure. With SSH, the simplest way to access your server from another machine is to open a Terminal window, switch to root access (sudo su), and then open an SSH session: ssh 111.111.111.111 where the IP address is the actual IP address of your server. If you’re inside the hardware firewall with your server, then you can use your internal IP address as well. Unless you’ve installed a security certificate on your Mac (which really isn’t necessary since an unregistered one will be generated automatically), you will be warned that the authenticity of your server cannot be established. Just type yes to proceed, and then enter your root password. Once you’re connected to your server, you can do anything you could do from a Terminal window sitting at your machine. Type man scp for a tutorial on how to use the secure copy program. q gets you out. When you are finished with your SSH session, type exit to logout.

Secure FTP works similarly. You login by typing: sftp username@111.111.111.111 where username is an actual account on your server and the IP address is your server’s actual IP address. After typing your password, you will be presented with the sftp> prompt. Type ? to see the list of possible commands. When you are finished with your SFTP session, type exit to logout. If you only need to copy files back and forth to your Mac server, this is probably the easiest and simplest method to use. And it’s free.

If your primary remote access requirement is to copy files between your Mac and a remote machine but you prefer the ease of use of a Mac OS X Aqua interface, then there is no finer program than Transmit (see inset). While it’s not free, $30 won’t break the bank for most folks, and you’ll be getting the top of the line FTP and SFTP product available in the Mac marketplace. If, down the road, you decide to use a web hosting facility for your web site(s), Transmit is the one tool you simply cannot live without. Copying files is as simple as dragging and dropping them into a Transmit window. If you can’t tell, we use Transmit ourselves for managing web sites and have for many years. You won’t be disappointed.

There’s another type of Remote Access program. The applications in this group are designed to let you remotely display and control the desktop of your Mac. In other words, what you see is the same thing someone sitting in front of your Mac server would see … only slower. For some, this is an essential component of remote access. For others, it’s a big waste of computing and bandwidth resources. Just be forewarned that Remote Control software is not perfect and is resource intensive, and you won’t be disappointed if you have a fast broadband connection in both directions on both machines. Keep in mind that a typical Mac display these days exceeds 700,000 pixels with millions of colors, and it will give you some idea of the amount of data which must be transmitted just to replicate a single static screen. And that’s before you ever move your mouse! Yes, there are compression techniques and shortcuts that the various applications use to reduce the size of the screen transmissions, but it still is a bandwidth intensive operation because of the screen sizes and resolutions of today’s monitors. Apple makes a perfectly acceptable commercial application to handle remote control called Apple Remote Desktop 2. And, if money is no object or for large organizations, it is a perfectly acceptable solution for remote control. You should be aware, however, that half of the Apple remote control package is available at no cost to users of Mac OS X v10.3. That half is now standards-based and, because it’s free, we’re going to take advantage of it today. Standards-based means that it is compatible with every VNC client for virtually every computing platform in the world, all the way down to cellphones and PDAs if you can stand the performance. The other half (purchased from Apple) will set you back $299 for 10 clients or $499 for unlimited clients. The good news is you don’t need the costly half because there is a standards-based product for Macs which works well and is only getting better. Finally, be aware that this remote control solution is not encrypted meaning that it is possible (theoretically at least) for someone at your ISP’s router to intercept the data. With built-in compression, the data stream still would pretty much be gibberish, but at least it is something you should be aware of. See the comments to this article for an approach that uses an SSH tunnel.

So our remote control approach will be to download and install the latest version of the Apple VNC client. And then we’ll download the standards-based Chicken of the VNC to handle access to the remote desktop. And, as we mentioned, any standard VNC product can be used to connect to the Apple VNC desktop once we get it upgraded to version 2.1. You can read all about the history of Bell Labs VNC software and all of its supported platforms here. Finally, a word about nomenclature. The piece of software residing on the host machine always has been called the VNC Server until Apple came along and named theirs the Remote Desktop Client. The piece of software on the traveling machine that is used to connect back to your host or home base has always been called the VNC Client except Apple calls theirs the Apple Remote Desktop. Sounds confusing? You bet. For our purposes, we’ll refer to the Host Machine (meaning your home base host) and the Remote Machine (meaning the computer from which you are making the connection to your host machine). Whew!

Now, let’s upgrade the software on your Host Machine to make sure the standards-based remote access products will work. Just download and install the Apple Remote Desktop Client 2.1 from here. When you complete the installation, you will need to enable Apple Remote Desktop under the Services tab in the Sharing folder of System Preferences. Then click on the Access Privileges button, choose a user account, make sure all the boxes in the right column are checked, and check the "VNC viewers may control screen with password" option. Enter a password that you will use for remote access. Leave the "guests may request access" option unchecked, or you’ll have to have someone sitting at your host machine to grant access. Click the OK button to save your changes. Next, you need to open the firewall ports on your Mac and your hardware-based firewall to support remote access. Click on the Firewall tab. Then click the New button. Choose VNC (5900-5902) from the pull-down list. If it will only be you connecting to your host machine, then you only need to open port 5900 on your hardware-based firewall and point it to the internal IP address of your host machine. That completes the Host machine installation and setup for remote control.

blankNow let’s do the other half: the traveling or remote machine software, aka the VNC client. To test this, you’re going to need a second computer (not necessarily a Mac). It’s helpful to have a second computer inside your hardware-based firewall so we can get the kinks out before you try this on the road. If your second machine is also a Mac, then the software you need is Chicken of the VNC (get it?). Download the 2.0b2 version from a SourceForge mirror site to your Desktop. Once it is installed on your Desktop, drag the icon to your Applications folder. Double-click on the icon to start the application. The VNC Login screen will appear. Fill in the IP address of your Host machine and the password you assigned when we enabled the Apple Remote Desktop. The Shared Display checkbox lets more than one person connect to the same Host at the same time so long as you use different ports. Port 0 uses 5900, port 1 uses 5901, etc. The ports have to be open and pointed to your host on your hardware-based firewall. For now, you can leave Shared Display unchecked and make sure the Port is set to 0. Leave the Default Profile setting as is and decide whether you want to save your password in your keychain. That’s all there is to it. Click the Connect button and the screen of your Host machine should miraculously appear. You can toggle the Host machine display between a window and full-screen by pressing Command-Option-Control-`. To disconnect, just close the Host machine display window or choose Connection, Close Window from the title bar menus.

For additional assistance and terrific web-based documentation, just click on Help while the program is running. To keep up with the latest developments of Chicken of the VNC, visit MacUpdate. If you need VNC software for other platforms, Real VNC has the latest versions and AT&T’s VNC archive is another worthwhile site although it now is over five years old. VNC clients also are available for Palm devices and Treo smartphones as well as Pocket PCs and compatible smartphones. Enjoy!

ISP-In-A-Box: The $500 Mac mini (Chapter XIII, Crontab Scheduling)

blankWell, our plan for today was to get down in the weeds of BSD and actually show you how to wrestle with crontabs to schedule tasks on your Mac or Mac mini. But, as luck would have it, our friends at iMagicWeb had a better solution that they wrote us about. So let’s shift gears and wrestle with crontab in the least painless way possible … which is to use a terrific piece of free software called CronniX. It was written specifically to manage cron jobs using the traditional Mac OS X Aqua interface. Before we get to CronniX, let’s briefly address what crontab is and what it does for you. Think of crontab as the ultimate scheduler. It can run almost any BSD application, script, or command as well as any Mac OS X application or Applescript at any time or combination of times that you care to dream up. Stated another way, you use crontab to schedule background jobs, i.e. tasks that you want your computer to execute without bothering you or your computer’s display. We already are using cron jobs to handle our Email Reminders, and our Webalizer statistics, and our daily Web Calendars. But we’ve barely scratched the surface of the possibilities. Later this week we’ll add automatic backups of your main hard drive to any external USB or firewire hard disk. And there will be specific tasks that you come up with where a cron job is the obvious solution.

There are three main things you do with cron jobs: you create them, you change them, and you delete them. To change or delete an existing job, just highlight the job and click Edit or Delete. To create a new entry, you need to be aware that cron jobs can be run as any user including the root user, and they inherit the privileges of that user. The moral here is, for security’s sake and the overall health of your system, don’t run jobs as the root user unless you have to. In creating cron jobs, you can schedule them to run at a particular time or times or at timed intervals, e.g. every 15 minutes. And you can schedule cron jobs to only run on a certain day of the week or month or on an assortment of days chosen by you. You can also quickly bring your server to its knees by running disk-intensive cron jobs every minute of every hour of every day of the year. The choice is yours. Aside from not running cron jobs as root unless you have to, the only other bit of advice I would offer is this. Test whatever you plan to schedule as a background job in the foreground first. When run as a foreground task (i.e. from a Terminal window), you can watch it to make certain it does what you wanted it to do. If it doesn’t, you can kill the job by pressing Ctrl-C. It is extremely difficult to diagnose scripting bugs in applications you have running in the background particularly when all you hear is your hard disk beating its brains out. Before you can kill a background job, it usually has plenty of opportunity to wreak enormous havoc on your computer. Having said all that, what makes the Mac such an incredibly powerful server platform is due at least in part to the almost limitless capacity to schedule and execute background tasks of every variety imaginable.

Up to now we’ve been setting up cron jobs using Webmin which is every bit as efficient as swatting a fly with a sledge hammer. For one thing, you have to crank up the Webmin server just to be able to access Webmin using a web browser. For some tasks, this is a great approach. But for scheduling cron jobs, it’s a little silly. So, as I mentioned, our original plan for today was to cover the intricate details of using crontab and managing cron jobs from the Terminal command prompt. Lo and behold, it turns out there is a terrific little Mac OS X application called CronniX which makes the drudgery of crontabs all but disappear. As mentioned, the application is free although the author does accept donations. His web site is http://h5197.serverkompetenz.net/cronnix/. So go to the site, click on the download link and download the latest and greatest version (3.0b3.dmg). It will decompress into a folder on your desktop. Open the folder and drag the CronniX application to your Applications folder.

When you start up CronniX, it will default to the crontab for your current login ID. You can switch crontabs by pressing Command-O and entering the desired username including root and system. Existing crontab entries will be displayed for the username selected. An asterisk (*) in crontab lingo means all while an asterisk followed by a slash and a number means every so many minutes or hours or days. For example, */15 in the minutes column would mean every 15 minutes while */4 in the hours column would mean every 4 hours. To create a new crontab entry, you simply click the New button and fill in the blanks. Checking the checkbox beside a field sets that field to * or all. The syntax for commands is exactly what you would type in a Terminal window to execute the command. And, for Mac OS X applications, you can execute them by checking "Prepend /usr/bin/open" and then clicking the Browse button and choosing the desired Application. Once you’ve made your entry, click on the Save button to actually post your new entries to the selected crontab. Then press Command-Q to close CronniX. It’s as simple as that.

ISP-In-A-Box: The $500 Mac mini (Chapter XII, Email Reminders)

blankOne of the most useful additions to any server is the ability to send yourself or others Email Reminders. Adding a web interface is simply icing on the cake. Yes, PDAs and cell phones and iCal can do it as stand-alone applications, but you have to be with the device where you scheduled the reminder, or you miss it. With a web-based email reminder system, you can send reminders to multiple devices and multiple people, not just yourself… and you can schedule them up to nine years in advance (assuming your server makes it that long). If you have teenagers, I don’t have to tell you how much they will appreciate your computer sending their cellphones reminders to clean their rooms in the middle of their night on the town. It also comes in handy to make sure you pay bills on time. And, you’ll find it absolutely essential in getting out of boring meetings early by simply sending your cellphone an urgent message at the top of the hour. Yes, the reminders can be recurring: every hour, every day, every month, or every year. And no, email reminders won’t cost you a dime. Unfortunately, it’s another of those little Linux gems that just didn’t quite fit the Mac way of doing things. So, we’ve fixed it up, added the missing pieces for MySQL and Perl, and repackaged it for all the Mac addicts who have built one of our ISP-In-A-Box systems these past few weeks.

Prerequisites. Before Email Reminders will work on your Mac, you’ll need to assure that you’ve enabled the Apache Web Server, the Postfix SMTP email server (POP and IMAP are not required!), the MySQL database server, PHP, and PhpMyAdmin. You’ll also need Webmin to add the crontab scheduling piece unless you’re familiar with using crontab directly … which we’re going to cover later this week, incidentally. For Email Reminders to function properly after installation, you’ll need to keep the following servers running all the time: Apache, Postfix SMTP, and MySQL. Aren’t you glad you bought that extra RAM!

Our approach should be getting familiar by now. We’ll download the software to your desktop, then move it to its permanent home on your web server. Next, we’ll run a simple MySQL script to create the necessary database to manage your reminders. Then we’ll customize the software to add your email return address. And finally, we’ll set up a crontab script to check for reminders to be sent at the top of every hour.

Downloading Email Reminders. You can learn all about Email Reminders at the author’s web site, but unfortunately for Mac users, the version available there just doesn’t quite work as packaged with Mac OS X. So we’ve customized the software a bit to match our ISP-In-A-Box configuration, and it’s available for download here. Once the 100K download to your Desktop completes, it should decompress into a folder named emrem. If not, double-click on the downloaded file to start the process.

Moving Email Reminders to Your Web Site. Open a Finder window, click on your local hard disk, and navigate to the /Library/WebServer/Documents folder. Then click-and-drag the emrem folder on your Desktop into the Documents folder. This will make your Email Reminders application available with a web browser using the syntax: http://yourdomain.com/emrem/ or http://localhost/emrem/ from your server desktop.

Building the Email Reminders MySQL Database. Open a Terminal window and switch to root user access: sudo su. Now move to the folder where we installed emrem:

  • cd /Library/WebServer/Documents/emrem
  • After making certain that MySQL is running (/library/startupitems/mysql/mysql restart), type the following command to create your Email Reminder database:

  • /usr/local/mysql/bin/mysql < emrem.sql
  • Customizing Email Reminders. While you’re still positioned in the emrem folder, let’s add your own email return address just so email reminders don’t get bounced as spam. We’ll edit the configuration file with out usual Pico editor and, yes, BE CAREFUL: pico config.php. Now search for yourname: CTRL-W, yourname, then enter. Carefully delete yourname@yourdomain.com using the CTRL-D key. Now type your email address in its place. Save your changes: CTRL-X, Y, then enter.

    Verifying All Is Well. Let’s run a simple test to be sure everything worked according to plan thus far. After assuring that your web server is running, switch to a web browser and go to http://localhost/emrem/. Now add an entry to send an Email Reminder to your own email address and schedule it for the next hour. Once you get a completed message, let’s use PhpMyAdmin to verify that the reminder was actually placed in the MySQL database we set up. Start PhpMyAdmin: http://localhost/php/. Click on the Databases pull-down and choose the emrem database. Now click on the reminders table, and choose the Browse tab. You should see one entry in your table. You can close your browser window now, but keep in mind that this is where you’d come to delete a reminder if, for some reason, something ever goes haywire. I’ve never seen it happen in four years of use!

    Scheduling the Email Reminders Task. Finally, we need to schedule the Email Reminders Perl script to run each hour. It is responsible for checking to see if reminders are due to be sent and sending them. Start up Webmin if it is not already running on your server: /etc/webmin/start. Now open Webmin with your browser: http://localhost:10000. Enter admin for your username and your actual password. Click on the System button and then Scheduled Cron Jobs. Then click Create a new scheduled cron job. Make the following entries in the form and then click the Create button. Leave the default settings unless specified below:

  • Execute cron job asroot
  • Command/Library/WebServer/Documents/emrem/cron-emrem.pl
  • When to executeTimes and dates shown below
  • Minuteclick on Selected and click on the number 1
  • Hours, Days, Months, WeekdaysAll
  • Now all you have to do is wait for the top of the hour, and your first Email Reminder should arrive within a minute or two. Before redistributing this software, please read the license terms in the COPYING file which can be found in the emrem folder on your web site. Enjoy!

    ISP-In-A-Box: The $500 Mac mini (Chapter XI, Web Calendars)

    blankIf you’re a big fan of the Mac’s iCal calendaring application like we are, then you will love this addition to your web site. Today we’re going to install PhpiCalendar which does one thing, but does it incredibly well. PhpiCalendar displays picture-perfect web calendars (see inset) of all of your iCal information which can be accessed from anywhere using a web browser. Do you need a .Mac account? Nope. All you need is an ISP-In-A-Box running the Apache Web Server and PHP. You’ll also need to install Webmin to handle the crontab task discussed below unless you’re familiar with the crontab application itself. And we’ve already covered how to password-protect your calendar web site if you want to. Because PhpiCalendar reads .ics calendars (IETF 2445 files), you can also use it to access calendars created with Mozilla Calendar and Sunbird, Novell’s Ximian Evolution, KOrganizer, and WinDates 5.0. Did I mention there are also thousands of free, downloadable .ics calendars at iCalShare that cover every imaginable subject matter: holidays of every flavor, astronomy, TV schedules, DVD release dates, iTunes release dates, sports schedules, band schedules, and on and on. So let’s get started.

    We’ll first download the application, and then move it to a folder on your web site. Then we’ll load your existing iCal calendars and test the application. Once everything is working, we’ll add an entry in the crontab file to copy your iCal data over to PhpiCalendar each day at one or more times that you specify.

    Downloading PhpiCalendar. PhpiCalendar is one of thousands of applications which are available at no cost on SourceForge.net. Just click here to download the latest 2.0 beta and choose a download site near your location to begin. The application will be copied to your desktop and then automatically decompress into a folder called phpicalendar-2.0b. Let’s rename the folder to something simpler. Just click on the existing folder name and change it to ical.

    Moving PhpiCalendar to Your Web Site. Open a Finder window, click on your local hard disk, and then move to the /Library/WebServer/Documents folder. Now click-and-drag the iCal folder on your Desktop into the Documents folder. Now you can access your Web Calendars by going to http://localhost/ical/ or http://yourdomain.com/ical/. Test it now using your web browser. Your own iCal information will not appear, but some sample calendar events will.

    Importing iCal Data into PhpiCalendar. In order to import your iCal calendars into PhpiCalendar, we first need to figure out where your iCal data is stored. Using Finder, press Command-F and search for file names on your local hard disk that contain .ics. Click on one of the file matches to display its location which should be something like the following: /yourname/Library/Calendars where yourname is your Mac login ID. Write down what you found, and then open a Terminal windows (Freudian slip?) and switch to root user access: sudo su. Enter your admin password. Now let’s clean out the sample calendars that were distributed with PhpiCalendar and copy your own iCal data into the PhpiCalendar folder:

  • cd /Library/WebServer/Documents/ical/calendars
  • rm Home.ics
  • rm Work.ics
  • cp /Users/yourname/Library/Calendars/*.ics /Library/WebServer/Documents/ical/calendars
  • Now refresh your browser at http://localhost/ical/ and your very own iCal data should now appear in the web calendar. Click on the small icons in the upper right section of the main screen to change from daily to weekly to monthly to yearly views. You can permanently save your preferences by clicking on (you guessed it!) Preferences.

    Automating PhpiCalendar Updates. Because PhpiCalendar operates independently from iCal, we need to automate the process of copying your calendars from iCal each day. We’ll do it with crontab using the Webmin application we installed last week. Make sure Webmin is running (/etc/webmin/start), and then open it with your web browser: http://localhost:10000. Click on the System button and then Scheduled Cron Jobs. Then click Create a new scheduled cron job. Make the following entries in the form and then click the Create button. Leave the default settings unless specified below:

  • Execute cron job asroot
  • Commandcp /Users/yourname/Library/Calendars/*.ics /Library/WebServer/Documents/ical/Calendars (use your actual username for yourname, of course)
  • When to executeTimes and dates shown below
  • Minuteclick on Selected and click on any minute desired
  • Hourclick on Selected and click on any hour desired or Ctrl-Click on several hours to run multiple times each day
  • Days, Months, WeekdaysAll
  • Once you have assured that your calendars are being updated daily, you can silence email advisories by adding > /dev/null 2>&1 to the end of the Command in your cron job. Just click on the job, make the change, and click Save. Check back with us next week for some more terrific applications. Have a great weekend!

    ISP-In-A-Box: The $500 Mac mini (Chapter X, Web Sites 101, Part II)

    blankToday we finish up our two-part series on a few webmaster fundamentals that you will need before we can build some of our upcoming web projects. The tasks assume that you already have an Apache Web Server up and running and that you have installed Webmin which we covered last week. As in past columns, our preference is that you first at least read through our previous ISP-In-A-Box tutorials (available as a PDF collection here) so that you have a basic understanding of how to do things, but that√¢‚Ǩ‚Ñ¢s up to you. Yesterday we showed you how to assure that directories without a default web page never display, and you learned how to password-protect web site directories. Today we’ll show you how to configure Apache to serve up multiple web sites from a single web server, yours.

    There’s no reason you can’t have more than one domain with your new web server. And each can have its own independent web site. Whether it’s static or data-driven is, of course, up to you. You also can build fully-qualified subdomains for all of your kids or small-business departments, and let them maintain their own web sites using the Mac’s built-in user accounts. For example, web sites for johnny.begood.com and betty.begood.com would be built in the Sites folder for accounts set up on your Mac as johnny and betty. Then it’s a simple matter, with Omnis.com’s DNS tools, to point johnny.begood.com to the appropriate web site using a Proxy (aka mod_proxy) record for the begood.com domain that looks like this (substituting your own IP address, of course):

  • Namejohnny
  • TypePROXY
  • Contenthttp://111.111.111.111/~johnny
  • But suppose you want to have two completely different domains with two completely different web sites, and you don’t want to have to create separate Mac accounts to maintain each domain. That’s not a problem either. Apache was designed to do just that. We’re going to use Webmin to configure a second domain which we’ll create in a new folder called calendar off our main web site tree: /Library/WebServer/Documents. Note, however, that you shouldn’t create the calendar folder under the default Documents folder unless you don’t mind that folks visiting your main web site (http://mydomain.com) can also access the calendar web site by going to http://mydomain.com/calendar. If you want to prevent this, then you’d create the calendar folder at the same level as the Documents folder, i.e. as a new folder in the /Library/WebServer folder. The only drawback of the latter approach is that you can no longer access the site using the http://localhost syntax. I’ll bet you can figure out why.

    The first step is obviously to register a second domain and use the registrar’s DNS service. We’ve previously covered this (here) if you need some help. Once you have done that, create two new DNS A records that point to your IP address. Apache will handle figuring out which domain is hitting your web server. Note that you cannot use Proxy records if you want Apache to resolve the domain names. If you use Proxy records, you can distinguish various web sites by assigning each domain to a different port, e.g. 82, 83, and 84. The syntax for the Content would be http://111.111.111.111:81. You also would have to enable these ports in the Apache config file by searching for the word "Listen" in httpd.conf and adding separate lines for each port you wish to enable: Listen 82, Listen 83, and Listen 84. Then you would restart Apache. For now, let’s use A records which are a bit easier to implement:

  • Namewww
  • Content111.111.111.111
  • Name@
  • Content111.111.111.111
  • We’re now ready to configure Apache to handle the second domain. Make sure Webmin is running on your server (/etc/webmin/start), and then open a web browser and go to http://localhost:10000. Click on the Servers button and then click Apache Web Server. At the bottom of the page is a form to Create A New Virtual Server. Just fill out the form with these settings and leave the other defaults the way they are. Then click the Create Now button.

  • Handle connections to addressany address
  • Portdefault (if you were using the Proxy port approach, you would specify port 82, etc. here)
  • Document root/library/webserver/documents/calendar
  • Domainmydomain.com (use the real name of your second domain here)
  • For your changes to take effect, you’ll need to stop and restart your web server. This can be done at the top of the form by clicking the Stop Apache button and then the Start Apache button.

    ISP-In-A-Box: The $500 Mac mini (Chapter X, Web Sites 101, Part I)

    Today and tomorrow, we're going to cover a few more fundamentals that you will need to master before we can build some of our upcoming web projects. Today's tasks assume that you already have an Apache Web Server up and running and that you have installed Webmin which we covered last week. As in past columns, our preference is that you first at least read through our previous ISP-In-A-Box tutorials (available as a PDF collection here) so that you have a basic understanding of how to do things, but that's up to you. Our three projects for today and tomorrow are assuring that directories without a default web page never display, learning how to password-protect web site directories, and mastering how to configure Apache to serve up multiple web sites from a single web server, yours.

    blankPreventing Display of Web Site Directories With No Default Web Page. As delivered by Apple with your new Mac, the default Apache configuration tells your web server to display a directory listing of any web site directory that does not have a default web page (index.html or index.php). That means that, if you create subdirectories below /Library/WebServer/Documents, the contents of each one will be shown to any visitor that guesses the name of the directory. If you happen to have your tax returns stored there, you see the problems this might cause. To demonstrate what I'm talking about, let's create a directory and then access it with a web browser. Open a Terminal window and switch to root access: sudo su. Now create a directory called emrem under your main web site: mkdir /Library/WebServer/Documents/emrem. Switch to your web browser and access the new site: http://localhost/emrem/. See what I mean. If you had filled emrem with documents, they would be accessible to anyone on the Internet. The same default applies to your personal web site at http://localhost/~username and subdirectories created in your Sites folder. For security's sake and your own peace of mind, I prefer defaults which specify that the contents of directories not be displayed unless you expressly authorize it. So here's how to fix it. Switch back to your Terminal window with root access. Move to the Apache configuration directory: cd /etc/httpd. Now let's edit the Apache config file carefully: pico httpd.conf. Search for the word "indexes": Ctrl-W, indexes, then enter. We're looking for every line in the config file that begins with the word "Options" and contains the word "Indexes." This probably won't apply for the first match of the word "Indexes" so move the next occurrence of the term: Ctrl-W then enter. You should get a match on this one. Position the cursor under the "I" in Indexes and press CTRL-D until the entire word is deleted. Then search for the next match, and repeat the drill until you get to the bottom of the file. Now save your changes: CTRL-X, Y, then enter. Now stop and then restart Apache for your changes to take effect (covered in our Apache tutorial). Then access http://localhost/emrem/ again, and you should get an access denied message.

    Password-Protecting Web Site Directories. There also will be times when you want to build web sites on your server which are available over the Internet, just not to everybody. The easiest way to accomplish this is to prompt for a username and password to log in to certain sites before any access is provided. Apache handles this for any web browser, but you first have to enable it. Then you need to build a password file and store it where Apache can find it, but your web site vistors cannot. And finally, we need to insert an .htaccess file in every directory that you want to password-protect for Internet access.

    Configuring default htaccess file. To get started, Ctrl-Click here and Download the Linked htaccess File to your Desktop. Do not save the file with a leading period in the file name. We'll do that later. Open Finder, click on your local hard disk, and navigate to the /Library/WebServer folder. Now Click-And-Drag the htaccess file on your Desktop to the /Library/WebServer folder. Close your Finder window, and then open a Terminal window. Switch to root user access: sudo su. Provide your admin password if prompted. Now we want to clean up the ownership and permissions for our sample htaccess file so move to the directory where we put the file: cd /Library/WebServer. Make root the owner of the file: chown root htaccess. Make admin the group for the file: chgrp admin htaccess. Now set the file permissions for world read access only: chmod 774 htaccess.

    Configuring Apache for Password-Protected Directories. Now we have to configure Apache so that we can password-protect directories. The default Apache configuration would ignore our .htaccess file. Using your Terminal window with root access, move to the Apache configuration directory: cd /etc/httpd. Now let's edit the config file carefully: pico httpd.conf. Search for the word ".htaccess": Ctrl-W, .htaccess, then enter. This will position the cursor on a comment about using .htaccess files to override Apache settings. Immediately below the comment is a line which begins with the word "AllowOverride." We want to replace the word after AllowOverride with the word "All" (without quotes). Move the cursor to the beginning of the word to be deleted and press Ctrl-D until the word is deleted. Then type All. Save the config file: CTRL-X, Y, then enter. Now stop and then restart Apache for your changes to take effect (covered in our Apache tutorial).

    Building a Password File. The password file is where Apache looks to determine whether one of your web site visitors (including you) is allowed access. There are a couple tricks to this. First, you want to put the file where Apache can read it, but your web visitors cannot. And you want to be careful not to insert blank lines in the file with just a colon. That basically lets everyone in. The format for the file is username:password, each on a separate line. And the password are encrypted. Here's how to do it. Open a Terminal window and switch to root access: sudo su. Now let's move to the directory where we'll put the password file: cd /usr/local. We're going to name our password file users.pw to match the htaccess file that you already downloaded. To create the file and erase any existing file without warning type: htpasswd -c users.pw admin. Think up a password you can remember, and you'll be prompted to type it twice. Now let's verify that the file was created: cat users.pw. You should see the word admin, then a colon, and then your encrypted password. To add additional users to your existing file, just type: htpasswd -b users.pw username password. Remember, if you accidentally use the htpasswd -c syntax a second time, you will overwrite your existing file and all of its entries. So be careful.

    Password-Protecting A Directory. The way you password-protect a given directory on your web site is to copy the htaccess file we downloaded earlier into the desired directory, and name it .htaccess (with a leading period). So let's try it. Move to the nerd directory we built previously: cd /Library/WebServer/Documents/nerd. Now copy the htaccess file into the directory: cp /Library/WebServer/htaccess .htaccess. Close your web browser and reopen it to http://localhost/nerd/ and you should be prompted for a username and password. Type in admin and the password you made up, and you should be admitted. If you're not prompted for a username and password, you probably forgot to restart your Apache web server after updating the Apache config file. If you can't get in with the the username and password you thought would work, just recreate the file, and try again. Suppose you change your mind and want to remove password protection from a directory. Switch to root access with Terminal: sudo su. Move to the directory: cd /Library/WebServer/Documents/nerd. And then delete the .htaccess file: rm .htaccess. You may have to change our browser and reopen it for the changes to take effect.