Xitami 1.3c

| iMatix home page | Xitami home page | << | < | > | >>

Administration

Xitami Under Windows

The Windows version of Xitami provides a simple control panel that lets you start, stop, and monitor the web server. The service version is easily installed as an NT service, or can be run as a command-line program. It then accepts the command-line switches described later.

Xitami Under UNIX

Under UNIX, Xitami can run as a foreground process or a daemon. You can run it interactively to test your configuration, and then configure your system inittab or start-up scripts to run it automatically.  

This is the command-line syntax for Xitami:

Syntax: xitami [options...]
Options:
  -r directory     Root directory for web pages (webpages).
  -c directory     Directory for CGI programs (cgi-bin).
  -b portbase      Shift HTTP port 80 by this value.  E.g. to run
                   Xitami on port 7080, do 'xitami -b 7000'.
  -l filename      Log file for output (xitami.log).
  -a filename      Authentication file (xitami.aut).
  -q               Quite mode: no messages or log.
  -s               Server mode: run as background job.
  -t               Trace all socket i/o operations to log file.
  -v               Show Xitami version information.
  -h               Show summary of command-line options.

The -s option has no effect on Windows systems; under UNIX it does the following: Xitami recreates itself as a background process, ignoring the SIGHUP signal.

Testing Xitami

Run Xitami as described in the installation section. Connect with a browser to the URL: http://hostname/ or http://hostname:5080/. If Xitami is correctly installed, you should see a page entitled: "Welcome To Xitami". Please read this page and try the various links and buttons to ensure that Xitami is working correctly. If you install your own web pages, you can still access the Xitami Welcome page by using the URL: http://hostname/default.htm.

Using Xitami

• Xitami assumes that all web pages are in a subdirectory called 'webpages'.
• CGI scripts and programs are in a subdirectory called 'cgi-bin'.
• Directories can be protected by editing the file 'xitami.aut'.
• Logging information is stored in two files: 'xitami.log' logs information and error messages; 'access.log' logs HTTP requests.

These options can be changed. The webpages directory can be any relative (depending on the directory where Xitami is run) or absolute directory (with a full path name).

The cgi-bin directory can be specified in various ways - see the section on CGI programming in Xitami.

Xitami will negotiage with the web browser to find a file when the URL does not specify a filename. It will search for an HTML file called index.htm, index.html, default.htm, or default.html, in that order. If none of these files are found, Xitami returns the directory listing, formatted as an HTML page.

You should install a file called 'index.htm' in the webpages directory, to override the 'default.htm' file used by Xitami.

User Authentication

Xitami supports the HTTP/1.0 Basic Authentication protocol. This is a minimalistic security approach that is quick and supported by all browsers, but which should not be used for very sensitive data, since the user name and password can be extracted from the TCP/IP packets sent by the browser.

The xitami.aut file holds the authentication information. This file is not encoded, but is not accessible by browsers unless you place it in the webpages directory. You can modify this file on the fly; Xitami will reload it after a short delay.

Protection is applied to directories, not individual URLs. This is what an authentication file looks like:

    #  Authorization file for XITAMI
    #  Each [Entry] defines a protected subdirectory
    #  The directory name is followed by user=password pairs
    #
    [stats]
        root=PakYupTon
        admin=QzeCat96
        webmask=local
    [/private]
        jacky=robusta
        sarah=arabica
        jonas=realtime

Each section name specifies a directory; the leading slash is optional. You can specify multi-level directory names, e.g. "private/data/topsecret". Directory names are case-insensitive: Xitami always treats them as lower-case. On systems where names are case-sensitive, "PRIVATE" and "private" are treated as equal by Xitami, and are both handled by the authentication data for [Private]. The user name is also case-insensitive.

The user name 'webmask' is treated in a special manner; this defines the set of valid IP addresses for clients trying to access the directory. If it is "*", all clients are allowed. If it is a mask like '253.122.55.*', it restricts clients to those that match the mask. If it is 'local', it restricts clients to those on the same system as Xitami.

Xitami Log Files

Xitami logs errors and information to the file 'xitami.log'. This file is always opened in append mode. It looks something like this:

96/12/05 20:19:41: I: OPEN port=80
96/12/06 07:22:03: I: OPEN port=80

Xitami logs all HTTP requests to the file 'access.log', which follows the common CERN/NCSA standard for web server log files. The log file format consists of lines in this format:

host - user [DD/Mon/YYYY:hh:mm:ss] "request" ddd bbbb "referer" "agent"

The access log files are automatically cycled: when Xitami starts, it will save any existing file before starting a new access log. The old access log file is given a name based on the date when it was last modified.

| << | < | > | >>
| Contents | Installation | Administration | Configuration | Using CGI | Image Maps | Virtual Hosting | A Beginner's Guide | FAQ | Technical Implementation | Getting Support | Release History | License Agreement

Designed by Pieter Hintjens © 1997 iMatix