Do Your Really, Really Need to Run Your Own Webserver?
  Some Practical Alternatives and Suggestions
Anne Salemme MIT IT Partners Conference October 24, 2002

Introduction

"No Cost" Option:
 Use web.mit.edu

"Some Cost" Option:
 Run a content-less webserver

"Some Cost" Option:
 Let W91 do it

"Last Resort" Option:
 Do-it-yourself

Webserver management essentials

Useful links

Example: webmail.mit.edu

About me

Last Resort: Do It Yourself

First, get an Athena locker so you can have a persistent URL and a nice, backed-up place to keep your website. Then, see if you can use web.mit.edu to serve the website. If you can, you don't need to run your own webserver.

To make a dedicated system on which to put a production webserver, you have to know how to find, build, test, debug, build again, and manage changes for the software components that go into the webserver. My general approach is:

  • Get an Athena locker so you can have a persistent url for your website, and a nice, backed-up place to keep your website
  • Get a CNAME to use for the webserver name (don't use the actual ANAME, you will regret it)
  • Get an appropriately-sized system and install Athena on it
  • Make any modifications for special disks, filesystems, set the root password, etc.
  • Run approproate 'mkserv' options
  • Verify that all basic sysadmin tasks are done: startup, shutdown, backup, etc.
  • Add the webserver in its own tree (e.g., /var/whatever, don't install it with some parts in /usr, some in /etc, some in root, etc. You want to KNOW where everything is when it comes time to update. That is, don't use the default installation paths, always specify where you want to install things. Tinker with the configuration until you get it right
  • For a complicated webserver, I will build it, test it, and tinker with its config files gradually, starting with a simple webserver, verify that it works, then adding one component at a time and tinkering, verifying, starting over as necessary, until the whole thing is done.
  • If you are using the apache-ssl locker, install things exactly as instructed in the locker
  • Add your webpages, try it out, watch for errors, fix them
  • Figure out how to roll old one out of service, new one in, and how to roll back if things don't work as expected
  • Generate daily and weekly reports to show usage
  • Verify that all sysadmin tasks are done and work as expected: startup, shutdown, backup, log-rolling, report-generating, system monitoring, etc.
  • Keep up with security advisories, apply fixes, and keep all software and hardware up to date
Updated October 23, 2002. Copyright © 2002 Massachusetts Institute of Technology
Written by salemme@mit.edu