From e4d967be5e306de64b7dbaee82dcd37b4485f44f Mon Sep 17 00:00:00 2001 From: mjfernez Date: Sun, 14 Nov 2021 17:23:55 -0500 Subject: Added meta tags. Added HTMLCSS tutorial --- tutorials/www/how-to-make-this-site.html | 60 +++++++++++++++++++------------- 1 file changed, 35 insertions(+), 25 deletions(-) (limited to 'tutorials/www/how-to-make-this-site.html') diff --git a/tutorials/www/how-to-make-this-site.html b/tutorials/www/how-to-make-this-site.html index f440c1b..f84414e 100644 --- a/tutorials/www/how-to-make-this-site.html +++ b/tutorials/www/how-to-make-this-site.html @@ -17,31 +17,37 @@

What is a web server and how do I run one?

TL;DR a web server is just a program that lets other computers on a network view files in a chosen folder. All you need to do is download a web server: apache and nginx are popular ones, but you can easily program your own with web frameworks like Flask or Facil

-

You can run a web server for free right now. If you're on windows go download Apache for Windows here and follow the set up guide here. If you're on Linux, you probably already have it installed.

-

Find the configuration file in "sites-available/default" (on windows, this may be led by C:FilesSoftware Foundation ). You'll see something like the following:

-
<VirtualHost *:80>
-    ServerAdmin webmaster@localhost
+
You can run a web server for free right now. These instructions will be for Linux just for consistency since I'm as used to setting this up on a Windows server. If you've never used Linux, don't be scared! It's very easy to setup and manage in Windows now with Windows Subsystem for Linux. If you're on Windows, follow their guide here. It should be pretty straightforward, but if you have any issues: 1) Make sure you check your Windows version as noted in the "Prerequisites," 2) Try a different distribution, like Debian with wsl --install -d Debian. Once you're at a command prompt, come back here.

+
There are many web servers out there, but I like nginx since the configuration file is a bit easier to read than others. So let's install it.

+
$ sudo apt install nginx

+
On Ubuntu or Debian, nginx puts the default server configuration in the folder "/etc/nginx/sites-enabled/default". Open that in a text editor like vim or nano, and you should see something like this (neglecting the commented lines starting with "#"):

+
server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
 
-    DocumentRoot /var/www
-    <Directory />
-            Options FollowSymLinks
-            AllowOverride None
-    </Directory>
-    <Directory /var/www/>
-            Options Indexes FollowSymLinks MultiViews
-            AllowOverride None
-            Order allow,deny
-            allow from all
-    </Directory>

+    root /var/www/html;
+
+    server_name _;
+
+    location / {
+        # First attempt to serve request as file, then
+        # as directory, then fall back to displaying a 404.
+        try_files $uri $uri/ =404;
+    }
+}

For now, you don't need to change anything, so don't worry about what it means.

-

But do note the directory set on "DocumentRoot," which may differ for you. This is where the web server looks for files and folders. So let's put some stuff there! Put whatever, a picture, a text file. Run the server, then go to your web browser and type: "http://localhost". You'll find a directory with your files in it! And you can access them at "http://localhost/filename.extension"

+

But do note the directory set on "root." This is where the web server looks for files and folders. You can change this, but usually, you don't need too. Any files or folders you put under "/var/www/html" will be included as part of the web server when viewed in a web browser.

+

So let's put some stuff there! If you're on WSL as mentioned before, you can access your C drive at "/mnt/c". So let's say you had a folder of cat pics in "C:\Users\username\Desktop\cats"; you can copy this into your website by running:

+
$ cp -vr /mnt/c/Users/username/Desktop/cats /var/www/html
+

Run the server, then go to your web browser and type: "http://localhost". You'll find a directory with your files in it! And you can access them at "http://localhost/foldername/filename.extension". Following our previous example, you can get your cats at "https://localhost/cats".

+

Getting from localhost to the internet

The problem is, only you and others on your home network can visit your site right now.

Your computer's most likely behind your router's firewall, which will not allow any traffic in. You'll need to forward a port from your router (port 80 is for HTTP) to point to the device hosting the server.

Router's differ when it comes to to exact configuration, but MOST routers will have some kind of steps similar to this:

  1. Click "Advanced" then click "Firewall"

  2. Scroll to the add new rule form

    3. -

  3. Put in the following values

    4. +

  4. Put in the following values:

So what should I do

-

Most people will find it cheapest to rent from a VPS provider. VPS stands for "Virtual Private Server," which just means an Internet-connected server stored somewhere in someone's private data center. You pay them for the storage and to keep your server online and accessible.

+

As mentioned above, it kind of depends on what your hosting. A small game server can be run just fine from home. A website with an email server and other bells and whistles is another thing.

+

In those cases most people will find it cheapest to rent from a VPS provider. VPS stands for "Virtual Private Server," which just means an Internet-connected server stored somewhere in someone's private data center. You pay them for the storage and to keep your server online and accessible.

Once you've got enough content and a way to manage it, all you have to do is just copy all that stuff over to your VPS. Usually that looks like:

-

And in a nutshell that's it. There's fancy stuff of course, like you'll want a domain name probably and I'll talk about that too, but at this point, your stuff is on the Internet! Just tell your friends to paste in your public ip address (your VPS provider will tell you this) and there's your stuff!

-

+

And in a nutshell that's it. There's fancy stuff of course, like you'll want a domain name probably and I'll talk about that too, but at this point, your stuff is on the Internet! Just tell your friends to paste in your public ip address (your VPS provider will tell you this) and there's your stuff!

What's a "Domain Name"

Expecting people to save your IP address is not really a good idea though. It's better to have an easy name they can remember. Enter DNS: the Domain Name System. If an IP address is a telephone number, DNS is the telephone book. ICANN and IANA host the top level servers, which point to local domain registries who buy names like "mjfer.net" on behalf of their customers.

The actual business of domain names is complicated and not something I understand all that well. But setting up a domain name to point to an IP address is typically easy, once you've chosen a domain registrar (just search that online and you'll find a ton) and name you like. Be aware that shorter names are rarer and usually more expensive and different TLDs--that is, the ending parts like ".net" and ".io,"--will be priced differently.

@@ -123,11 +130,13 @@

The reason for the second record is in case you want to set subdomains on the same IP address like "git.mjfer.net".

Wait a few minutes for the DNS servers to update and you should now be able access your server by name.

-

Setup HTTPS and TLS, a false sense of security

+

Setup HTTPS and TLS, for some sense of security

A decade of half-though through security advice has convinced everyone that HTTPS and only HTTPS is secure. This is simply not true. Using HTTP alone doesn't inherently make you insecure and using HTTPS doesn't automatically guarantee the app your communicating with is secure.

-

What HTTPS means is that the data you send to the server and the data the server sends back is encrypted. This only provides security in contexts where you're entering information like a credit card number or a password; or in the reverse case when the server is authenticating you. In those cases you need HTTPS. But if you're just requesting a text document, or a cat picture, and not sending any data, HTTP is perfectly acceptable for retrieving that information. HTTPS is also no guarantee that the information your retrieving is actually what you want. There's plenty of malware and other nasty things over HTTPS, just because it's sent encrypted doesn't make it safe though.

+

What HTTPS means is that the data you send to the server and the data the server sends back is encrypted. This only provides security in contexts where you're entering information like a credit card number or a password; or in the reverse case when the server is authenticating you. In those cases you need HTTPS. But if you're just requesting a text document, or a cat picture, and not sending any data, HTTP is perfectly acceptable for retrieving that information. HTTPS is also no guarantee that the information your retrieving is actually what you want. There's plenty of malware and other nasty things over HTTPS, just because it's sent encrypted doesn't make it safe.

Web browsers have largely responded to this fact by assuming that HTTP is always insecure and printing a warning when you visit a site without HTTPS enabled. Unfortunately, most users interpret this to mean the site is somehow dangerous, even if it doesn't collect any information about the user. Because of that, most you will want to go the extra mile to make your visitors feel warm and fuzzy inside and implement HTTPS.

Fortunately, this is now much easier than is used to be thanks to LetsEncrypt. LetsEncrypt generously serves as a free certificate authority, which allows you to generate signed certificates that are recognized by every web browser in the world. The tool they recommend, certbot is painless to install. I've rarely had to do much more than "certbot certonly" and follow the prompts to get a certificate. Once you've obtained one, add it to apache or nginx, switch the port to 443 instead of 80 and bam, you've got HTTPS!

+

Perspective

+

What I tried to present here was the brief overview of how you get from files on your computer to files accessible of the Internet. The full picture though is something you need to seek out yourself. I intend to add more guides on how I manage this site, but there is so much material out there already it hardly feels worth adding to. I hope at the very least to have got you through the start.

References

  1. https://dataswamp.org/~solene/2021-07-23-why-selfhosting-is-important.html
    2. @@ -135,6 +144,7 @@
  2. https://www.howtogeek.com/362602/can-you-host-a-web-server-on-your-home-internet-connection/
  3. https://googiehost.com/blog/create-your-own-server-at-home-for-web-hosting/
  4. https://en.wikipedia.org/wiki/ICANN
    5. +
  5. https://landchad.net/

Terms of service for certain ISPs

There's always more ISPs out there, but I went the one's I'm most familiar with in my area. I'll probably expand this as I go, let me know if there are important ones in your area worth listing here for others.

-- cgit v1.2.3