Web based statistics and Security: Difference between pages

From The DXSpider Documentation Wiki
(Difference between pages)
Jump to navigation Jump to search
(Created page with "==Web based statistics== ===Generic installation=== From version 1.50, you can use the freeware software MRTG to produce really nice graphical statistics on your web site. For an example try http://www.gb7mbc.net/mrtg/stats.html. The following should help you get it all working. First you need to download the latest version of MRTG from http://people.ee.ethz.ch/~oetiker/webtools/mrtg/. You will also need the following files.. libpng-1.0.14.tar.gz zlib-1.1.4.tar....")
 
(Created page with "==Security== From version 1.49 DXSpider has some additional security features. These are not by any means meant to be exhaustive, however they do afford some security against piracy. These two new features can be used independently of each other or in concert to tighten the security. ===Registration=== The basic principle of registration is simple. If a user is not registered by the sysop, then they have read-only access to the cluster. The only thing they can act...")
 
Line 1: Line 1:
==Web based statistics==
==Security==


===Generic installation===
From version 1.49 DXSpider has some additional security features.  These are not by any means meant to be exhaustive, however they do afford some security against piracy.  These two new features can be used independently of each other or in concert to tighten the security.


From version 1.50, you can use the freeware software MRTG to produce really nice graphical statistics on your web site.  For an example try http://www.gb7mbc.net/mrtg/stats.html.
===Registration===


The following should help you get it all working.
The basic principle of registration is simple.  If a user is not registered by the sysop, then they have read-only access to the cluster.  The only thing they can actually send is a talk or a message to the sysop.  In order for them to be able to spot, send announces or talks etc the sysop must register them with the set/register command, like this ...


First you need to download the latest version of MRTG from http://people.ee.ethz.ch/~oetiker/webtools/mrtg/.  You will also need the following files..
set/register g0vgs


libpng-1.0.14.tar.gz
The user g0vgs can now fully use the clusterIn order to enable registration, you can issue the command ...
zlib-1.1.4.tar.gz
  gd-1.8.3.tar.gz


Login to your machine as the root user, put all the downloaded files in /usr/local/src/ (or wherever you prefer) and untar and compile them.  All the information to compile and install these sources come with them.  After compilation and installation, you will find MRTG in /usr/local/mrtg-2.
  set/var $main::reqreg = 1


Now copy all the files in /usr/local/src/mrtg-2.9.22/images/ to /spider/html/mrtg/
Any users that are not registered will now see the motd_nor file rather than the motd file as discussed in the Information, files and useful programs section.


You now need to make 2 symbolic links like below...
Entering this line at the prompt will only last for the time the cluster is running of course and would not be present on a restart. To make the change permanent, add the above line to /spider/scripts/startup. To read more on the startup file, see the section on Information, files and useful programs.


ln -s /usr/local/mrtg-2/bin/mrtg /usr/bin/mrtg
To unregister a user use unset/register and to show the list of registered users, use the command show/register.
ln -s /usr/local/mrtg-2/lib/mrtg2 /usr/lib/mrtg2


Now login to the cluster with your sysop callsign and run the command "mrtg all".
===Passwords===


Now you are nearly there! Login as the sysop user and change to the /spider/html/mrtg/ directoryNow run the command indexmaker as shown below...
At the moment, passwords only affect users who login to a DXSpider cluster node via telnet.  If a user requires a password, they can either set it themselves or have the sysop enter it for them by using the set/password command. Any users who already have passwords, such as remote sysops, will be asked for their passwords automatically by the cluster.  Using passwords in this way means that the user has a choice on whether to have a password or notTo force the use of passwords at login, issue the command ...


  indexmaker --output stats.html --columns=1 --title "MRTG statistics for GB7DJK" ../../mrtg/mrtg.cfg
  set/var $main::passwdreq = 1


Changing the callsign for your own cluster callsign of course!
at the cluster prompt.  This can also be added to the /spider/scripts/startup file as above to make the change permanent.


And finally you need to login as the root user and create one last symbolic link.  Where this points will depend on where your html documents are keptFor RedHat systems you use...
Of course, if you do this you will have to assign a password for each of your usersIf you were asking them to register, it is anticipated that you would ask them to send you a message both to ask to be registered and to give you the password they wish to use.


ln -s /home/sysop/spider/html/mrtg /home/httpd/html/mrtg
Should a user forget their password, it can be reset by the sysop by first removing the existing password and then setting a new one like so ...


and for SuSE systems...
  unset/password g0vgs
 
  set/password g0vgs new_password
  ln -s /home/sysop/spider/html/mrtg /usr/local/httpd/htdocs/mrtg
 
If you now point your browser to your website as below it should all be happening!
 
  http://www.xxx.xxx/mrtg/stats.html
 
Of course, to get the stats to update, you need to add some information in the spider crontab file as below...
 
# Update stats for mrtg on website
00,05,10,15,20,25,30,35,40,45,50,55 * * * * run_cmd('mrtg all')
 
This will update the site every 5 minutes.
 
===Ubuntu 8.04 Installation===
 
To install on the latest versions of Ubuntu (8.04 at the time of writing) is really very simple.  Either use Synaptic or apt-get install to get the latest mrtg.  Once you have done this and it is installed, do the following..
 
chmod 01777 /var/lock mrtg /var/lib/mrtg
 
Now log into the cluster using your sysop console and issue the command..
 
mrtg all
 
log in at the command line as the user 'sysop' and type the following commands..
 
cd /spider/html/mrtg
 
indexmaker --output stats.html --columns=1 --title "MRTG statistics for GB7DJK" ../../mrtg/mrtg.cfg
 
Making sure you change GB7DJK to your own cluster node call!
 
Finally create the following symlink
 
ln -s /home/sysop/spider/html/mrtg /var/www/mrtg
 
and all should now be working!  You can create a crontab entry as above.

Latest revision as of 08:21, 1 February 2023

Security

From version 1.49 DXSpider has some additional security features. These are not by any means meant to be exhaustive, however they do afford some security against piracy. These two new features can be used independently of each other or in concert to tighten the security.

Registration

The basic principle of registration is simple. If a user is not registered by the sysop, then they have read-only access to the cluster. The only thing they can actually send is a talk or a message to the sysop. In order for them to be able to spot, send announces or talks etc the sysop must register them with the set/register command, like this ... 

set/register g0vgs

The user g0vgs can now fully use the cluster. In order to enable registration, you can issue the command ... 

set/var $main::reqreg = 1

Any users that are not registered will now see the motd_nor file rather than the motd file as discussed in the Information, files and useful programs section.

Entering this line at the prompt will only last for the time the cluster is running of course and would not be present on a restart. To make the change permanent, add the above line to /spider/scripts/startup. To read more on the startup file, see the section on Information, files and useful programs.

To unregister a user use unset/register and to show the list of registered users, use the command show/register.

Passwords

At the moment, passwords only affect users who login to a DXSpider cluster node via telnet. If a user requires a password, they can either set it themselves or have the sysop enter it for them by using the set/password command. Any users who already have passwords, such as remote sysops, will be asked for their passwords automatically by the cluster. Using passwords in this way means that the user has a choice on whether to have a password or not. To force the use of passwords at login, issue the command ... 

set/var $main::passwdreq = 1

at the cluster prompt. This can also be added to the /spider/scripts/startup file as above to make the change permanent.

Of course, if you do this you will have to assign a password for each of your users. If you were asking them to register, it is anticipated that you would ask them to send you a message both to ask to be registered and to give you the password they wish to use.

Should a user forget their password, it can be reset by the sysop by first removing the existing password and then setting a new one like so ... 

unset/password g0vgs
set/password g0vgs new_password
Retrieved from ‘https://wiki.dxcluster.org/index.php?title=Web_based_statistics&oldid=74