Web2py is “full stack” Python Web Framework, Lighttpd is fast, multi-threaded HTTP server. I’ll present a method to connect web2py-based application under lighttpd.
I assume the following setup is already done:
- A domain named “myapp.com” is configured to point to your server
- Python / lighttpd is already installed on server
- Your web2py app is placed under /var/www/web2py
- Your web2py app has application “myapproot” configured
First of all, you have to configure lighttpd to locate web2py application, create file /etc/lighttpd/conf-enabled/myapp.conf:
Recently I observed that AdWords-generated traffic dissapeared from Analytics panel. I thought: WTH?
I checked the logs and saw that URL called by AdWords:
Generated 403 (Forbidden) server response. That was caused by recent change in Lighttpd filtering rules. I was paying for AdWords traffic but customer hit 403 error page. Ops!
In order to easily spot such problems in future I created the following scanner to easily find all error server responses.
awk '$9>=400' /var/log/lighttpd/access.log | less
If you are boring of 404 errors you can filter them out as well (leaving only 403 / 500 errors for investigation):
awk '$9>=400 && $9 != 404' /var/log/lighttpd/access.log | less
I discovered that the following URLs were inaccessible:
- /robots.txt (exclusion rules for web crawlers)
- /favicon.ico (icon used by web browsers)
Next step could be automation of this check (cron job that will send an alert if errant responses count is higher than N). It’s left as exercise for the reader.
When your customer enters your website they do not want to make their passwords / credit card information to be visible for everyone (sniffing local network or one of routers in the way). That’s why SSL (Secure Socket Layer) was born. Is simple words it wraps HTTP connection in a secure tunnel.
Another story is man-in-the-middle attack possibility or faking DNS servers response. You (as customer opening the webpage) should ensure that you are connecting to website you intended to (fake bank websites are big risk for your money, so it’s important). That’s why certification is closely bundled with connection encryption.
I’ll show you how obtain and install SSL certificate under Lighttpd web server to make your website more trustworthy for your customers.
In Agile world there are no immutable constraints. Your requirements may change, libraries used may be replaced during development, application may outgrown your current server setup etc. I’ll show you how to make web application migration between servers as fast as possible: with minimum downtime and data consistency preserved (techniques also apply to hosting providers environment).
You may say: moving a site? No problem: just copy your files, database and voila! Not so fast. There are many quirks you may want to handle properly:
- DNS propagation time
- Database consistency
- Preserve logs
- Preserve external system configuration
- Environment change impact integration tests
Lighttpd is smaller and faster alternative to Apache web server. You can handle bigger traffic with the same memory and CPU constraints (it’s important on virtual servers where resources are limited). Let’s see how we can convert existing Apache+FastCGI stacks into Lighttpd:
There’s special syntax to add options to all virtuals:
dir-listing.activate = "disable"
server.follow-symlink = "enable"
In above example two config values are set: one is responsible for disabling directory listings (“Options +Indexes” in Apache), second for FollowSymlink counterpart.