Using Apple's Mac OS X Panther

Serving with little to no cost

Having a website can be an awesome experience, but some times paying someone to host your website isn't as fun as it should be. The host might not provide the software or access you require, you may have a low volume site that doesn't require the bandwidth or hardware hosts charge for, or perhaps you just want to save a few bucks a month in hosting costs. Whatever your reason, This document describes the process of setting up a web server in your home using OS X Panther. Besides the software setup, many of these steps can be used to set up a web server in Windows, Linux, or a multitude of other OSes as well, but those are beyond the scope of this article.

Here's what we'll be using:

• A Computer running OS X Panther
• A Broadband Internet Connection
• A Router with Port Forwarding capabilities

You'll also need about an hour (possibly more), and a friend with an internet connection outside your home wouldn't hurt either! Let's get started! Read more for the whole story.

Setting up your static IP address

The computer that will be doing the web hosting will need a static IP address inside your home so that the router always knows where to find it. Before you set your static address, you should ensure you have a working connection to the internet from your OS X computer. Without a working connection, the steps below probably won't work.

To set your IP address, open System Preferences and select Network in the Internet & Network section.

You will be presented with your currently available network connections. In my case AirPort is the only current connection, and it is preselected for me.

I'll now click the Configure? button and choose the TCP/IP tab from the configuration screen.

You'll want to note (and probably write down) your current IP Address, Subnet Mask, and Router (also known as a gateway). In my example that would be:

	IP Address: 192.168.11.4
	Subnet Mask: 255.255.255.0
	Router: 192.168.11.1

These are the address for the computer you're working on, the range of addresses to which this computer should broadcast, and the address of the router, gateway, or other system that allows this computer to get to the internet. A more detailed discussion of these is beyond the scope of this tutorial.

Digression about DHCP

The computers on your network get the values above dynamically from the router. This makes setting up new computers on your network easy (like if friends or family bring their laptops), makes having a regular desktop on your network easy since you don't have to worry about how it connects (just plug it in a go), but does not provide the predictability needed for a server. In a nutshell, Dynamic Host Configuration Protocol (or DHCP), is used by computers (Macs, Linux Boxes, PCs, Unix workstations) to obtain information about how to communicate on the network they are connected to. The DHCP server (in our home, the router), listens for requests for this information, and assigns IPs to computers as needed. IPs assigned by DHCP have a lease time, sometimes several days, other times it could be a few hours or even minutes. The DHCP server (again, the router), will check the status of computers when the lease runs out, and if the computer no longer on the network, it will add that address back to its pool to be given to another computer when requested.

As I said before, this is fine for most computers, but for servers, we always want to know their address. If we don't have the address, we don't know where to find it, and if we can't find it then we can't serve to the outside world. (Note: on higher level networking protocols [smb, Rendevous, DNS, etc.] there are ways of finding systems without knowing their address, but most routers don't support those protocols directly, so they are generally not an option).

So back to setting our static IP. From the Configure IPv4 dropdown, select Manually. This is where the values written down before will come in handy.

Input the values written down before in their appropriate fields. In the DNS Servers box, put the address of the router.

Change the last section of numbers in the IP address to something other then you were originally assigned. Here are the basic rules for IP addresses:

• Each section must be in the range of 1-255
• They should be a number that won't be assigned by DHCP
• They must adhere to the rules of the Subnet mask

The first rule is easy. in my example, I chose 99. This wasn't arbitrary. I knew the Linksys router started using DHCP addresses at 100 and above. So anything below 100 would not be dynamically assigned to another computer. It fit in my subnet mask which tells me that I can use all values from 1 to 255 (a little to complicated to go into the why on that one). And I also know that my router has the address of 1, so I couldn't choose that one.

99 is a safe value for most routers since many start their DHCP blocks at 2, 10, or 100. With 99 being so far away, or not included in the blocks you don't have to worry that another computer will be given the same address.

Once you are comfortable (as comfortable as you can be that is) with your address and subnet values, click the Apply Now button.

Networking should still be working. To check, open Safari (or your favorite web browser that worked before we changed settings) and go to http://www.google.com/ (I use Google because they have a great track record of being available).

Hey, not bad. The hardest part of setting up the web server is done!

Setting up the Web Server

Return to the main System Preferences screen (by click Show All at any other preferences screen) and select Sharing from the Internet & Network category.

Check the Personal Web Sharing option. This will start Apache, a great web server used by over 60% of all web sites (this is no wimpy or scaled down web serving software!). A message will appear below the services list letting you know the address for your computer's website (the address should look familiar) and your personal website as a user of that system.

On the computer you're hosting on, or another computer on your network, you can open a web browser, type in the address of your server (on the computer you've set up your server http://localhost/ should work, any other computer will require you to use your IP address, like http://192.168.11.99/) and you should see a page that looks something like this:

This means you've set up Apache, and it is working correctly.

Setting up your web content

Your website can now be set up by moving the files from your current web host to your new server. Documents that you want to be part of your main site go into the folder

/Library/WebServer/Documents

When you navigate to /Library/WebServer/Documents, you'll notice that there are already several files there. These files are used for the placeholder page (Seeing this instead of the website you expected?) and the documentation pages for Apache. Chances are you won't have any need for these documents (though the PoweredBYMacOSX.gif images are cool). So you can either trash those, or archive them (select them all, right click [or ctrl+click] on them and select Create Archive of 13 files?) and throw everything but the archive into the Trash. What you do with these files is your choice, but index.html will get overwritten when you move your data over, so I would suggest (re)moving them so they don't cause extra clutter. (If you've trashed them and emptied the trash and want them back, I have zipped them up and have them available for download at http://www.hohle.net/files/osxapache.zip.)

After you've cleared out this directory, simply dump your html, image, and other files into that folder. Couldn't be simpler!

Setting up personal web content

The default configuration for Apache in OS X allows each individual user to have its own web space located at http://address/~username where address is the address (either IP or named) and the username is the name of the user defined on the system. My domain name is hohle.net and my user name is jonathanhohle, so my personal web content would be located at http://www.hohle.net/~jonathanhohle/

These files are located at /Users/username/Sites where username is your username (jonathanhohle, in my case). Once again, you can trash the stuff that's in there, its just a placeholder.

Editing these files is not necessary, but it can be fun to keep a personal site around in addition to your main site.

How They Will See You

So in your home network you're serving your website, but the rest of the world can't see it. What the world can see is your router. Your modem is known by your ISP, and your ISP tells your modem to give whatever is connected to that modem a certain IP address. The internet works on IP addresses as one of the basic blocks of how to find other computers, and thankfully, there is nothing that differentiates your IP address from one assigned to one of Microsoft's, Yahoo's, or UCLA's web servers.

That IP address will be how people reach your home, but what tells them which computer is running a web server? Well, that's the routers job. Most routers offer a feature called port forwarding and others offer full DMZ (demilitarized zone) capabilities.

Different internet traffic uses different ports. These are kind of like channels that have been standardized for different services (though nothing is stopping anyone from running any service on any port number). Plain-Jane Web servers run on port 80. When you're typing in a URL into your favorite web browser, the http section of the address automatically associates port 80 with the domain name you've typed in. Fully qualified, a request for a website would look like this: http://www.hohle.net:80/. http letting the web browser know that we'll be getting data via the hyper text transfer protocol, the address being the domain name to look for, and 80 being the port we should try to connect to. Since 80 is the standard however, we don't need to type it in (and most, if not all, browsers also assume the http:// as well).

So when the router receives traffic on port 80, we know that it's a web site request. Using port forwarding, we can tell the router that any requests for port 80 should be forwarded to the web server in our home, or 192.168.11.99 at that same port number, 80.

Another port commonly used for web services is 443. This port is used for secure http traffic (https). As with anything else, you can host secure web sites on port 80 as well, but when someone types in https://www.hohle.net/ their browser is going to expect to connect on port 443.

We've had to forward two ports just for insecure and secure web serving. Now what if we want to open another port for an outgoing mail server? SMTP runs on port 25, so we'd have to add that. What about an incoming mail server? POP3 runs on port 110 and IMAP runs on port 143. That's three ports just for mail! Start adding other services and the ports you must keep track of increase just as quickly. This is where the idea of a DMZ can come in handy. Instead of specifying particular ports and keeping track of which computers they go to, a DMZ says that all traffic will go to one particular block of addresses (on some routers, they may only allow one address). In a DMZ one computer will be exposed to the elements of our harsh internet, while the other systems will lie safely behind the firewall in the router, unexposed to incoming internet traffic. For a Windows computer left unprotected, you're bound to have an infected machine by the time you wake up the next morning, thankfully this tutorial is about OS X which should have no problems handling itself in the wilds of the internet.

So the choice is yours really. If you only want a small number of specific ports available to outside users (not a bad idea) and keep several services just for users in the home (file sharing, etc), then port forwarding is the way to go. If you plan to be using the computer to offer several services to the world, a DMZ might be a more efficient alternative.

Setting Up Port Forwarding ?or- Letting the Router Know Where You Are Open your favorite web browser (preferably on a system that is wired directly to the router) and if you are using a Linksys router, go to 192.168.11.1. Enter your password when prompted.

The following instructions cover set up on a Linksys router, other routers will be similar, but may contain subtle differences. Click the Applications and Games link at the top of the Linksys configuration web page. If you are not brought to the port forwarding page, click the Port Forwarding link near the top of the page. You'll be give a list of boxes were you can enter a name an address, and a port range. Enter the information as described in the table that follows:

Name		Address	Port Min	Port Max	Traffic	Enabled
Web		192.168.11.99	80	80	Both	X
Secure Web	192.168.11.99	443	443	Both	X

While we're in the router we can determine the external IP address. This is the address to which the world has access. Go to the Summary page and look for WAN (wide area network) IP address. Call a friend and ask them to type that address into their web browsers. If they get your site, there's only one more step to go. If they don't, recheck the previous steps ensuring that everything is working at the end of each one. If everything else seems OK, contact your internet service provider and ask if they allow hosting from your home on port 80. If they don't, tell them thank you, and that you'll be getting your service elsewhere from now on ;)

You can skip the other router configurations and move onto the getting your domain to resolve to your home address.

Getting Your Domain to Resolve to Your Home Address

The last step is the money step, and will make your home web server appear just like every other web server.

Basically, you'll tell the company you bought your domain name through how to forward traffic to your IP address.

I use Name Secure to register my domains, and I am going to assume other domain name registrars are the same or similar.

Log onto your account and go to the setup for that domain you want to forward to your home. You should have several options on how your registrar should handle traffic to your name: forward to another URL, forward to an IP address, or change your DNS servers. We're going to choose forwarding to a specific IP address. In the IP address field enter in the IP address that you found in the previous step.

Save your changes and your registrar should tell you that you should see the effects anywhere between 48-72 hours. Here's what's happening. Your registrar has access to DNS (domain name service) servers that store information about your domain name. This information tells computer looking for your domain where to go. Other DNS trunks, or main DNS servers, will look at the data that each one has and cache that data for a given period of time. This way, they are not constantly asking each other what the address of a domain name is. Unfortunately, this means that your domain will not be instantly accessible to the masses. It takes time for your new information to trickle down and become accessible to other people. Once that happens, though, that's it, you're serving web from your home!

Home on the Web

While not for everyone, serving web from your home can be quite a rewarding experience. OS X comes with a lot of great industrial strength tools to serve web pages and an easy interface to set things up. By registering a domain and directing it to your home computer, you can serve web with the best of them without having to spend any more then the cost of broadband. So get out there, serve some web, and let the world hear your voice!