The Webhotell at University of Bergen

Helge Opedal Integration and application development IT department - University of Bergen 2012

The Webhotell team

 Raymond, Ronny, Trond and Helge

What do we do?

       Provide solutions for all students and staff so they can publish web-content Upgrading, upgrading, upgrading Monitor uptime and system resources (especially when something goes wrong) Track and prevent hackers and spammers Give user support Resolve bugs and errors reported by users Enable new instances requested by students and staff

Numbers and statistics

 All counts of sites and users and more are performed at 9th of May 2012

”Webhotell”: A collection of several services

 Static HTML service: – Folk (People) – – Org (Organizations) Kurs (Courses)  Dynamic HTML services: – Wiki – – Blog Hospits

Static HTML service

 People, Org and Course – Static HTML with Apache webserver on Linux RHEL – – No PHP, cgi-bin or other dynamic serverside components  People: 750 users personal homepages  Org: 96 sites  Course: 9 sites Examples:  http://folk.uib.no

 http://org.uib.no/tekna/  http://kurs.uib.no/litteraturglobaliseringfortelling/

Wiki service

     A solution for groups to add and change content, mainly text related.

(A wikipedia thingy)

Mediawiki software – PHP, Apache webserver, Postgresql databases 74 wiki instances today 36 extensions (added modular functionality) Examples: – – https://wikihost/itwiki https://it.uib.no/en

Wordpress multisite

       Providing website solutions for student, staff and organizations – User management and extended web content capabilites. Based on Wordpress system; PHP, Apache, Mysql database 165 instances today 67 plugins 33 themes available for everyone (93 themes in total) 573 UiB content contributers (users of WP sites) Examples: – – – – http://eurospheres.org

http://mib.uib.no

http://clara.uib.no

http://dekanblogg-hf.b.uib.no

Hospits

 PHP and Mysql hosting service for students and staff  Self managing hosting service  107 sites  Examples: – http://arenaromanistica.uib.no/ – – http://studblogg.uib.no

http://ecl.cultland.org/

Validating users

 Different solutions: – – – ldap (wiki, people, org, course, hospits) kerberos (some few wiki’s) local users (wiki, blog)

How do users access services to update web-content?

 Web-interface – Blog, Wiki and Hospits  SSH/SFTP – Hospits, People, Org and Course  Samba (smb/cifs) – Folk, Org and Course

Security

     Security breaches: – – Systems like Wordpress and Mediawiki reduces the probability Allowing users to add serverside code increases the probability Static HTML is very safe Hackers like Hospits :-) – – Potential security holes Difficult to test all sites because of variety in programming code provided by users Server security is intact – – – root access is almost impossible to achive Apache user has limited rights Data is secured in version controlled TSM backup system Activites against hacker activity – – – – Email spam controll Nightly clamscan file-scan of all files on Hospits Firewall IPtables restrictions Sites on Hospits with security ”holes” are being closed down and web-content can be moved to the Blog or Wiki.

The future? What do we want

 Self-service – users create their own sites on the fly  Drupal multisite hosting  Database hotel maybe?

– Oracle/Postgresql/Mysql  Expanding core technologies (Python, Postgres, and others)

Thanks

Helge Opedal IT department - University of Bergen