This section deals with deploying Codestriker using Apache, on either a UN*X machine or Win32. Codestriker can run as an ordinary CGI script, which allows it to run under any CGI-complaint webserver. The following configuration details are specific for the Apache webserver (http://httpd.apache.org), which is available for download for both UNIX and Window platforms. Apache should be already available for most UNIX distributions. Apache 1.X or 2.X can be used for Win32 systems deploying Codestriker as a CGI script. For Win32 mod_perl installations, Apache 1.X is recommended.
Note any Codestriker or Apache configuration changes require the Apache server to be restarted. For UNIX, a command like the following is required:
/etc/init.d/httpd restartor
/etc/init.d/apache restart
For Windows, the Apache shell window can be terminated by pressing ^C, and started from the Windows menu. There are also shortcuts from the menu for editing the Apache configuration file.
If you installed Codestriker into /var/www/codestriker/codestriker-X.Y.Z, the configuration you need in your apache.conf file (normally located in either /etc/httpd.conf, /etc/apache.conf or /etc/httpd/conf/httpd.conf) is the following:
ScriptAlias /codestriker/ /var/www/codestriker/codestriker-X.Y.Z/cgi-bin/ Alias /codestrikerhtml/ /var/www/codestriker/codestriker-X.Y.Z/html/ <Directory "/var/www/codestriker/codestriker-X.Y.Z/cgi-bin/"> AllowOverride None Options ExecCGI Order allow,deny Allow from all SetHandler cgi-script </Directory> <Directory "/var/www/codestriker/codestriker-X.Y.Z/html/"> AllowOverride None Allow from all </Directory>For Windows, the configuration is the same, but filename paths should use '/' rather than '\'. An example configuration could be the following, if Codestriker was installed in c:\codestriker\codestriker-X.Y.Z.
ScriptAlias /codestriker/ "C:/codestriker/codestriker-X.Y.Z/cgi-bin/" Alias /codestrikerhtml/ "C:/codestriker/codestriker-X.Y.Z/html/" <Directory "C:/codestriker/codestriker-X.Y.Z/cgi-bin/"> AllowOverride None Options ExecCGI Order allow,deny Allow from all SetHandler cgi-script </Directory> <Directory "C:/codestriker/codestriker-X.Y.Z/html/"> AllowOverride None Allow from all </Directory>
Using mod_perl provides performance benefits for Perl-based web applications. For CGI deployments, as described in the previous section, each HTTP request will create a new Perl interpreter, which needs to initialise, and then parse the Codestriker source code. This may add significant latency for each HTTP request.
Using mod_perl, a pool of Perl interpreters which have already parsed the Codestriker source code is maintained, so that whenever an HTTP request is issued, the time spent creating a new Perl interpreter and the parsing of the Codestriker code is removed.
Mod_perl is available for download from http://perl.apache.org. For most UNIX distributions, it is available by default with Apache. For installing mod_perl under Windows, http://www.webmatrix.net/log/modperl-win32 contains installation information. You should be able to install it by typing:
C:\> ppm PPM> rep add theory http://theoryx5.uwinnipeg.ca/cgi-bin/ppmserver?urn:/PPMServer58 PPM> install mod_perlNote mod_perl has known to be a little flaky under Windows. Make sure you get Codestriker working deployed as a CGI script before trying to use mod_perl.
The following shows the configuration settings for an Apache 1.X server with mod_perl enabled, for a Codestriker distribution installed in /var/www/codestriker/codestriker-X.Y.Z.
Alias /codestriker/ /var/www/codestriker/codestriker-X.Y.Z/cgi-bin/ Alias /codestrikerhtml/ /var/www/codestriker/codestriker-X.Y.Z/html/ <Directory "/var/www/codestriker/codestriker-X.Y.Z/cgi-bin/"> SetHandler perl-script PerlHandler Apache::Registry Options +ExecCGI </Directory> <Directory "/var/www/codestriker/codestriker-X.Y.Z/html/"> AllowOverride None Allow from all </Directory>The settings for Windows are the same, only the pathnames will be different, as per the CGI configuration in the previous section.
For extra security, Codestriker supports Perl taint-mode, so it is advisable to also have the following option in your Apache config:
PerlTaintCheck OnNote if you are using LXR on the same webserver, this option cannot be used. You'll also need to remove the
-T argument from
bin/codestriker.pl.base, and re-run
install.pl again (see Section 2.3) if you want to use
Codestriker and LXR.
Also note there is a strange issue with Perl 5.8 on Win32, the open3() call and taint mode. For Win32 users, don't enable tainted mode.
For Apache 2.X, make sure the mod_perl module is loaded when Apache starts. Near the top of the Apache config file, you should see commands like the following:
LoadModule perl_module modules/mod_perl.so PerlModule Apache2If these commands aren't present, and a Perl startup file is not being used, make sure these are added in.
The Codestriker configuration for Apache 2.X is very similar, the only change is the name of the PerlHandler.
Alias /codestriker/ /var/www/codestriker/codestriker-X.Y.Z/cgi-bin/ Alias /codestrikerhtml/ /var/www/codestriker/codestriker-X.Y.Z/html/ <Directory "/var/www/codestriker/codestriker-X.Y.Z/cgi-bin/"> SetHandler perl-script PerlHandler ModPerl::Registry Options +ExecCGI </Directory> <Directory "/var/www/codestriker/codestriker-X.Y.Z/html/"> AllowOverride None Allow from all </Directory>
To enable Perl taint mode checking, using the following option:
PerlSwitches -T
As mentioned in the previous section, Win32 users should not enable this mode.