Boy Scout Troop 22

About This Website: Technical Details

The Short Version: This site uses the thttpd webserver to deliever content from a small number of static HTML files and Perl CGIs. The CGIs are used to deliver a calendar, news, and a photo gallery. The photo gallery CGI depends on ImageMagick for photoresizing and rotation. The static pages and CGI HTML templates share a couple of cascading style sheets (CSS) to maintain a consistent format. The pages, templates, and CSS were all created using plain text editors such as vi and BBEdit. The site is hosted on an older Macintosh G4⁽¹⁾ running OS X 10.4, situated on a 3MB/768K DSL connection.

The Long Version: This website is mostly comprised of static pages written by our Scouts to fulfill a requirement of the Communications Merit Badge in 2006. It is served using thttpd, a fast web server that works well even on very slow host computers. In 2007, the site was redesigned using cascading style sheets (CSS). This made the format of the static pages a bit easier to maintain and update. The use of CSS also enabled us to add a menu navigation feature without the need for JavaScript⁽²⁾. A template page was created, which included the headers, menu code, and footers. This allowed the legacy Scout-created content to be cut and pasted into a new site design, and provided a starting point for any new pages we wanted to create, such as this one.

Eventually, keeping the Troop calendar, news, photo gallery, and address book manually updated became too unwieldy, and we resorted to off-the-shelf Common Gateway Interface (CGI) programs to handle these more dynamic pages. we use a suite from Fuzzy Monkey (My Calendar, My Photo Gallery, My Address Book, and My Blog) which have the advantage of being relatively simple to configure, and - thusfar - secure⁽³⁾.

We initially posted the Troop's email address on the site, with the result that it soon ended up on many a spammer's address list. We replaced it with a web form and the nms form mail CGI⁽⁴⁾. This allowed us to hide the Troop's current email address.

We added a webcam photo to the home page as a bit of fluff. The photo is updated every 10 seconds by CamSpinner, which uses the macam driver to connect to a Logitech Quickcam Pro 4000. The time and date stamp is updated by a sed script which edits a home page template and writes it over the current home page once a minute. Eventually, we'll add an adapter to fit an SLR lens to the Quickcam.

The static pages and CGI templates were originally written manually, using whichever text editor suited the author of a particular page. The webmaster favors vi and BBEdit. BBEdit includes HTML templating abilities that we'll be making more use of in the future, if only to simplify updating the CSS menus on all of the static pages.

Pages can now be created and edited on-line via the CGIs editpage.cgi (slightly modified to only create new pages), and HTML-On-The-Web (HOW), respectively.

Security: A number of pages are private to the Troop, including the address book, and the administrative portions of the calendar, photo gallery, and blog. A conventional .htaccess/.htpasswd security system is used, which enforces a username/password. Administration of the usernames/passwords is handled using htedit, which is no longer available. thttpd does not support SSL⁽⁵⁾, so the login process is in cleartext. As a practical matter, this hasn't yet become an issue, as only the webmaster has administrative access, and remote administration is tunneled through SSH.

Performance: The site is linked via an ADSL connection using a static address. Although the static portions of the site and the visitor portions of the CGIs worked well on an iMac DV (400Mhz, 1GB RAM), performance within the administrative portions of the CGIs wasn't very satisfactory⁽⁶⁾ until the site was rehosted on a donated dual processor Mac G4 in 2008 (2x500MHz, 1.5GB RAM).

The layout of the site is very conventional: a graphic soon to follow

Footnotes:

⁽¹⁾ A donated computer. This stock 1999 400MHz G4 system was upgraded with a used, dual 500MHz processor, Apple-branded daughtercard purchased on eBay, 1.5GB RAM using spare memory from the webmaster's junk drawer, and an extra 35GB disc pulled from his son's old PC. If this were an especially high traffic site, we could squeeze out more performance by replacing OS X with Linux. A non-Apple daughtercard might not be compatible with Linux.

⁽²⁾ Menus can make a site easier to navigate, at the expense of making the web pages' HTML more complex. However, the CSS-based menus are no more complex than the simpliest JavaScript menus, don't depend on a user having JavaScript enabled, and degrade gracefully if the user's browser doesn't support CSS.

⁽³⁾ Both My Photo Gallery and My Blog allow comments, but lacking a moderation feature, are susceptable to comment spam. This isn't too much of an issue with My Blog, whose administration interface makes it easy to delete a comment. In My Gallery, you'll have to resort to the terminal console to find and delete the offending text file or MySQL record. There is an option to disable comments. In the webmaster's experience, spammers can still address My Gallery directly to add comments, but they won't be visible to anyone. However, if you intend to reenable comments in the future, you'll have to manually clear out the spam, first. We've patched our copy of My Photo Gallery to completely shut out spam, but at some point we'd like to either add comment moderation, or go with another photo gallery CGI.

⁽⁴⁾ The nms formmail cgi can be configured to forward mail to one or more addresses hardcoded into the CGI, which saves a lot of hassle when a spammer eventually detects your email contact page. nms formmail was designed as a replacement for the very common - and very insecure - FormMail CGI from Matt's Script Archive. Do Not Use Matt's FormMail on a public webserver. Trust us when we say that it will be discovered, and used to relay spam.

⁽⁵⁾ You can provide thttpd with an SSL wrapper by using stunnel. A quick how-to for Linux/BSD/OS X systems is available here. An alternative fast, light-weight web server with native SSL support is Cherokee.

⁽⁶⁾ Particularly My Photo Gallery, which leans heavily on ImageMagick for photo resizing and rotations.