Detecting Country of Website Visitor

We have added GeoIP technology to the main web service which allows us to add this functionality to websites on request.

The GeoIP technology allows you to use Server Variables to detect the country your visitor is located in.This allows website authors to tailor content for specific visitors based on the country they are located in. For example, if targeting Chinese visitors a landing page could be created welcoming visitors in Mandarin and specifying links useful to Chinese visitors trying to make a decision on whether to come to this University.

An example in PHP follows:

<?php
if($_SERVER[‘GEOIP_COUNTRY_CODE’]==’GB’){

echo “Hello you are based in the UK”;

}

?>

You should contact webmaster [@] qub . ac . uk to have this functionality enabled on your website if you wish to use it.

certwatch

Certwatch checks for Apache certificates which are due to expire. By default on Red Hat / Centos there is a cron job in /etc/cron.daily which runs and sends its output to root. To configure it:

vi /etc/sysconfig/httpd

Add a line such as:

CERTWATCH_OPTS=”–period 30 –address my.user@domain.tld”

It is also possible to switch it off with:

NOCERTWATCH=yes

MS Office 2007 Formats in Apache

In Apache 2 I added the following to stop Internet Explorer trying to open these formats as compressed archives (which they actually are) and to open them using the MS Office appliations:

AddType application/vnd.ms-word.document.macroEnabled.12 .docm

AddType application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
AddType application/vnd.ms-powerpoint.template.macroEnabled.12 potm
AddType application/vnd.openxmlformats-officedocument.presentationml.template potx
AddType application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
AddType application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
AddType application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
AddType application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
AddType application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
AddType application/vnd.ms-excel.addin.macroEnabled.12 xlam
AddType application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
AddType application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
AddType application/vnd.ms-excel.template.macroEnabled.12 xltm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx

Apache Server Status OPTIONS *

Checking the Apache server-status page I noticed multiple lines like the following:

29-39 0/0/3162 . 32.26 8949 0 0.0 0.00 186.48 123.111.123.111 mywebsite.co.uk OPTIONS * HTTP/1.0
30-39 0/0/10 . 0.00 24324 0 0.0 0.00 0.04 123.111.123.111 mywebsite.co.uk OPTIONS * HTTP/1.0

The access_log for that website also showed:

123.111.123.111 – – [18/Nov/2009:09:28:44 +0000] “OPTIONS * HTTP/1.0” 200 – “-” “Apache/2.2.3 (Red Hat) (internal dummy connection)” 2468
123.111.123.111 – – [18/Nov/2009:09:35:37 +0000] “OPTIONS * HTTP/1.0” 200 – “-” “Apache/2.2.3 (Red Hat) (internal dummy connection)” 1924

Apparently these are Apache calling itself to keep child processes alive:

When the Apache HTTP Server manages its child processes, it needs a way
to wake up processes that are listening for new connections. To do
this, it sends a simple HTTP request back to itself.

Apache LDAP Authentication to Active Directory

I was testing authentication against Active Directory (LDAP) using Apache 2. The following worked for me in a .htaccess file but only after adding:

LDAPVerifyServerCert Off

in the main httpd.conf file. I presume this is related to the server name in the SSL certificate on the Active Directory server.

AuthBasicProvider ldap
AuthzLDAPAuthoritative Off
AuthLDAPURL ldaps://adserver.prefix.tld.co.uk:636/DC=prefix,DC=tld,DC=co,DC=uk?sAMAccountName?sub?(objectClass=user)
AuthLDAPBindDN “CN=someuser,OU=some ou,OU=another unit,OU=department,OU=directorate,OU=Administration,OU=another big unit,DC=prefix,DC=tld,DC=co,DC=uk”
AuthLDAPBindPassword secret
AuthType Basic
AuthName “Protected”
require valid-user

Normal users should then be prompted for a username and password to access the directory and if correct credentials are supplied should be given access to the content.