Edit the /private/etc/hosts file. For more information on how to use the hosts file, open Terminal and type: man hosts

Note: Editing this file requires root privileges.

via Mac OS X: How to Add Hosts to Local Hosts File.

I am excited about the new typography elements.

Safari CSS Reference: Introduction to Safari CSS Reference.

The 10.6.3 Update is recommended for all users running Mac OS X Snow Leopard and includes general operating system fixes that enhance the stability, compatibility, and security of your Mac, including fixes that:

* improve the reliability and compatibility of QuickTime X

* address compatibility issues with OpenGL-based applications

* address an issue that causes background message colors to display incorrectly in Mail

* resolve an issue that prevented files with the # or & characters in their names from opening in Rosetta applications

* resolve an issue that prevented files from copying to Windows file servers

* improve performance of Logic Pro 9 and Main Stage 2 when running in 64-bit mode

* improve sleep and wake reliability when using Bonjour wake on demand

* address a color issue in iMovie with HD content

* improve printing reliability

* resolve issues with recurring events in iCal when connected to an Exchange server

* improve the reliability of 3rd party USB input devices

* fix glowing, stuck, or dark pixels when viewing video from the iMac (Late 2009) built-in iSight camera

For detailed information on this update, please visit this website: http://support.apple.com/kb/HT4014.

via Mac OS X v10.6.3 v1.1 Update (Combo).

It offers a number of advances compared to Leopard Server (v. 10.5), which was released two years ago.

via Opinion: In depth with Apple’s Snow Leopard Server.

OSX Server technology rocks!

Accounting, CMS, and others – most will run on the latest OSX applications and will remove your dependence on Microsoft.

• */..namedfork/data
• */..namedfork/rsrc
• */rsrc
• rsrc
• .ht* (case insensitive)
• .ds_s* (case insensitive)

Warnings:

1. The configuration changes that block named-fork exposure apply only to the default webserver, apache1. If you’ve chosen to use Apache2, it’s recommended that you serve content from a UFS volume.
2. For important related information, see “mod_hfs_apple” protects web content against case insensitivity in the HFS file system.

Blocking these files improves security, but it may impact applications that either provide resource fork content via a web server (no Apple applications do) or store files called “rsrc”.

If clients attempt to access blocked files, the Apache error log will create a record. By default, Apache writes log files into /private/var/log/httpd. Here’s what this example would look like:

[Tue Nov 16 13:15:26 2004] [error] [client 1.2.3.4] client denied by server configuration: /Library/WebServer/Documents/rsrc

In some circumstances, the Security Update may not install successfully if the Web Server configuration file has been manually edited or has been updated by installing certain third-party software.

If the Security Update can’t successfully modify the Web Server configuration file, this entry will appear in system install log (/var/log/install.log):

## WARNING ###########################################################
The Security Update was unable to safely apply a patch to your Apache
config file, /etc/httpd/httpd.conf. It has been left undisturbed.

Please look at /etc/httpd/httpd.conf.default and consider merging the
new Files 'rsrc' and DirectoryMatch '..namedfork' directives from that
file into /etc/httpd/httpd.conf.

######################################################################

If this occurs, we highly recommend that you edit your /etc/httpd/httpd.conf file manually, as follows.

An unpatched configuration file will contain one of the following three alternative sections:

• <Files ~ "^\.ht">
      Order allow,deny
      Deny from all
      Satisfy All
  </Files>

• <Files ~ "^\.([Hh][Tt])">
      Order allow,deny
      Deny from all
      Satisfy All
  </Files>

• <Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
      Order allow,deny
      Deny from all
      Satisfy All
  </Files>

Whichever section appears, replace it with all of the following:

<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

<Files "rsrc">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

<DirectoryMatch ".*\.\.namedfork">
    Order allow,deny
    Deny from all
    Satisfy All
</DirectoryMatch>

Additional information

Security Update 2004-12-02 may update Mac OS X client with a copy of the Apache default configuration file (httpd.conf.default) that is intended for Mac OS X Server. The default file is provided in Mac OS X client only as a reference in the event that user-made changes to the active configuration file result in a need to revert back to a known-good default copy. You can restore a Mac OS X client httpd.conf.default file to the correct state by opening it in a text editor and replacing its contents with the copy found below. The copy below is only for Mac OS X 10.2.8 or 10.3.6 with Security Update 2004-12-02 installed.

Begin copying below this line.

##
## httpd.conf -- Apache HTTP server configuration file
##

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/> for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.
#
# After this file is processed, the server will look for and process
# /private/etc/httpd/srm.conf and then /private/etc/httpd/access.conf
# unless you have overridden these with ResourceConfig and/or
# AccessConfig directives here.
#
# The configuration directives are grouped into three basic sections:
#  1. Directives that control the operation of the Apache server process as a
#     whole (the 'global environment').
#  2. Directives that define the parameters of the 'main' or 'default' server,
#     which responds to requests that aren't handled by a virtual host.
#     These directives also provide default values for the settings
#     of all virtual hosts.
#  3. Settings for virtual hosts, which allow Web requests to be sent to
#     different IP addresses or hostnames and have them handled by the
#     same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/usr/local/apache" will be interpreted by the
# server as "/usr/local/apache/logs/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerType is either inetd, or standalone.  Inetd mode is only supported on
# Unix platforms.
#
ServerType standalone

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation
# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
# you will save yourself a lot of trouble.
#
ServerRoot "/usr"

#
# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
# its default value. The main reason for changing it is if the logs
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
# DISK. The PID of the main server process is automatically appended to
# the filename.
#
#LockFile "/private/var/run/httpd.lock"

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
PidFile "/private/var/run/httpd.pid"

#
# ScoreBoardFile: File used to store internal server process information.
# Not all architectures require this.  But if yours does (you'll know because
# this file will be  created when you run Apache) then you *must* ensure that
# no two invocations of Apache share the same scoreboard file.
#
ScoreBoardFile "/private/var/run/httpd.scoreboard"

#
# In the standard configuration, the server will process httpd.conf (this
# file, specified by the -f command line option), srm.conf, and access.conf
# in that order.  The latter two files are now distributed empty, as it is
# recommended that all directives be kept in a single file for simplicity.
# The commented-out values below are the built-in defaults.  You can have the
# server ignore these files altogether by using "/dev/null" (for Unix) or
# "nul" (for Win32) for the arguments to the directives.
#
#ResourceConfig /private/etc/httpd/srm.conf
#AccessConfig /private/etc/httpd/access.conf

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

#
# Server-pool size regulation.  Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).
#
# It does this by periodically checking how many servers are waiting
# for a request.  If there are fewer than MinSpareServers, it creates
# a new spare.  If there are more than MaxSpareServers, some of the
# spares die off.  The default values are probably OK for most sites.
#
MinSpareServers 1
MaxSpareServers 5

#
# Number of servers to start initially --- should be a reasonable ballpark
# figure.
#
StartServers 1

#
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# the system with it as it spirals down...
#
MaxClients 150

#
# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies.  The child will exit so
# as to avoid problems after prolonged use when Apache (and maybe the
# libraries it uses) leak memory or other resources.  On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries. For these platforms, set to something like 10000
# or so; a setting of 0 means unlimited.
#
# NOTE: This value does not include keepalive requests after the initial
#       request per connection. For example, if a child process handles
#       an initial request and 10 subsequent "keptalive" requests, it
#       would only count as 1 request towards this limit.
#
MaxRequestsPerChild 100000

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
#Listen 3000
#Listen 12.34.56.78:80

#
# BindAddress: You can support virtual hosts with this option. This directive
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
# See also the <VirtualHost> and Listen directives.
#
#BindAddress *

#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Please read the file http://httpd.apache.org/docs/dso.html for more
# details about the DSO mechanism and run `httpd -l' for the list of already
# built-in (statically linked and thus always available) modules in your httpd
# binary.
#
# Note: The order in which modules are loaded is important.  Don't change
# the order below without expert advice.
#
# Example:
# LoadModule foo_module libexec/mod_foo.so
#LoadModule vhost_alias_module libexec/httpd/mod_vhost_alias.so
#LoadModule env_module         libexec/httpd/mod_env.so
LoadModule config_log_module  libexec/httpd/mod_log_config.so
#LoadModule mime_magic_module  libexec/httpd/mod_mime_magic.so
LoadModule mime_module        libexec/httpd/mod_mime.so
LoadModule negotiation_module libexec/httpd/mod_negotiation.so
#LoadModule status_module      libexec/httpd/mod_status.so
#LoadModule info_module        libexec/httpd/mod_info.so
LoadModule includes_module    libexec/httpd/mod_include.so
LoadModule autoindex_module   libexec/httpd/mod_autoindex.so
LoadModule dir_module         libexec/httpd/mod_dir.so
LoadModule cgi_module         libexec/httpd/mod_cgi.so
LoadModule asis_module        libexec/httpd/mod_asis.so
LoadModule imap_module        libexec/httpd/mod_imap.so
LoadModule action_module      libexec/httpd/mod_actions.so
#LoadModule speling_module     libexec/httpd/mod_speling.so
LoadModule userdir_module     libexec/httpd/mod_userdir.so
LoadModule alias_module       libexec/httpd/mod_alias.so
LoadModule rewrite_module     libexec/httpd/mod_rewrite.so
LoadModule access_module      libexec/httpd/mod_access.so
LoadModule auth_module        libexec/httpd/mod_auth.so
#LoadModule anon_auth_module   libexec/httpd/mod_auth_anon.so
#LoadModule dbm_auth_module    libexec/httpd/mod_auth_dbm.so
#LoadModule digest_module      libexec/httpd/mod_digest.so
#LoadModule proxy_module       libexec/httpd/libproxy.so
#LoadModule cern_meta_module   libexec/httpd/mod_cern_meta.so
#LoadModule expires_module     libexec/httpd/mod_expires.so
#LoadModule headers_module     libexec/httpd/mod_headers.so
#LoadModule usertrack_module   libexec/httpd/mod_usertrack.so
LoadModule log_forensic_module libexec/httpd/mod_log_forensic.so
#LoadModule unique_id_module   libexec/httpd/mod_unique_id.so
LoadModule setenvif_module    libexec/httpd/mod_setenvif.so
#LoadModule dav_module         libexec/httpd/libdav.so
#LoadModule ssl_module         libexec/httpd/libssl.so
#LoadModule perl_module        libexec/httpd/libperl.so
#LoadModule php4_module        libexec/httpd/libphp4.so
LoadModule hfs_apple_module   libexec/httpd/mod_hfs_apple.so
LoadModule rendezvous_apple_module libexec/httpd/mod_rendezvous_apple.so

#  Reconstruction of the complete module list from all available modules
#  (static and shared ones) to achieve correct module execution order.
#  [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
ClearModuleList
#AddModule mod_vhost_alias.c
#AddModule mod_env.c
AddModule mod_log_config.c
#AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
#AddModule mod_status.c
#AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
#AddModule mod_speling.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
#AddModule mod_auth_anon.c
#AddModule mod_auth_dbm.c
#AddModule mod_digest.c
#AddModule mod_proxy.c
#AddModule mod_cern_meta.c
#AddModule mod_expires.c
#AddModule mod_headers.c
#AddModule mod_usertrack.c
AddModule mod_log_forensic.c
#AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
#AddModule mod_dav.c
#AddModule mod_ssl.c
#AddModule mod_perl.c
#AddModule mod_php4.c
AddModule mod_hfs_apple.c
AddModule mod_rendezvous_apple.c

#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
#ExtendedStatus On

### Section 2: 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition.  These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#

#
# If your ServerType directive (set earlier in the 'Global Environment'
# section) is set to "inetd", the next few directives don't have any
# effect since their settings are defined by the inetd configuration.
# Skip ahead to the ServerAdmin directive.
#

#
# Port: The port to which the standalone server listens. For
# ports < 1023, you will need httpd to be run as root initially.
#
Port 80

#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
#  . On HPUX you may not be able to use shared memory as nobody, and the
#    suggested workaround is to create a user www and use that user.
#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
#  when the value of (unsigned)Group is above 60000;
#  don't use Group "#-1" on these systems!
#
User www
Group www

#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.  This address appears on some server-generated pages, such
# as error documents.
#
#ServerAdmin webmaster@example.com

#
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e., use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address (e.g., http://123.45.67.89/)
# anyway, and this will make redirections work in a sensible way.
#
# 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
# machine always knows itself by this address. If you use Apache strictly for
# local testing and development, you may use 127.0.0.1 as the server name.
#
#ServerName homeslice.apple.com

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/Library/WebServer/Documents"

#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/Library/WebServer/Documents">

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
    Options Indexes FollowSymLinks MultiViews

#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
    AllowOverride None

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all
</Directory>

#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
<IfModule mod_userdir.c>
    UserDir Sites
</IfModule>

#
# Control access to UserDir directories.  The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /Users/*/Sites>
#    AllowOverride FileInfo AuthConfig Limit
#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
#    <Limit GET POST OPTIONS PROPFIND>
#        Order allow,deny
#        Allow from all
#    </Limit>
#    <LimitExcept GET POST OPTIONS PROPFIND>
#        Order deny,allow
#        Deny from all
#    </LimitExcept>
#</Directory>

#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index.  Separate multiple entries with spaces.
#
<IfModule mod_dir.c>
    DirectoryIndex index.html
</IfModule>

#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess

#
# The following lines prevent .htaccess files from being viewed by
# Web clients.  Since .htaccess files often contain authorization
# information, access is disallowed for security reasons.  Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files.  If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<Files ~ "^<.([Hh][Tt]|[Dd][Ss]_[Ss])">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

#
# Apple specific filesystem protection.
#

<Files "rsrc">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>

<Directory  ~ ".\.\.namedfork">
    Order allow,deny
    Deny from all
    Satisfy All
</Directory>

#
# CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.
#
#CacheNegotiatedDocs

#
# UseCanonicalName:  (new for 1.3)  With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a URL that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name.  With this setting off, Apache will
# use the hostname:port that the client supplied, when possible.  This
# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
#
UseCanonicalName On

#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
    TypesConfig /private/etc/httpd/mime.types
</IfModule>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain

#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type.  The MIMEMagicFile
# directive tells the module where the hint definitions are located.
# mod_mime_magic is not part of the default server (you have to add
# it yourself with a LoadModule [see the DSO paragraph in the 'Global
# Environment' section], or recompile the server and include mod_mime_magic
# as part of the configuration), so it's enclosed in an <IfModule> container.
# This means that the MIMEMagicFile directive will only be processed if the
# module is part of the server.
#
<IfModule mod_mime_magic.c>
    MIMEMagicFile /private/etc/httpd/magic
</IfModule>

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog "/private/var/log/httpd/error_log"

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t <"%r<" %>s %b <"%{Referer}i<" <"%{User-Agent}i<"" combined
LogFormat "%h %l %u %t <"%r<" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here.  Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
CustomLog "/private/var/log/httpd/access_log" common

#
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#
#CustomLog "/private/var/log/httpd/referer_log" referer
#CustomLog "/private/var/log/httpd/agent_log" agent

#
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
#CustomLog "/private/var/log/httpd/access_log" combined

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (error documents, FTP directory listings,
# mod_status and mod_info output etc., but not CGI generated documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
ServerSignature On

# EBCDIC configuration:
# (only for mainframes using the EBCDIC codeset, currently one of:
# Fujitsu-Siemens' BS2000/OSD, IBM's OS/390 and IBM's TPF)!!
# The following default configuration assumes that "text files"
# are stored in EBCDIC (so that you can operate on them using the
# normal POSIX tools like grep and sort) while "binary files" are
# stored with identical octets as on an ASCII machine.
#
# The directives are evaluated in configuration file order, with
# the EBCDICConvert directives applied before EBCDICConvertByType.
#
# If you want to have ASCII HTML documents and EBCDIC HTML documents
# at the same time, you can use the file extension to force
# conversion off for the ASCII documents:
# > AddType       text/html .ahtml
# > EBCDICConvert Off=InOut .ahtml
#
# EBCDICConvertByType  On=InOut text/* message/* multipart/*
# EBCDICConvertByType  On=In    application/x-www-form-urlencoded
# EBCDICConvertByType  On=InOut application/postscript model/vrml
# EBCDICConvertByType Off=InOut */*

#
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
#
<IfModule mod_alias.c>

    #
    # Note that if you include a trailing / on fakename then the server will
    # require it to be present in the URL.  So "/icons" isn't aliased in this
    # example, only "/icons/".  If the fakename is slash-terminated, then the
    # realname must also be slash terminated, and if the fakename omits the
    # trailing slash, the realname must also omit it.
    #
    Alias /icons/ "/usr/share/httpd/icons/"

    <Directory "/usr/share/httpd/icons">
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    # This Alias will project the on-line documentation tree under /manual/
    # even if you change the DocumentRoot. Comment it if you don't want to
    # provide access to the on-line documentation.
    #
    Alias /manual/ "/Library/WebServer/Documents/manual/"

    <Directory "/Library/WebServer/Documents/manual">
        Options Indexes FollowSymlinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    #
    # ScriptAlias: This controls which directories contain server scripts.
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the realname directory are treated as applications and
    # run by the server when requested rather than as documents sent to the client.
    # The same rules about trailing "/" apply to ScriptAlias directives as to
    # Alias.
    #
    ScriptAlias /cgi-bin/ "/Library/WebServer/CGI-Executables/"

    #
    # "/Library/WebServer/CGI-Executables" should be changed to whatever your ScriptAliased
    # CGI directory exists, if you have that configured.
    #
    <Directory "/Library/WebServer/CGI-Executables">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
    </Directory>

</IfModule>
# End of aliases.

#
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Format: Redirect old-URI new-URL
#

#
# Directives controlling the display of server-generated directory listings.
#
<IfModule mod_autoindex.c>

    #
    # FancyIndexing is whether you want fancy directory indexing or standard
    #
    IndexOptions FancyIndexing

    #
    # AddIcon* directives tell the server which icon to show for different
    # files or filename extensions.  These are only displayed for
    # FancyIndexed directories.
    #
    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*

    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core

    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^

    #
    # DefaultIcon is which icon to show for files which do not have an icon
    # explicitly set.
    #
    DefaultIcon /icons/unknown.gif

    #
    # AddDescription allows you to place a short description after a file in
    # server-generated indexes.  These are only displayed for FancyIndexed
    # directories.
    # Format: AddDescription "description" filename
    #
    #AddDescription "GZIP compressed document" .gz
    #AddDescription "tar archive" .tar
    #AddDescription "GZIP compressed tar archive" .tgz

    #
    # ReadmeName is the name of the README file the server will look for by
    # default, and append to directory listings.
    #
    # HeaderName is the name of a file which should be prepended to
    # directory indexes.
    #
    ReadmeName README.html
    HeaderName HEADER.html

    #
    # IndexIgnore is a set of filenames which directory indexing should ignore
    # and not include in the listing.  Shell-style wildcarding is permitted.
    #
    IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

</IfModule>
# End of indexing directives.

#
# Document types.
#
<IfModule mod_mime.c>

    #
    # AddLanguage allows you to specify the language of a document. You can
    # then use content negotiation to give a browser a file in a language
    # it can understand.
    #
    # Note 1: The suffix does not have to be the same as the language
    # keyword --- those with documents in Polish (whose net-standard
    # language code is pl) may wish to use "AddLanguage pl .po" to
    # avoid the ambiguity with the common suffix for perl scripts.
    #
    # Note 2: The example entries below illustrate that in quite
    # some cases the two character 'Language' abbreviation is not
    # identical to the two character 'Country' code for its country,
    # E.g. 'Danmark/dk' versus 'Danish/da'.
    #
    # Note 3: In the case of 'ltz' we violate the RFC by using a three char
    # specifier. But there is 'work in progress' to fix this and get
    # the reference data for rfc1766 cleaned up.
    #
    # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
    # French (fr) - German (de) - Greek-Modern (el)
    # Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn)
    # Portugese (pt) - Luxembourgeois* (ltz)
    # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cs)
    # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
    # Russian (ru)
    #
    AddLanguage da .dk
    AddLanguage nl .nl
    AddLanguage en .en
    AddLanguage et .ee
    AddLanguage fr .fr
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage he .he
    AddCharset ISO-8859-8 .iso8859-8
    AddLanguage it .it
    AddLanguage ja .ja
    AddCharset ISO-2022-JP .jis
    AddLanguage kr .kr
    AddCharset ISO-2022-KR .iso-kr
    AddLanguage nn .nn
    AddLanguage no .no
    AddLanguage pl .po
    AddCharset ISO-8859-2 .iso-pl
    AddLanguage pt .pt
    AddLanguage pt-br .pt-br
    AddLanguage ltz .lu
    AddLanguage ca .ca
    AddLanguage es .es
    AddLanguage sv .sv
    AddLanguage cs .cz .cs
    AddLanguage ru .ru
    AddLanguage zh-TW .zh-tw
    AddCharset Big5         .Big5    .big5
    AddCharset WINDOWS-1251 .cp-1251
    AddCharset CP866        .cp866
    AddCharset ISO-8859-5   .iso-ru
    AddCharset KOI8-R       .koi8-r
    AddCharset UCS-2        .ucs2
    AddCharset UCS-4        .ucs4
    AddCharset UTF-8        .utf8

    # LanguagePriority allows you to give precedence to some languages
    # in case of a tie during content negotiation.
    #
    # Just list the languages in decreasing order of preference. We have
    # more or less alphabetized them here. You probably want to change this.
    #
    <IfModule mod_negotiation.c>
        LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
    </IfModule>

    #
    # AddType allows you to tweak mime.types without actually editing it, or to
    # make certain files to be certain types.
    #
    AddType application/x-tar .tgz

    #
    # AddEncoding allows you to have certain browsers uncompress
    # information on the fly. Note: Not all browsers support this.
    # Despite the name similarity, the following Add* directives have nothing
    # to do with the FancyIndexing customization directives above.
    #
    AddEncoding x-compress .Z
    AddEncoding x-gzip .gz .tgz
    #
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #
    #AddType application/x-compress .Z
    #AddType application/x-gzip .gz .tgz

    #
    # AddHandler allows you to map certain file extensions to "handlers",
    # actions unrelated to filetype. These can be either built into the server
    # or added with the Action command (see below)
    #
    # If you want to use server side includes, or CGI outside
    # ScriptAliased directories, uncomment the following lines.
    #
    # To use CGI scripts:
    #
    #AddHandler cgi-script .cgi

    #
    # To use server-parsed HTML files
    #
    #AddType text/html .shtml
    #AddHandler server-parsed .shtml

    #
    # Uncomment the following line to enable Apache's send-asis HTTP file
    # feature
    #
    #AddHandler send-as-is asis

    #
    # If you wish to use server-parsed imagemap files, use
    #
    #AddHandler imap-file map

    #
    # To enable type maps, you might want to use
    #
    #AddHandler type-map var

</IfModule>
# End of document types.

#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

#
# MetaDir: specifies the name of the directory in which Apache can find
# meta information files. These files contain additional HTTP headers
# to include when sending the document
#
#MetaDir .web

#
# MetaSuffix: specifies the file name suffix for the file containing the
# meta information.
#
#MetaSuffix .meta

#
# Customizable error response (Apache style)
#  these come in three flavors
#
#    1) plain text
#ErrorDocument 500 "The server made a boo boo.
#  n.b.  the single leading (") marks it as text, it does not get output
#
#    2) local redirects
#ErrorDocument 404 /missing.html
#  to redirect to local URL /missing.html
#ErrorDocument 404 /cgi-bin/missing_handler.pl
#  N.B.: You can redirect to a script or a document using server-side-includes.
#
#    3) external redirects
#ErrorDocument 402 http://some.other-server.com/subscription_info.html
#  N.B.: Many of the environment variables associated with the original
#  request will *not* be available to such a script.

#
# Customize behavior based on the browser
#
<IfModule mod_setenvif.c>

    #
    # The following directives modify normal HTTP response behavior.
    # The first directive disables keepalive for Netscape 2.x and browsers that
    # spoof it. There are known problems with these browser implementations.
    # The second directive is for Microsoft Internet Explorer 4.0b2
    # which has a broken HTTP/1.1 implementation and does not properly
    # support keepalive when it is used on 301 or 302 (redirect) responses.
    #
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4<.0b2;" nokeepalive downgrade-1.0 force-response-1.0

    #
    # The following directive disables HTTP/1.1 responses to browsers which
    # are in violation of the HTTP/1.0 spec by not being able to grok a
    # basic 1.1 response.
    #
    BrowserMatch "RealPlayer 4<.0" force-response-1.0
    BrowserMatch "Java/1<.0" force-response-1.0
    BrowserMatch "JDK/1<.0" force-response-1.0

</IfModule>
# End of browser customization directives

#
# Allow server status reports, with the URL of http://servername/server-status
# Change the ".your-domain.com" to match your domain to enable.
#
#<Location /server-status>
#    SetHandler server-status
#    Order deny,allow
#    Deny from all
#    Allow from .your-domain.com
#</Location>

#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your-domain.com" to match your domain to enable.
#
#<Location /server-info>
#    SetHandler server-info
#    Order deny,allow
#    Deny from all
#    Allow from .your-domain.com
#</Location>

#
# There have been reports of people trying to abuse an old bug from pre-1.1
# days.  This bug involved a CGI script distributed as a part of Apache.
# By uncommenting these lines you can redirect these attacks to a logging
# script on phf.apache.org.  Or, you can record them yourself, using the script
# support/phf_abuse_log.cgi.
#
#<Location /cgi-bin/phf*>
#    Deny from all
#    ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
#</Location>

#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#
#<IfModule mod_proxy.c>
#    ProxyRequests On

#    <Directory proxy:*>
#        Order deny,allow
#        Deny from all
#        Allow from .your-domain.com
#    </Directory>

    #
    # Enable/disable the handling of HTTP/1.1 "Via:" headers.
    # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
    # Set to one of: Off | On | Full | Block
    #
#    ProxyVia On

    #
    # To enable the cache as well, edit and uncomment the following lines:
    # (no caching without CacheRoot)
    #
#    CacheRoot "/private/var/run/proxy"
#    CacheSize 5
#    CacheGcInterval 4
#    CacheMaxExpire 24
#    CacheLastModifiedFactor 0.1
#    CacheDefaultExpire 1
#    NoCache a-domain.com another-domain.edu joes.garage-sale.com

#</IfModule>
# End of proxy directives.

### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
#    ServerAdmin webmaster@dummy-host.example.com
#    DocumentRoot /www/docs/dummy-host.example.com
#    ServerName dummy-host.example.com
#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>

<IfModule mod_php4.c>
    # If php is turned on, we respect .php and .phps files.
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php-source .phps

    # Since most users will want index.php to work we
    # also automatically enable index.php
    <IfModule mod_dir.c>
        DirectoryIndex index.html index.php
    </IfModule>
</IfModule>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^TRACE
    RewriteRule .* - [F]
</IfModule>

<IfModule mod_rendezvous_apple.c>
    # Only the pages of users who have edited their
    # default home pages will be advertised on Rendezvous.
    RegisterUserSite customized-users
    #RegisterUserSite all-users

    # Rendezvous advertising for the primary site is off by default.
    #RegisterDefaultSite
</IfModule>

Include /private/etc/httpd/users/*.conf

For consumers embracing commercial, personal, and hybrid content, two challenges are rapidly emerging:

• Massive storage needs. For some content, such as music, each song file is relatively small (perhaps 3 or 4 megabtes (MBs)), but a collection can take up many gigabytes (GBs) of storage. For other content, such as movies, files can each be multiple gigabytes (e.g., the file for the movie Pirates of the Caribbean from Apple Computer’s iTunes Store (iTS) is 1.6 GB; a recent episode of the TV show Battlestar Galactica from iTS is over 480 MBs; the movie Superman Returns from Amazon.com’s Unbox download store in “DVD quality” is 2.9 GBs). And as high-definition content becomes the norm, the file sizes will only increase.
• The use, management, and distribution of content. Many households have multiples PCs (we use the term PC to mean a computer running Windows, Mac OS, Linux, or any other user operating system), and many consumers also bring home notebooks and other portable computers supplied by their employer. Each of these devices may be purchasing and storing digital content, and many of the downloaded files are locked down by various digital rights management (DRM) technologies, such as Apple’s FairPlay, that set the rules for how the content can be used and distributed. Added to the mix is the the growing personal content, such as multi-gigabyte photo databases and video repositories. In households with adults and kids, these issues will become critical very quickly.

Media center PCs and external hard drives won’t cut it; a home server is needed

The storage issue is the first challenge most consumers face as they embrace digital content. Even those with modest music and photo collections can quickly find their primary PC unable to cope with the gigabytes of content. Unfortunately, many consumers may also experience the downside of unprotected digital content if that central PC has a hard drive failure or files are corrupted. And as consumers experience the ease of buying and using digital downloads (e.g., quick delivery and instant access without fumbling with physical media), they will also face the issues around DRM and device authorization limitations.

These experiences have or will lead consumers to look at two potential solutions:

• Media management and distribution on media-centric PCs. Both Microsoft and Apple market products aimed at the consumer interested in a media-centric PC. Microsoft currently sells Widows XP Media Center Edition 2005 software (soon to be upstaged by various flavors of its next-generation operating systems, Vista) that includes technology for recording TV shows, displaying photos and videos on TVs, and linking with other devices, such as the company’s Xbox 360 game console, using Media Center Extender technology. All of Apple’s consumer-oriented products, such as the iMac, Mac mini, and MacBook offer somewhat similar technology for remote display of content (notably, Apple does not offer its own PVR software). In addition, Apple recently announced plans to deliver “ITV” (a code name), a set-top box that connects to TVs and plays digital content wirelessly streamed from Apple software. ITV is expected sometime in Q1 of 2007 (see this Engadget article).
  
  
• More storage by buying high-capacity hard drives as part of new PCs or in external packages. Hard drives are relatively cheap these days. It is not uncommon to see home PCs with 250 GB drives, and external hard drives that rely on USB or FireWire connections are also relatively inexpensive (a 500 GB external hard drive may cost anywhere from $200-300). They are also simple to use — just plug them into most PCs and the storage is available.

The problem is that neither one of these solutions address the storage and media management challenges effectively. Media-centric PCs are about making one PC the center of the household media experience. They don’t provide a way to easily distribute and manage content, playlists, and related databases among consumer devices. And larger, single hard drives most likely won’t provide enough storage for the household, they are tied to a PC, and they don’t have any “brains” — i.e., they lack software and tools for managing content. They are just big, dumb filing cabinets. And as many home PC users know, relying on a single drive with no backup plan — which is the case for most consumers — is a disaster waiting to happen.
Some technophiles have invested in network attached storage (NAS) devices, essentially high-capacity, multiple drive appliances that adds storage to any network. Others have bought multi-hard drive disk arrays that plug into a single PC. Again, while these solutions offer plenty of storage, they aren’t designed to overcome the challenges of consumer content management.
Instead of media center PCs or larger hard drives, we think the most sensible solution is a dedicated home media server that combines lots of storage with the required software brains to intelligently and seamlessly manage consumer content of all types.

What a home media server needs to do

A home media server is a lightweight server designed to store, stream, sync, and manage a household’s complex portfolio of digital assets. It is not meant to be used as a computer. It will be tucked away in a utility closet or hidden behind closed cabinet doors in the living room media center. Ripping CDs, buying TV shows online, and editing photos will be handled by other household devices. The home server will:

• Store content by auto-syncing with and backing up other devices. On the surface, the primary job of the home media server is to simply store files. But manual storage or rudimentary backup plans are not enough. The server’s software needs to be tied into the media applications on other household devices. When a PC in a kid’s room buys a show, a copy of the file will be copied to the server’s hard drives. Periodically, the server will run a backup program that culls connected devices to discover new files, such as family photos, that need to be archived. In other cases, a consumer may choose to ensure that all files of a certain type are only on the server. Either way, the media server becomes the central repository of the household’s digital horde.
• Distribute content using streams or file transfers. Some content needs to be on a device, such as a notebook computer (a consumer may want to watch a TV show or listen to certain music while traveling), while other devices only need to access a content stream from the server. A home server would enable consumers to choose whether to move large media files and collections to devices, leave most files on the server, or make those decisions based on the capacity of each device.
• Manage content –including DRM files — on devices and by accounts. In the two previous bullets, we talked about examples where consumers would determine how content was stored and accessed. This management function of the server will also be critical in terms of DRM content. If the music industry, for example, insists on keeping the 5-device limit on audio file use, the server software could be used to easily authorize or deauthroize devices. Also, the server could be configured so that some content, while household owned (by the “super” or Admin account), is restricted to certain users. In addition, it could manage multiple user accounts, each with their own authorization, so that siblings’ content was managed, but kept separate.

How Apple could do it: The “iServ” concept

Two companies are likely to lead the home server charge: Apple and Microsoft. However, since Apple dominates the digital download market for audio today, and since they have direct control over their PC and server hardware products, we will focus on what it could deliver. Also, Apple is continually looking to innovate with its consumers offerings, and the idea of an “iServ” media server seems very reasonable given the company’s history.

Inside the iServ

The server would be built around these concepts:

• User upgradeable storage. The iServ would offer bays of hot swappable hard drives, perhaps up to 1.5 terabytes in a three-drive configuration. The large storage would provide a central repository for content as well as enable household backup of data on various other Mac, PCs, and digital devices. The iServ could ship with a single 250 GB drive; consumers would got to the Apple Store or order additional drives online.
• Automatic syncing of household digital content. Any device on the network that buys a song, TV show, or movie from the iTS will inform the server of its purchase; a specialized iTunes iServ app will make a copy of all content purchased on authorized household systems. This copy will serve as both an archive, as well as a source for streaming or copying the file to other authorized devices.
• Streaming access to content. Besides enabling simple backup and transfers, iServ would be hard wired or use wireless connections to directly stream content to other computers or the forthcoming ITV set-top box. For example, when a mom purchases a copy of the Office on her laptop, the device will notify and transfer a copy of the file to the iTunes server app on the iServ. Without any extra effort, the family can then access the show from the FrontRow interface on the ITV box.
• Remote management of the iServ. The home server could be used in a headless fashion — controlled by a remote Mac — or with a local monitor. The iServ Remote software would enable the household administrator to set policies on content access, such as restricting streams or transfers of explicit content. From this remote console, a consumer could authorize and deauthorize household devices and otherwise manage FairPlay digital rights management issues.
• Additional household software. Just as Apple offers complementary — but secondary — applications for its iPods, such as games, the iServ could offer its own complementary software, such as a server-based family calendaring solution. In addition, an iPhoto server app could archive, backup, and enable local distribution of family photos.

Could Apple really do it? Is it a realistic product? Yes, because:

• Consumers might want it today, but they will need it tomorrow … Consumers will bump into a wall as they buy more and more digital content. Managing DRM files and swapping them to various devices will become increasingly frustrating, as will authorizing and deauthorizing systems. Losing content to a hard drive failure will make any consumer interested in a seamless backup solution. Overall, the iServ would make digital content ownership much easier.
• … and Apple already has most of the pieces. The box itself could be basically a Mac mini with drive bays. The hot-swappable bays are technology Apple is familiar with in its Xserve and Xserve RAID offerings (the vendor calls them Apple Drive Modules). The iCal Server is already being developed for Mac OS X 10.5 Leopard Server. The core technology for remote manage already exists in Remote Desktop, and Backup and iSync technology have already been built.Apple could leverage its Core Animation development technology to create easy-to-use but powerful iServ management tools and apps. Other OS X Server features that could be utilized include Software Update Server, allowing a household to stay on top of Security Updates and other patches. Non-needed server features could be hidden, such as Open Directory and Xgrid. The most work would come from creating an iTunes and iPhoto server app.

Finally, what about price? An interesting Apple product that costs too much can fail (e.g., the Cube). While this note is not the result of detailed research on component pricing or likely acceptable consumer price points, we can make some assumptions based on current Apple, competitive, and peripheral products:

• iServ with one 250 GB drive, Mac OS X Server (iServ Edition) and iServ apps – $999
• Additional drives – 250 GB for $150; $500 GB for $300

With budding demand and the technical capability, we just have to wait and see how long it takes Apple to build and sell an iServ.

By: Tom Rhinelander, NRG Analyst

Note: This article is written for installing Movable Type on “Tiger” (Mac OS X 10.4.x). The Panther and older OS X versions of this article, have been relocated to their own seperate, permanent pages.

Many people host a weblog on a third-party web server hosted by someone else, but with MacOS X, we have the tools we need to set up a fully functional weblog on our system. This blog could be served to the entire world via the Internet, or just used as a personal diary on your own system. It doesn’t matter. Weblogs are what you make of them. There are several systems we could use to set up a weblog on our Mac, but for this article I have chosen Movable Type from Six Apart. I chose this solely because I have the most experience with it, as I have used it for almost four years on my personal Web site. Movable Type is designed using a Perl backend. Perl is an interpreted programming language that is capable of doing almost anything you wish. Tiger ships with Perl 5.8.6, which is more than enough for this process. The backend of our weblog will use SQLite. SQLite is the database system that is bundled with Mac OS X Tiger and powers the Core Data framework. Several major Mac applications use SQLite as well. A few examples are Freshly Squeezed Software’s PulpFiction and Michael Tsai’s SpamSieve. This article will assume that you are running a fresh install of MacOS X 10.4 or later and have the MacOS X Developer Tools installed. You should also be comfortable working in the command line and editing system configuration files. If this scares you, you may want to sign up for a service such as Six Apart’s TypePad. Let’s get started… ### Downloads First let’s download all of the files you are going to need to complete this exercise. We are only going to need DBI, DBD::SQLite and Movable Type 3.16. DBD::SQLite is a Perl module that will interface between SQLite and Movable Type. DBI stands for Database Interface and was written by Tim Bunce. The DBI module then speaks to the DBD module. The DBD module we will be using is DBD::SQLite. The biggest advantage of DBI is that you can talk to the database without having to talk on the network to the actual database server or dealing with the server’s libraries. Movable Type is simply a collection of Perl scripts that run the entire weblog system. * Movable Type * DBI * DBD::SQLite ### Apache In terminal, we need to edit our Apache config file. We are basically going to allow for cgi scripts to be executed on the Mac. By default CGI Scripts are located in /Library/WebServer/CGI-Executables/. We need to uncomment the line in the httpd.conf file that reads # AddHandler cgi-script .cgi I am going to explain how to do it using the vi text editor, but you are more than welcome to use your favorite editor of choice.

sudo vi /etc/httpd/httpd.conf Go down to the line we want to edit and remove the # in front of _AddHandler_ by pressing the x key. Next type in _:wq_ to write and quit vi. Next, type the following into the Terminal window: sudo apachectl graceful The last command simply restarts the apache server without having to restart your system. Oh, the power of Unix. ### Connecting to SQLite Before we can establish a connection between Movable Type and SQLite, we need to install the Perl modules we downloaded earlier. Double-click on each file to extract the folders that live inside. We need to compile these modules so that our database will show up when we test Movable Type. It’s a relatively simple process. Type the following commands in the Terminal: cd ~/Desktop/DBI-1.48 perl Makefile.PL make sudo make install Now we need to install the SQLite module. cd ~/Desktop/DBD-SQLite-1.08 perl Makefile.PL make sudo make install Now that we have our perl modules set up, we can celebrate. We are finally ready to set up Movable Type! ### Movable Type cd ~/Desktop/MT-3.16-full-en_US/ vi mt.cfg Place a # before DataSource ./db Set your CGIPath to equal _http://localhost/cgi-bin/_ Add the following lines to your file. ObjectDriver DBI::sqlite Database /Library/WebServer/CGI-Executables/db/mtdbmovabletype.sql Set StaticWebPath to _/mt-static/_ Remove the # before _NoTempFiles 1_ :wq Ok, that is a lot of steps, so let’s go through what each one of them is. mt.cfg is the configuration file that gives basic information for the perl backend about your weblog. We set the CGIPath to equal where we are putting the cgi files. On your local system, it is /Library/WebServer/CGI-Executables/. StaticWebPath is where Movable Type’s images, docs, and other similar files will be stored. We set that to http://localhost/mt-static/ so that the directories are housed in /Library/WebServer/Documents/mt-static/. It should be noted that if you are going to set up your blog to be available for people on the Internet, you should replace all instances of localhost with your external IP address or domain name. The next set of commands is basically telling Movable Type to use the SQLite database. Now you see why we had to set up the DBI and DBD stuff earlier. We turned off NoTempFiles because Tiger was having issues when trying to build the index files. If anyone can find a solution to the problem, please post it in the comments. Let’s jump to the Finder. Yes, I am serious. After all of the love we have been giving the command line we are going back to the good old graphical filesystem. We need to install the Movable Type application onto our Webserver. First, lets copy the static files to the /Library/WebServer/Documents/mt-static/ folder. Make sure to copy the following files to that directory.

• styles.css
• mt.js
• images
• docs
• index.html

Also, go ahead and create a new folder and call it _archives_. This is where we will hold all of our blog entries.

Now, let’s move back a level and enter the CGI-Executables folder. Copy the following files into it.

• examples
• extlib
• lib
• mt-add-notify.cgi
• mt-atom.cgi
• mt-check.cgi
• mt-comments.cgi
• mt-db-pass.cgi
• mt-load.cgi
• mt-search.cgi
• mt-send-entry.cgi
• mt-set-reg.cgi
• mt-tb.cgi
• mt-view.cgi
• mt-testbg.cgi
• mt-xmlrpc.cgi
• mt.cfg
• mt.cgi
• php
• plugins
• schemas
• search_templates
• tmpl
• tools

We are almost done. Now we need to jump back into Terminal and set some permissions for our scripts and create a folder for our database. cd /Library/WebServer/CGI-Executables/ chmod 755 mt*.cgi mkdir db chmod 777 db cd .. sudo chmod 777 Documents cd Documents chmod 777 archives What we just did is set the cgi scripts to be read and executed by group and others, while you can read, write and execute. If you don’t understand what that means, it is simply a Unix permissions thing. We then created a db folder that will house our SQLite databse. The last two commands set read, write, and execute commands for the archives and Documents folder. I ran into a lot of permissions issues by trying to lock the Documents folder with 755. The archives folder must be 777 though. If you want a more secure set up, I would recommend you recompile Apache with suexec installed. Sadly, Tiger’s version of Apache doesn’t have it compiled in. Everything is set up, let’s test. Pop open Safari and go to the following url. http://localhost/cgi-bin/mt-check.cgimt-check checks for installed perl modules on your system. You should have everything you need installed. If you find you are missing some of the modules, or want to install extra ones, Six Apart does a great job of giving you a walkthrough. This is important…. http://localhost/cgi-bin/mt-load.cgi This step sets up the tables, an initial author and some starter templates in your database. Assuming you have followed my instructions to their exact specifications, the script should report SUCCESS! You have a working Movable Type installation. With Movable Type 3.16, the application has the ability to run several tasks in the background. We need to test to make sure this will work on your system so click on the link below to do that: http://localhost/cgi-bin/mt-testbg.cgi As long as you see two unique numbers listed on the page, you will be fine. Delete mt-load.cgi from /Library/WebServer/CGI-Executables. Leaving it on your system is a big security vulnerability, because each time you run it, it is going to reset your database to the initial values. Congratulations, Movable Type is ready to go. ### Basic Configuration http://localhost/cgi-bin/mt.cgi

Now that we have the weblog configured, let’s go through some basic configuration. The link above is where you will do all of your blogging. It houses the configuration, templates and a basic editor. You will be greeted with a login prompt. The mt-load.cgi script created a default user name Melody and a password of Nelson. The first thing you are going to want to do is change that username and password. To accomplish this, just head to the Edit Your Profile link. Change the username and password to something you can easily remember. Next, let’s edit the default weblog to fit your specifications. The default is creatively named Weblog, but you may want to change that to something to describe you. I have my personal one as just my name, but others have been far more creative.
Next, go to the Weblog Config button and let’s double check some values.

• Local Site Path: /Library/WebServer/Documents
• Site URL: http://localhost/
• Local Archive Path: /Library/WebServer/Documents/archives
• Archive URL: http://localhost/archives/

Save those changes, and start blogging, because you are ready. Simply go to the New Entry button and make your first entry. To view your content simply pop open Safari and visit http://localhost/### Conclusion We accomplished a lot. We set up a full-fledged content management system on our Mac using nothing but free or donationware software. This article merely gets you set up with a basic Movable Type installation. There is a vast world of plugins, configuration changes, and tips and tricks out there. Here are a few resources to check out.

• http://www.scriptygoddess.com/
• http://www.movabletype.org/support/

Turn off Personal Web Sharing

OS X does, as you probably know, ship with Apache and it’s real easy to switch on and for a while I did use it. I am quite interested in learning a bit more about the whole serving up websites business, so first job is to do away with all the pre-installed Mac stuff.

Go to System Preferences > Sharing and make sure Personal Web Sharing is stopped.

Software

I started off with Mamp and that is probably good enough for a basic set up but I wanted to run Textpattern with clean URLs. Getting mod_rewrite to work on Mamp just wouldn’t happen for me. So after a bit of Googling I came up with these downloads in preparation for my mission… gulp!

• Complete MySQL
• Complete Apache2
• Complete PHP4
• CocoaMySQL
• Web Control (Scroll down the page a bit)

Terminal

You will need to have at hand Terminal in order to do some of the stuff. This is located in Applications > Utilities. This is the best bit actually because you get to feel like Neo for five minutes! Be careful though, I am told you can do some serious damage with Terminal.

Show hidden files

Having already had a play with Mamp, I noticed that I couldn’t see .htaccess files. Also when installing Complete MySQL there was another hidden file I needed to get to. Eventually I found a note on Apple’s developer site that describes how to show hidden files. It’s gonna make your Mac look at little messier than before but it’s kind of essential:

Open up Terminal and type in the following:

defaults write com.apple.Finder AppleShowAllFiles true

And that should be that.

Complete installs

The links to the three Complete packages are self explanatory. Each comes with a detailed Install document, follow them and you can’t go wrong, much.

The only problem I ran into was creating a .bash_profile document in the home directory. With hidden files now showing I could see that my home directory (the house with my name on it) had no .bash_profile in it, so I created one with TextEdit. Again, something to watch out for is TextEdit saving it with an extension e.g. .bash_profile.rdf. If this happens click on the file and press COMMAND + I which will bring up the File Info panel and you can simply delete the .rdf from the Name & Extensions panel

In truth this had little effect for me when trying to access mysql via Terminal, unless I used the complete path i.e. /Library/MySQL/bin/mysql. Given that I have no intention of using Terminal for accessing MySQL I didn’t worry about it and it has not had any impact on this setup thus far. Note: If anyone does know why I was getting a command not found error, I’d love to know.

One other note with these complete installs is the location they end up in. Obvious now but it caused me a bit of confusion, they are in the root library file and not the library file in you home directory. To find this spot open up your hard drive and look for the Library folder

phpMyAdmin versus CocoaMySQL

I had a bash at installing phpMyAdmin but to be honest they may as well have written the instructions in Wookie. I stumbled across CocoaMySQL after a bit of Googling, opened it up, it found the path to my MySQL server and within five minutes I had created a database as was running a local copy of Joshuaink. I thoroughly recommend it for the less technically minded.

Also worth noting is that which ever way you access MySQL, you can use your root account and the password you set when setting up MySQL for all your databases which is pretty damn convenient.

Httpd.config

Certainly if you are going to be experimenting, the httpd.config file will come into play. I started off with the Web Control app because it makes back ups, reverts easily back to the original file if you mess it up and it can check your syntax for you and if you aren’t feeling confident it’s a great way to start. It soon started to get a bit frustrating though because I couldn’t do a find search to locate bits of the document.

I ended up going back to TextEdit but found I could no longer save the file from that app (though I could from Web Control). I am not sure if this happens by default or whether Web Control did it when it first ran but it turned out that the conf directory, located at /Library/Apache2/conf was locked, so again clicking on the directory and COMMAND + I brings up the info and I changed the Ownership & Permissions details from Owner: system to Owner: [my username]. I also did the same to the httpd.conf file for good measure and made sure they were both set to Read & Write for owners.

Virtual hosts

Virtual hosts were one of the big things I wanted to get done and I found two tutorials. One over at Mezzoblue and one over at SitePoint (scroll down the tutorial a bit). In the end I opted for the SitePoint one because it was getting late and my head seemed to manage with it a little better, though the URLs it produces are no where near as cool as Dave’s. Again something to consider if you do use the SitePoint one, be careful with your naming conventions because it can impact how you use the web. For example I had a directory called joshuaink and where I used to just type joshuaink — as opposed to the full URL — into Firefox to reach my live site, I was now being taken to my localhost.

DirectoryIndex

It wasn’t until I opened up the WordPress admin that I noticed I was getting a directory listing and had to manually click on index.php to get to the login page. This seems to be something to do with the DirectoryIndex bit of httpd.conf. Initially I was dropping the .htaccess file that ships with Textpattern into each and every directory with an index.php as it’s starting point and it did solve the problem but that was getting a bit tiresome. Eventually I found out that there is something called DirectoryIndex in the httpd.conf file and having located it I changed it to this so that Apache recognises an index.php:

DirectoryIndex index.html index.htm index.php index.html.var

I really don’t know if that is correct but it seems to have solved the problem.

Deleting .htaccess files

My final problem was deleting those .htaccess files I had spread everywhere and OS X wouldn’t let me because it is a hidden file. To solve this I renamed it to .htaccess.txt and then I could delete it.

Conclusions

I have got a lot to learn about Apache but it was an interesting start and well worth the effort. With my iBook mostly offline, security is not a big deal for me. No doubt I will continue to fiddle until it breaks. If you have any tips or see something very wrong with the way I have setup, please do say.