S 2.175 Setting up a web server

Initiation responsibility: Administrator, Top Management

Implementation responsibility: Head of IT

In order to set up a web server, it is necessary to purchase corresponding software in addition to adequate hardware. For this, numerous web server products are available. When selecting a product, particular importance should be attached to the security mechanisms provided and to the stability (see also module S 1.10 Standard software for information on purchasing and installation).

Adapting the organisational structure

It must be decided which information will be made available on the Internet and/or in an intranet. Furthermore, it is necessary to clarify how and where documents will be created, who will create which documents, which documents will be used where, and who needs these documents. Based on the answers to these questions, guidelines should then be created to ensure uniform document formats and uniform file and directory names and, if possible, standardised development tools should be specified. If necessary, a separate web server editorial team should be set up (see S 2.272 Setting up a web editorial team).

Appointing the people responsible

When operating a web server, regardless of whether it is operated internally or externally, not every user should be allowed to upload any files they want. For this reason, one person in charge of uploading information should be appointed who also checks the new files to see if they conform to the guidelines. Depending on the size of the organisation, other people may be assigned partial responsibility for individual organisational units or areas of the web server. The file access rights and directory structure on the web server should then be defined according to the organisational structure selected. Above all, each person assigned partial responsibility should only have access to the subdirectories they are responsible for.

To ensure that the files and directories created always conform to the corresponding guidelines, their conformity should be checked automatically, for example using suitable scripts or macros. An appropriately prepared program should be made available to everyone and used after every change. In particular, the program should check if the access rights to all

• directories,
• files, and
• CGI scripts (if there are any)

were set correctly.

A log file of the changes performed should be created immediately.

A general problem when setting up and operating a web server is the necessity of cooperation between a variety of different people with different competences. For example, tasks such as

• creating new content,
• administrating the web server,
• designing the website,
• designing individual graphics,
• programming additional functionality for the web server (for example a database connection), and
• programming additional functionality that is used on the web client (Javascript, etc.)

are usually performed by different people. For technical reasons, it is generally impossible or not entirely possible to completely separate the access rights. For this reason, it is generally impossible to enforce the access restrictions stated above on a development system. In this case, it must be ensured that the development system does not contain any sensitive data. The access rights to a productive web server, though, can be handled restrictively in such an environment. In addition to delegating the responsibilities, it is also necessary to plan the tasks necessary for transfer. These tasks consist of examining the content published in addition to checking the access rights assigned as mentioned above.

Access restrictions on the web server

Before initial operation and/or prior to every update of a web server, it is necessary to specify who will be allowed to query the web server for information. It must be decided if only people working in-house at the organisation (possibly including telecommuters) or if any external users or only a limited group of users will be allowed to access the information provided. These restrictions may differ depending on the type of information involved.

If access to the web server will be restricted to a limited group of people only, corresponding safeguards must be implemented, for example those in S 4.94 Protection of web server files.

In addition, it is necessary to decide if only information can only be retrieved by the users as a matter if principle or if every user should be allowed to publish new information. Here, it is also necessary to specify which groups of users have which rights.

Clear directory structure

Since HTML files do not need to be arranged hierarchically, the directory structure of a web server has no effect on the method of operation. To make maintenance easier, though, it should be ensured that the directory structure is clear and well organised.

It is recommended to select the directory structure in such a way that the URL used to access a file already contains some information about the file. This may lead to relatively long path names under some circumstances, but it makes it easier for visitors to remember certain locations and to find them again later. Since many internet search engines output the full URL of each hit in the search results, a well-organised directory structure also makes it easier for visitors to find the information.

Since other web servers may generate links to your documents under some circumstances, changes to the names of documents and directories should be avoided. Therefore, the directory structure should be planned to include possible expansions.

Providing documents

A public website on the Internet is one method organisations use to present themselves to the general public. For this reason, appropriate care should be taken when preparing the Internet presence.

It is recommended to set up the website in the intranet first to gain some initial experience before connecting the web server to the Internet. Just a few simple applications should be used initially.

The information on a website is normally prepared in the form of HTML files that can be displayed directly in the web browser. However, files in any other format desired can be provided for downloading. In this case, the users must have an application to display the document on their computers and the files generally have to be stored on the user's IT system before they can be processed further.

If it is not necessary for users to make any changes to the documents provided (for example to fill out a form), the documents should be provided in formats that do not allow users to make changes easily. The use of proprietary document formats should be avoided whenever possible.

The quality of all HTML documents and web files intended for publication in the internet should be checked and the content of each approved before publication, just like for any other publication.

HTML documents are usually created using special HTML editors. Documents created using other formats can be converted to HTML using HTML converters.

If numerous documents subject to frequent changes are to be made available, it is recommended to connect the web server to a document database. This solution provides the users with fast search, view, and document administration capabilities. It is also useful to allow access to existing company data with the help of a database connection. In this case, though, the database server and/or document database must be included in the web server security concept.

Before uploading new files to a web server, the files should be examined to check if they contain any residual information (see S 4.64 Verification of data before transmission / elimination of residual information).

Configuration management

Since experience has shown that the content of websites changes often, it is important to establish a properly functioning configuration management system. The links and references should be checked to ensure they are up to date, and files and documents should be scanned for viruses using an up-to-date virus scanner before publication as well.

Checking and release process

It is equally important to submit all publications to a defined and traceable check procedure. This procedure should include quality control of the content, as well as a formal release procedure. It is also necessary in this case to check whether the information is suitable for publication at all or whether it is confidential, subject to data protection laws, protected by copyrights, etc., for example.

For large websites, it may make sense to use a web content management system. Such systems simplify many workflows arising in conjunction with maintaining the website. Information released for publication via electronic media should be digitally signed so that all readers have the opportunity to check the authenticity of the information.

Publications that do not reflect the opinions of the organisation must be identified as such.

Consideration of the legal framework

When operating a web server, there are various laws and legal restrictions that need to be taken into account (in Germany, such legal conditions include the Teleservices Act, the State Treaty on Media Services, and the data privacy laws, etc.).

For example, commercial websites are required to have a legal notice stating the name of the person responsible for the website and a contact address. Depending on the content of the website or the industry of the provider, additional information may be required under some circumstances. Before releasing a website for publication on the internet, it must be clear which information will be published, where it will be published, and in what form it will be published.

Review questions:

• Has it been defined which information is made available on the Internet and which on the intranet?
• Are guidelines for a uniform appearance of documents, file names, and directory names drawn up on the basis of the determined document creation process and the document application?
• Are persons in charge of uploading and checking the guidelines of information and files appointed and are these only granted access to the areas of the web server assigned to them?
• Are changes performed to the web server content logged?
• Development system: Does the development system contain no sensitive data?
• Has it been defined who may query, upload, or modify which information on the web server?
• If a limited group of persons has access rights: Are access restriction safeguards taken?
• Is the directory structure planned for extensions and are changes to document names and directory names avoided as far as possible?
• If users only read the documents provided: Are document formats used that are hardly changeable?
• Are proprietary document formats avoided?
• Is the information to be published subject to an editorial release?
• When connecting the web server to a database server or a document database: Has the database server or the document database been incorporated into the web security concept?
• Is there a functional configuration management?
• Has it been ensured that the integrity of the files to be published is guaranteed (no undesirable residual information, no viruses)?
• Is there a comprehensible check procedure for all publications checking the content-related quality, formal guidelines, and the ability to be published?
• Have all legal general conditions been taken into consideration, e.g. the Teleservices Act?