The web server that hosts the groups.inf.ed.ac.uk web site (and various others) is one of the last to be upgraded to SL7. I had hoped to squeeze it in before the end of the year, but it will now happen on Friday January 12th 2018.
The groups.inf web server actually hosts multiple sites, the main ones being (groups|conferences|workshops).inf.ed.ac.uk, but see the complete list at the end of this post.
The upgrade will change the version of Apache from 2.2 to 2.4 and, as with the homepages upgrade, this may require some changes to .htaccess files if you use them. As these files will be accessed (at least for a short time) by both the SL6 Apache 2.2 and then SL7 Apache 2.4 servers, then you need make the changes conditional on which server is
parsing the file or you will get errors.
I’ve already searched for .htaccess files that could be affected, and edited them to use the new directives, eg if you had an .htaccess file that had:
Order allow,deny Deny from all
Then it will now look like:
<IfVersion < 2.4> Order allow,deny Deny from all </IfVersion> <IfVersion >= 2.4> require all denied </IfVersion> # neilbSL7
The # neilbSL7 is just a marker I used to record that I’d updated the file. For a list of changes when upgrading from Apache 2.2 to 2.4, see https://httpd.apache.org/docs/2.4/upgrading.html.
SSI expressions have also changed, but the old behaviour can be enabled with SSILegacyExprParser on in a suitable .htaccess file. I’ve actually made this the default for groups.inf to aid transition, but would like to turn it off at some point in the future.
The PHP version will also change from 5.3.3 to 5.4.16. Again, at some point in the future, I’d like to update that further to 5.6.
For anyone using Cosign access control, then simply turning on Cosign with “CosignProtected on” is not enough to force authentication with Apache 2.4. You need the full:
CosignProtected On AuthType Cosign Require user AAA BBB CCC
Also “CosignAllowPublicAccess on”, does not work as it did before. If you have it set on and then try to do a “require valid-user” (or similar) you will get a server error because of the conflicting instructions. So sections that were “Allow public access on”, you’ll just have to not enable authentication at all, or be happy to turn off public access, and force authentication.
Where I can, I’ve created temporary “sl7” URLs to the various .inf.ed.ac.uk sites (listed below) so you can test your site on the new server ahead of the upgrade. There is just an extra “.sl7” in front of the existing “.inf.ed.ac.uk” part of the URL eg http://groups.inf.ed.ac.uk/ becomes http://groups.sl7.inf.ed.ac.uk/
For sites who’s DNS is not within inf.ed.ac.uk, there are no test URLs. If the owners want to contact me ahead of the switch, I can probably arrange a temporary URL to try things on. Best to do that via the support form.
Previous upgrades of web servers from SL6 to SL7 have been fairly uneventful, so hopefully this upgrade will be equally smooth.
List of all web sites hosted on the groups.inf server
# There are .sl7.inf.ed.ac.uk test URLs for all the sites above here
# but not for the following