What is WebMon?
WebMon configures OS X's built-in web server to support server-side includes, execCGI, PHP, SSL and WebDAV, for multiple domains running on the same server.
With WebDAV turned on, your web server acts like an iDisk, allowing you to connect to the WebDAV folder remotely, securely, and directly from the Finder, so you can save, share, and distribute your files and folders. You can also use the WebDAV folder to share your iCal calendars.
WebMon also helps you set up the web server so that you can monitor its log file from a remote machine. WebMon is able to help you monitor any number of web servers from a single remote machine.
Configuring OS X's built-in Web Server
When you first run WebMon on the server machine, you will see WebMon's "Configure Web Server" window, above.
The first panel in the WebMon's "Configure Web Server" window allows you to turn on PHP, Server-Side Includes, execCGI and WebDAV, and turn off Directory Listing, while giving you the option to make a back-up of the current config file, build from the default Apache config file, or base it on the one you have existing on your server.
New with WebMon for Snow Leopard is the ability to configure your server to host multiple domain names on the same physical machine.
Turning on WebDAV
You can create multiple WebDAV folders, each with its own user name and password combination.
There is a WebDAV Help button, that will show you how the four editable WebDAV parameters - WebDAV Realm, WebDAV folder, User Name and Password - will appear in the OS X authentication dialogs when you try to publish an iCal calendar or access a WebDAV folder from the Finder's "Go / Connect to Server" Menu.
There is also a "Turn on Directory Listing" check box which will turn on auto-listing of directories, for when you want to share folders of files and images with people who have not been given write access to that directory.
Sharing iCal Calendars
Once you have WebDAV turned on, you can start sharing iCal calendars on the server. The following picture shows you how to set up iCal to publish your calendar, assuming that you're using the default values for the name of the WebDAV folder, login ID and password :
The following shows the result of a successful operation :
Sharing Files and Folders like an iDisk
You can make the WebDAV folder act like your very own .Mac iDisk. This is how you can connect to it remotely, directly from the Finder. From the Finder menu, choose Go and then Connect to Server.
You will see the dialog box below. Enter the domain name or the IP address of the web server that you have just set up using WebMon (in place of 10.0.1.205). Also, note that the protocol used is http and not afp or ftp :
If your server is accessible and WebDAV is running, you will be asked to authenticate with it. Enter the WebDAV user ID and password (default "webdav" and "dav" respectively, unless you have changed it) :
If you authenticated correctly, you will see your WebDAV folder directly on your desktop and you can drag files and folders onto it. Unlike ftp, you can actually double-click on these documents, launch the application (in my case, Keynote, because I have a Keynote document), and make changes to it.
WebDAV is "better" than using ftp because you have one less port to open (it uses the web server's port 80). It is a bit faster. And it integrates smoothly with the Finder, allowing you to work with the WebDAV folder like any ordinary Finder folder.
Setting up SSL
WebMon for Snow Leopard has an improved interface for managing SSL certs. When SSL is turned on at the server and the browser accesses the web server with an 's' added to the http call, like this :
all communications between the server and browser will then be encrypted.
This option can be easily turned on with the use of a test cert that WebMon can help you generate (the "Create a Test Cert" button).
First, make sure that the domain name that you're using to access the server is entered into the Domain Name field into the first column of the first record in the list of domains hosted by your web server (the main domain), like cutedgesystems.com, above. Then make sure to create the test cert.
Then select the "SSL" and "Use a test certificate" options and hit Configure Web Server, and you will be able to access the web server by its domain name over SSL.
Once you have an idea of how your web site might work with SSL on, you might want to get a real "live" cert from a Certification Authority (CA) like RapidSSL. WebMon will help you generate the Certificate Request that is needed by a CA, below. You can reach this dialog box by clicking on the "Use a Real Cert" button.
Once the certificate (text block) is returned from a CA, you can paste it back into WebMon, into the CERTIFICATE field, below. Make sure you retrieve the PRIVATE KEY it should be paired with by clicking on the "Copy" key button. WebMon will take care of saving it into the right place.
WebMon will also allow you to import a pre-existing live certificate to be used with the web server. Just drag or paste the certificate and private key pair into their corresponding fields. and click "Save Cert". WebMon will then stash them into the right places in the /System/Library/OpenSSL/ folder for SSL to work when you hit the Configure Web Server button as you get out of the cert management dialog.
Monitoring the Web Server, both local and remote
WebMon provides a web monitor for you to monitor the web server, both locally on the server machine, as well as from a remote machine running another copy of WebMon, so long as you have Remote Login turned on at the server machine in Sharing Preferences in System Preferences.
Panel 2 of WebMon ("Monitor Local & Remote WebServers") allows you to do that. If you are able to ssh (remote login) into your server machine from a remote machine, you should be able to use WebMon to monitor the server remotely from another machine.
However, ssh and its auto-login feature (which allows you to connect to the server from a trusted machine without having to send over a password to initiate the login connection each time) is quite hard to do by an ordinary user.
Therefore WebMon includes a facility to help you do that. You can do this in two steps.
Step 1 - Test that Remote Login works while still on the server machine
First you continue to work on the server and make sure that Remote Login (SSH) is turned on in the Sharing Preferences :
Then you add another record to WebMon's Web Server list as shown below :
We use "username@localhost" (where username is the ID of an admin-level user on your server) because we can pretend to be logging in to our server via the SSH Remote Login mechanism, even though we're still working locally on the server.
This allows us to test that Remote Login is properly configured before we move on to deal with the added complexity of connecting to our server over a network, e.g., before we have to deal with time-outs from having a slow network etc.
Now with username@localhost selected, we click on WebMon's "Check Connection" button. If SSH is not yet set up, WebMon will warn us and turn on its "Set Up Remote Connection" button :
Clicking on "Set Up Remote Connection", WebMon will ask you for the administrator's password and attempt to set up the auto-login SSH connection.
If the password given is correct and authenticated, WebMon will report that the connection is now OK, and you should be able to click on the "Launch Log Window" button and launch a log monitor window, as shown below :
If you're able to get a list of the log records via username@localhost, it shows that your SSH Remote Login set up is working correctly.
You can now go on to the final step, knowing that any problems connecting to your server from a remote machine is probably due to either time-out problems from a slow network, or due to firewall or other network issues, rather than an inability to set up the Remote Login connectivity properly.
Assuming that our server can be reached via a domain name cutedgesystems.com, say, we now run WebMon on a remote machine, e.g., the administrator's personal iBook or PowerBook.
We add a server for WebMon to monitor, as shown below :
We're now at a remote machine, connecting back to our server at cutedgesystems.com.
We do the same two things as in Step 1 above - click on "Check Connection" and then click on "Set Up Remote Connection" with our administrator's password to establish the credentials of our remote machine with our server machine so that the server will trust an incoming SSH connection from this specific remote machine.
If the network doesn't introduce any problems, we should be able to establish a similar auto-login connection to the one before, only this time we're really connecting from across the network and so things work a bit more slowly now.
If we're successful with the connection, we should be able to monitor the web server from our remote machine, as well as do any of the same configuration tasks that we had done locally.
The WebMon Web Server table allows you to list any number of servers that you might want to monitor from this remote machine. WebMon remembers the individual setting for each machine.
WebMon's Log Window
WebMon allows you to monitor your web server's in-coming hits through its log window, below :
WebMon's log window allows you to set the number of records you want to retrieve from the log file at /var/log/httpd/access_log, whether you want to ignore hits from bots and crawlers, and whether you want to show only page views and ignore the hits on images.
You can filter the display further through the use of the Search Field, below.
WebMon allows you to show or hide individual columns in the table through the use of the pop-up menu at the top right hand corner of the table :
The column order can be re-arranged and re-sorted. WebMon will show you the details of each hit as you click on each row in the table, including the country from which the hit is being made, below :
If the hit has a referrer, double-clicking on the record will launch the referrer page. With a record selected, you can do a Shift-Command-C and copy its IP address to the Search Field. This will immediately filter the display to show only the hits coming from this IP address, and this is useful for tracing the path taken by one particular browser through your web site.
Other items in the Navigation menu allows you to clear the Search Field, return the search to the most recent search string, as well as scroll the display back to the currently selected record.
WebMon saves the list of recent searches across application launches, as well as the size and position of the table columns.
WebMon's File menu provides you with two ways of keeping a persistent history of the log records - one as an exported file which can be read as either a tab-delimited or comma-separated file in Excel, and another as a saved file which can be read back by WebMon.
WebMon is a Cocoa document-based application, so you can open as many windows of log records as you like.
Finally, WebMon's Help menu allows you to edit the Bots and Page Views exclusion list, check for updates to WebMon, come back to this WebMon home page on the web, as well as to re-open the Configure Web Server window.
WebMon starts by working like MailServe or DNS Enabler, helping you set up a server machine, in this case the web server functions, but it goes a bit further, in the sense that it allows for remote monitoring of the server machine, and it allows you to monitor any number of servers from a single remote machine.
It does things like WebDAV and SSL that used to be difficult for an ordinary non-techie Mac user to set up, and it does it all with the one-click simplicity of the Mac. It's one more step towards making the Mac the ultimate business machine.
4.0 30th August 2009. WebMon for Snow Leopard released.
4.0.1 7th September 2009. Minor tweaks and bug fixes.
4.0.2 10th November 2009. WebMon Snow can now set up WebDAV folders for each domain, instead of only for the main primary domain. However, WebDAV over SSL will only work for the main domain. Also fixed a problem where WebDAV folders appear to be read-only when the root folder for the domain is changed from the default "/Library/WebServer/Documents".
4.0.3 10th November 2009. The Apache web server on OS X has been updated to version 2.2.13 with Snow Leopard version 10.6.2. With Apache 2.2.13, SSL only works for the primary domain. Prior to 2.2.13, we can still turn on SSL for the secondary virtual domains but the cert can only be associated with the primary domain. But with 2.2.13, we cannot even turn on the Virtual Host directive for the secondary domains within the IfModule SSL_module block. If we do that, we get an "[error] Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)" message. WebMon Snow 4.0.3 has been updated to disable attempts to turn on SSL for secondary domains.
4.0.4 17th January 2010. Added two new features. WebMon now allows the server aliases to be changed, rather than be set to the default *.domain.name, so that the server admin can easily set up sites with sub-domains. Also WebMon now allows Custom Apache Directives to be set for each hosted domain (called Domain-Specific Directives), on top of the ones that are set for the server as a whole (called the Server-Specific Directives).
4.0.5 6th March 2010. From this version on, WebMon Snow creates SSL test certs and cert requests at a default 2048 bits instead of the previous 1024 bit standard. There is a movement towards supporting only 2048 bit length keys by Certificate Issuers and browser makers by December 31st 2010 and so this is to prepare for it.
4.0.6 5th April 2010. WebMon Snow now takes advantage of Snow Leopard's ability to spawn off tasks in parallel to the multiple processors in modern-day Macs. If you're accessing the log records from a remote server over a slow Internet connection, the spinning beach ball cursor doesn't appear, the Mac appears to work faster and continues to be responsive even if you launch another log window to monitor a different server. This version also includes an up-to-date IP address-to-country mapping database.
4.0.7 27th June 2010. Updated WebMon Snow to include the latest, most current IP address-to-country database.