Introduction

Allow me to take a moment to tell you who I am and what I do. I work as a system administrator for an ISP that has been serving several thousand customers since 1996. When FrontPage extensions came out back in 1997 many customers requested that we install the FrontPage extensions so that they could just hit publish on their client and not deal with FTP at all. However, we did not see the value in spending the time to implement them and over the next few years we had to wave those extensions off as too much of a security risk to be able to install them.

In early 2000 I was assigned the project of redesigning our web server setup in order to "Better meet the needs of our customers". One of the primary objectives was to get FrontPage extensions working, no matter what. Many of us felt that if we did not present our customers with a new web server solution that included FrontPage capabilities that we would end up losing a substantial amount of business.

Upon initially looking into FrontPage extensions I noticed that it would require a recompile of the Apache server. I thought this was rather limiting since all of our production machines are Red Hat Linux based and we would like to have RPMs for all major software installations. Also, we needed to have SSL capabilities for our current SSL customers. We would have liked to use Red Hat Secure Web Server, but Red Hat claimed on their website that using FrontPage with their server was impossible since it would require a compilation of the httpd binary. Covalent Technologies' Raven SSL was the only option at the time for doing FrontPage extensions with SSL. However, Raven SSL did not come in RPM form. So we took it upon ourselves to do a little work and make things work the way we wanted them to.

All of the research and testing for this presentation was done on Red Hat Linux systems either running version 6.2 or 7.0. Red Hat's Secure Web Server (versions 3.2 - 3.2.2) is the web server that we used for our virtual domain web server. Secure Web Server is basically Apache coupled with mod_ssl and BSafe(a product by RSA that you can not easily get the source code for). Plain Apache 1.3.12 through 1.3.17 have also been used.

Due to the lack of official information on the FrontPage protocol and historical information, I may be slightly incorrect in some of these explanations. But I'm mostly right. ;-) Also, if anything that I say here happens destroy your web server, damage equipment or anything like that, I can't be held responsible for it.

The main purpose for this presentation is to help prevent people like you from pulling your hair out while trying to integrate FrontPage into your web server setup. If at all possible, DON'T USE FRONTPAGE AT ALL. That may sound a little like I'm giving a presentation on the wrong topic, but I'm trying to help guide people who are probably going to use this technology anyways. Most likely because it is being demanded of them by the populous at large or the management of your company. This might be you.

I think that the time you spend trying to get the FrontPage extensions to work on your web setup could be far better spent writing very nice and convincing documentation and presentations about HTML, CGI and how to incorporate them into a website. All most people want is something easy and to most people FrontPage is easier than learning about all of this "code". But if you can make writing the code easier for the user, they are likely to meet you half way. In the long run, it will be better for both of you. Ok, I've made my rant, now I'll move along.