[5/18 5:00pm - Editor's update: Merlijn has sent me a new PDF, which includes two very important revisions. The first is the inclusion of tcsh (not bash) shell instructions, and the second is the actual compilation of mod_ssl. If you've downloaded the PDF, please do so again now to get the newest version.]
Merlijn Tishauser has written a very thorough how-to on installing:
The latest Apache (1.3.19) and ...
PHP 4.05 and ...
mod_ssl
mod_ssl is the Apache interface to OpenSSL, and you can read more about it on the mod_ssl web site. SSL stands for Secure Sockets Layer, which lets you speak to the web server using encrypted data streams (a gross simplification, I know, but it's the best I can do!).
Merlin has compiled his how-to into an easy-to-read PDF, which I have posted on my iDisk - Click here to download it. His how-to also contains a complete copy of his httpd.conf configuration file, in case you're having trouble getting your Apache configured.
If you're interested in creating secure servers, give Merlin's how-to a thorough reading. I have not done this on my machine, so I can't provide any first hand advice, but it looks to be well written and easy to understand.
OS X brings a new requirement that every user of the system (even if they're the only user of the system) have a password. Although it's tempting to make your password as easy to remember as possible, that's not necessarily the best plan, especially if you have a full time Internet connection. Here are some tips to creating a strong password on any system, with some specific info on OS X.
In case you were not aware, OS X has a limit of eight characters for login passwords. This is not a "hard limit" (ie you can keep typing after eight characters), but rather, a "soft limit". OS X will only pay attention to the first eight characters of your password; anything beyond that is ignored. So even though you think "pastrami3tZ8n" is a secure password, it's really just the word "pastrami", which isn't secure at all.
For the most secure OS X password possible, you should:
Use a long password, up to eight characters, but don't bother going over that. A reader on the X4U mailing list pointed out that many cracking algorithms start at eight characters, as this has been an upper limit in UNIX for quite a while. So use what you're comfortable with, but in general, longer should be better.
Mix numbers and letters.
Mix upper and lower case.
Do not use dictionary words.
Do not use 'familiar' words such as the names of pets, kids, or other relatives, birthdates, anniversaries, etc.
Do not use the same password on your machine that you use online; most online web passwords are not encrypted, and can be intercepted.
Plan on changing your password regularly; change the length and mix of characters; don't just change the ending digit (ie don't go password1, password2, password3, etc.).
I realize this is truly basic information, but with so many people now having full-time internet connections, the importance of a good password cannot be understated!
NOTE: The info above regarding the eight character password limit is no longer true. See the comments; it has been removed...
If you occasionally use the terminal as root, you should consider using a different prompt when 'rooted' - this will help you remember that you are working as root, and hopefully prevent you from doing something that you didn't intend to do.
The first step is to create a file named .tcshrc in /var/root (this file could also probably be created as /var/root/Library/init/tcsh/rc.mine, but I haven't tried that). You'll be placing your prompt in this file, so that it gets loaded each time you start a root session. Here's what Keith O. placed in his root .tcshrc file:
set prompt="%{\033[32m%}%n @ %/ on $host %#%{\033[30m%} "
This changes the content and color of the prompt, so that it differs from that of his normal user. If that looks completely foreign to you, that's perfectly normal! Read this hint for a general overview of prompt variables, including an explanation of the color codes, which should help clear things up (a little!).
You can experiment all you like in a terminal session - whatever you set as prompt will only last until you change it again or close the session. It only becomes permanent when you place it in root's .tcshrc file. Also read the referenced hint for setting your normal user's prompt. You can do some pretty neat stuff once you figure out the structure. For instance, this is my normal prompt string:
set prompt="%{\033[0;1;32m%}[%{\033[36m%}%t %n%{\033[32m%}%{\033[33m%}[space] %c3%{\033[32m%}]%{\033[0m%}%# "
Note: Replace [space] with the actual space character, and enter on one line; broken for easier display. That prompt string leads to this prompt display:
The colors help the prompt stand out from the text that flows as the result of whatever command I'm running. Customizing your prompt string (for both your normal user and root) is a good way to make your time in the terminal more productive.
If you're interested in learning more about how to compile UNIX programs for OS X, I found a great reference on the X4U mailing list. This tutorial will walk you through the basics of downloading, expanding, configuring, and compiling UNIX programs. It's not specific to OS X, but it's a great overview of the process.
I've also added the URL to the links section of the site.
If you have filesystem errors, Mac OS X doesn't allow you to repair the startup disk, so you need to boot from a CD to run a repair utility. Of course if you formatted your drive in UFS, tools like Disk First Aid and Norton Utilities won't be able to do anything for you. However, Apple has provided a solution.
If you boot from the OS X install CD, you can go to the Installer menu, and choose "Open Disk Utility...". This will allow you to test and repair both UFS and HFS+ disks, without having to venture into the scary land of terminals and Single User Mode.
I just discovered (a colleague of mine) that when you double click on the rotating arrows in the main window in the Mail.app, the activity window appears. That's a bit easier than selecting it in the Window menu.
This is something I saw somewhere else but cannot remember where.
If you disable all of the ATI extensions in Classic (which aren't needed if you're running OS X) then you seem to get better performance in some Classic applications.
[Editor's note: As an expansion of this theory, there's a bunch of stuff that I've disabled in Classic - nearly everything, in fact. I basically installed just the base OS with networking, and nothing else. Then I installed (running the "Classic" 9.1 natively) all my apps that put bits into the system folder (Office98, goLive, etc.). Then I restarted into X and set my lean OS 9.1 as my Classic volume. You can definitely improve performance and decrease loading time by thinning your Classic system -- which is another argument for having your "real" OS 9.1 on another partition, so you don't have to mess around with extension sets.]
This is completely useless tip, but OS X stores the version number in /System/Library/CoreServices/SystemVersion.plist
If you edit this file, you will be able to make it say Mac OS 3 (build 3p14) in the about this mac.
Pi
[Editor's note: This shouldn't bother anything like future upgrades, since they look elsewhere to see if they're needed ... however, use at your own risk. During the Public Beta, people had great fun changing the version number and publishing screenshots to confuse forum readers!]
