For the reasons outlined below I believe the web services at IMSc need to be re-organised. Before anyone jumps the gun this should not lead to any change in the content or display or URL's of our web pages---the re-organisation is at the server level.
A. We should allow users to log in and edit their web pages without NFS.
B. We are already hosting IARCS. Others have expressed a similar desire.
C. There does not seem to be a way to securely provide dynamic content when users can log in and create (possibly erroneous) scripts.
D. Some users have also requested that they be allowed to set up their own web servers which can be accessed as (for example) http://www.imsc.res.in/~user/.
So the simplest solution is to have one machine for each activity A, B and C. The users can set up servers like D on their desktop at the discretion of the Web committee or a solution like that for B can be provided for such users. The machine A would also act as a proxy front-end for B C and D.
In what follows some terminology is required:
"Dynamic" web pages are pages which are "created" at the point when a browser requests them. All other pages (including those created periodically by cron jobs or other update mechanisms) can be considered "Static".
"Hosting" a web site means providing a server that responds to a specific name http://a.b.c/ and providing the "owners" of this domain name with a mechanism to update the data that is distributed by this server. Moreover, it is assumed that the traffic for such a site is not large in comparison with our bandwidth. The web pages are likely to be both Static and Dynamic.
So here is the proposal:
Existing pp3 will act as machine A. Services B and C will be migrated to other servers. In particular, this machine will only have Static content. It will proxy for the dynamic content on other machines.
We will create a machine webhost.imsc.res.in which will reside outside the IMSc firewall. This machine will provide the services for B. The precise nature of this machine needs to be worked out.
We will create a machine weave.imsc.res.in which will reside inside the firewall and will be accessible only by the system administrator. This machine will host WebMail, the AnnualReport system, the Calendar and all other Dynamic web content; we will migrate these services to this machine one by one.