comp.lang.ada
 help / color / mirror / Atom feed
* Ada/GNAT/AWS-friendly web hosting
@ 2024-09-12 14:25 Marius Alves
  2024-09-12 14:48 ` J-P. Rosen
                   ` (6 more replies)
  0 siblings, 7 replies; 27+ messages in thread
From: Marius Alves @ 2024-09-12 14:25 UTC (permalink / raw)


Researching how to build an HTTP server (serving a website) on a local 
machine (MacOS) using AWS (Ada Web Server) and deploy it on a web 
hosting provider (e.g. 1dollar-webhosting.com).

Anyone done that? I've searched but could not find.

Thanks.
_____

Some specific questions on my mind follow.

Is a MacOS host required (e.g. Ultahost 15 euros/month; I'd rather stay 
with 1dollar)?

If the host runs on Linux then cross-building (from MacOS to Linux) 
required, right? GNAT does that, right?

Or, must the program be built in the host? (Thus requiring GNAT be there.)

The host is already running an HTTP server program (probably Apache). 
Must it be turned off? How?

In general, can the executable be launched on a VPS (Virtual Private 
Server)? Which port?

Will dynamic linking work? I'm guessing not, so, static; but then, will 
GNAT integrate the right libraries for Linux in the executable?

Will "Community GNAT" do? (Instead of GNAT Pro.)

Are those the right questions?

Thanks, thanks, thanks, thanks, thanks, thanks and thanks.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
@ 2024-09-12 14:48 ` J-P. Rosen
  2024-09-12 14:54 ` DrPi
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 27+ messages in thread
From: J-P. Rosen @ 2024-09-12 14:48 UTC (permalink / raw)


Le 12/09/2024 à 16:25, Marius Alves a écrit :
> Researching how to build an HTTP server (serving a website) on a local 
> machine (MacOS) using AWS (Ada Web Server) and deploy it on a web 
> hosting provider (e.g. 1dollar-webhosting.com).
> 
> Anyone done that? I've searched but could not find.
Adalog's site (https://www.adalog.fr/) is a standalone program written 
in Ada with AWS.

So are the sites for the various Ada-Europe conferences (see 
https://www.ada-europe.org/conference2024/ for example).

And many others...

> 
> Thanks.
> _____
> 
> Some specific questions on my mind follow.
> 
> Is a MacOS host required (e.g. Ultahost 15 euros/month; I'd rather stay 
> with 1dollar)?
No

> If the host runs on Linux then cross-building (from MacOS to Linux) 
> required, right? GNAT does that, right?
Never tried, but no reason it shouldn't be possible

> Or, must the program be built in the host? (Thus requiring GNAT be there.)
That's what I do

> The host is already running an HTTP server program (probably Apache). 
> Must it be turned off? How?
Of course, you cannot have two programs listening on the same port, so 
if you want to listen to 80 or 8080, you'd better stop Apache (or any 
other program) to do that. As for me, I don't run Apache at all.

> In general, can the executable be launched on a VPS (Virtual Private 
> Server)? Which port?
The port is given by the initial data of AWS

> Will dynamic linking work? I'm guessing not, so, static; but then, will 
> GNAT integrate the right libraries for Linux in the executable?
You just compile your program like any other Ada program

> Will "Community GNAT" do? (Instead of GNAT Pro.)
Yes, that's what I do

> Are those the right questions?
All questions are right....

> Thanks, thanks, thanks, thanks, thanks, thanks and thanks.
You're welcome

-- 
J-P. Rosen
Adalog
2 rue du Docteur Lombard, 92441 Issy-les-Moulineaux CEDEX
https://www.adalog.fr https://www.adacontrol.fr

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
  2024-09-12 14:48 ` J-P. Rosen
@ 2024-09-12 14:54 ` DrPi
  2024-09-12 17:06   ` J-P. Rosen
  2024-09-12 22:40   ` Lawrence D'Oliveiro
  2024-09-12 16:22 ` Jeffrey R.Carter
                   ` (4 subsequent siblings)
  6 siblings, 2 replies; 27+ messages in thread
From: DrPi @ 2024-09-12 14:54 UTC (permalink / raw)


Le 12/09/2024 à 16:25, Marius Alves a écrit :
> Researching how to build an HTTP server (serving a website) on a local 
> machine (MacOS) using AWS (Ada Web Server) and deploy it on a web 
> hosting provider (e.g. 1dollar-webhosting.com).
> 

> The host is already running an HTTP server program (probably Apache). 
> Must it be turned off? How?
The usual way is to use Apache (or nginx or another one) as a front end. 
Your application uses port 1080 (or something else) and the front end 
relays this port to the external 80 port.
This way, the security stuff is manage by the front end, not your 
application. You can also run multiple applications, each being 
redirected to its domain name/path.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
  2024-09-12 14:48 ` J-P. Rosen
  2024-09-12 14:54 ` DrPi
@ 2024-09-12 16:22 ` Jeffrey R.Carter
  2024-09-12 22:29   ` Lawrence D'Oliveiro
  2024-09-12 18:48 ` Dmitry A. Kazakov
                   ` (3 subsequent siblings)
  6 siblings, 1 reply; 27+ messages in thread
From: Jeffrey R.Carter @ 2024-09-12 16:22 UTC (permalink / raw)


On 2024-09-12 16:25, Marius Alves wrote:
> Researching how to build an HTTP server (serving a website) on a local machine 
> (MacOS) using AWS (Ada Web Server) and deploy it on a web hosting provider (e.g. 
> 1dollar-webhosting.com).

In my experience, this would be easier done with Gnoga 
(https://sourceforge.net/projects/gnoga/) than AWS. On a web-based system using 
AWS quite a while ago, we had to have a number of JS files. Although we had a 
lot more Ada than JS, we spent a lot more effort correcting JS errors than Ada 
errors.

Gautier de Montmollin has made Gnoga programs publicly available, such as his 
Pasta! game (http://pasta.phyrama.com/), so might be able to help with your 
hosting questions.

-- 
Jeff Carter
"[O]ne can look forward to a rapid and widespread
improvement in programming practice, both from
those who use the language [Ada] and from those
who study its concepts and structures."
C. A. R. Hoare
181

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:54 ` DrPi
@ 2024-09-12 17:06   ` J-P. Rosen
  2024-09-12 17:16     ` Kevin Chadwick
  2024-09-12 22:35     ` Lawrence D'Oliveiro
  2024-09-12 22:40   ` Lawrence D'Oliveiro
  1 sibling, 2 replies; 27+ messages in thread
From: J-P. Rosen @ 2024-09-12 17:06 UTC (permalink / raw)


Le 12/09/2024 à 16:54, DrPi a écrit :
> The usual way is to use Apache (or nginx or another one) as a front end. 
> Your application uses port 1080 (or something else) and the front end 
> relays this port to the external 80 port.
> This way, the security stuff is manage by the front end, not your 
> application. You can also run multiple applications, each being 
> redirected to its domain name/path.
But security breaches mainly use known bugs in Apache... If you write 
your own server with AWS, the attacker knows nothing about the software 
that answers! And as for buffer overflows attacks... well, it's Ada. 
You'll see some handled Constraint_Error in the log file, end of story!

-- 
J-P. Rosen
Adalog
2 rue du Docteur Lombard, 92441 Issy-les-Moulineaux CEDEX
https://www.adalog.fr https://www.adacontrol.fr

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 17:06   ` J-P. Rosen
@ 2024-09-12 17:16     ` Kevin Chadwick
  2024-09-12 22:35     ` Lawrence D'Oliveiro
  1 sibling, 0 replies; 27+ messages in thread
From: Kevin Chadwick @ 2024-09-12 17:16 UTC (permalink / raw)


\r>> This way, the security stuff is manage by the front end, not your 
>> application. You can also run multiple applications, each being 
>> redirected to its domain name/path.
>But security breaches mainly use known bugs in Apache... If you write 
>your own server with AWS, the attacker knows nothing about the software 
>that answers! And as for buffer overflows attacks... well, it's Ada. 
>You'll see some handled Constraint_Error in the log file, end of story!

AWS uses OpenSSL or a fair bit better LibreSSL for TLS, written in C and
 quite often found vulnerable. You could isolate the nginx proxy to another
 machine though.


-- 
Regards, Kc

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
                   ` (2 preceding siblings ...)
  2024-09-12 16:22 ` Jeffrey R.Carter
@ 2024-09-12 18:48 ` Dmitry A. Kazakov
  2024-09-13 13:15 ` Stéphane Rivière
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 27+ messages in thread
From: Dmitry A. Kazakov @ 2024-09-12 18:48 UTC (permalink / raw)


On 2024-09-12 16:25, Marius Alves wrote:
> Researching how to build an HTTP server (serving a website) on a local 
> machine (MacOS) using AWS (Ada Web Server) and deploy it on a web 
> hosting provider (e.g. 1dollar-webhosting.com).

That depends on what the provider would allow you to upload to the host. 
Likely nothing executable... (:-))

> If the host runs on Linux then cross-building (from MacOS to Linux) 
> required, right? GNAT does that, right?

It is possible, but far simpler would be a virtual machine running 
Linux. E.g. I compile for Linux targets on virtual machines. Only for 
ARM I am using physical machines. You must know what kind of Linux your 
provider has in order to choose the right version of the libc etc.

> The host is already running an HTTP server program (probably Apache). 
> Must it be turned off? How?

Ask the provider. You would need the ports free.

> In general, can the executable be launched on a VPS (Virtual Private 
> Server)? Which port?

No idea.

> Will dynamic linking work? I'm guessing not, so, static; but then, will 
> GNAT integrate the right libraries for Linux in the executable?

If you ship the libraries together with the server. Then if the host 
runs Apache it must have some TLS library installed. You must learn the 
version an link against it.
In any case you need either OpenSSL or else GNUTLS. The HTTP server from 
Simple Components can use both. I believe that either can be built as a 
static library. I see no reason why AWS could not be linked statically.
BTW you must maintain certificates on the server.

> Will "Community GNAT" do? (Instead of GNAT Pro.)

I am not sure if all-static build were possible, e.g. libc, libgnat.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 16:22 ` Jeffrey R.Carter
@ 2024-09-12 22:29   ` Lawrence D'Oliveiro
  2024-09-13  9:03     ` Jeffrey R.Carter
  0 siblings, 1 reply; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-12 22:29 UTC (permalink / raw)


On Thu, 12 Sep 2024 18:22:28 +0200, Jeffrey R.Carter wrote:

> Although we had a lot more Ada than JS, we spent a lot more effort
> correcting JS errors than Ada errors.

Did you “use strict”?

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 17:06   ` J-P. Rosen
  2024-09-12 17:16     ` Kevin Chadwick
@ 2024-09-12 22:35     ` Lawrence D'Oliveiro
  2024-09-13  6:46       ` J-P. Rosen
  2024-09-14  6:38       ` Randy Brukardt
  1 sibling, 2 replies; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-12 22:35 UTC (permalink / raw)


On Thu, 12 Sep 2024 19:06:08 +0200, J-P. Rosen wrote:

> But security breaches mainly use known bugs in Apache... If you write
> your own server with AWS, the attacker knows nothing about the software
> that answers!

That’s called “security through obscurity”. Not recommended.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:54 ` DrPi
  2024-09-12 17:06   ` J-P. Rosen
@ 2024-09-12 22:40   ` Lawrence D'Oliveiro
  1 sibling, 0 replies; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-12 22:40 UTC (permalink / raw)


On Thu, 12 Sep 2024 16:54:45 +0200, DrPi wrote:

> Le 12/09/2024 à 16:25, Marius Alves a écrit :
>
>> The host is already running an HTTP server program (probably Apache).
>> Must it be turned off? How?
>>
> The usual way is to use Apache (or nginx or another one) as a front end.
> Your application uses port 1080 (or something else) and the front end
> relays this port to the external 80 port.

Yup, I do things this way for my Python+ASGI code, too. This called a 
“reverse proxy”, though I don’t know why -- I think “server-side proxy” 
would be more accurate.

Make sure your back-end server is listening only on a loopback address: 
127.0.0.0/8 (IPv4) or ::1 (IPv6). That way the only access to it from 
outside the machine is through the public web-server front end.

(Question to ponder: why does Ipv4 offer over 16 million different 
loopback addresses, while IPv6, which its much larger address space, has 
to make do with only one?)

> This way, the security stuff is manage by the front end, not your
> application. You can also run multiple applications, each being
> redirected to its domain name/path.

Yup.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 22:35     ` Lawrence D'Oliveiro
@ 2024-09-13  6:46       ` J-P. Rosen
  2024-09-14  6:38       ` Randy Brukardt
  1 sibling, 0 replies; 27+ messages in thread
From: J-P. Rosen @ 2024-09-13  6:46 UTC (permalink / raw)


Le 13/09/2024 à 00:35, Lawrence D'Oliveiro a écrit :
> On Thu, 12 Sep 2024 19:06:08 +0200, J-P. Rosen wrote:
> 
>> But security breaches mainly use known bugs in Apache... If you write
>> your own server with AWS, the attacker knows nothing about the software
>> that answers!
> 
> That’s called “security through obscurity”. Not recommended.
No, AWS is public and there is nothing hidden. Just that, since there 
are wayyyyy more users of Apache than of AWS, attackers will not bother 
to try to break in

-- 
J-P. Rosen
Adalog
2 rue du Docteur Lombard, 92441 Issy-les-Moulineaux CEDEX
https://www.adalog.fr https://www.adacontrol.fr

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 22:29   ` Lawrence D'Oliveiro
@ 2024-09-13  9:03     ` Jeffrey R.Carter
  0 siblings, 0 replies; 27+ messages in thread
From: Jeffrey R.Carter @ 2024-09-13  9:03 UTC (permalink / raw)


On 2024-09-13 00:29, Lawrence D'Oliveiro wrote:
> On Thu, 12 Sep 2024 18:22:28 +0200, Jeffrey R.Carter wrote:
> 
>> Although we had a lot more Ada than JS, we spent a lot more effort
>> correcting JS errors than Ada errors.
> 
> Did you “use strict”?

I don't know. It was quite a while ago and I didn't work on the JS. But the 
point is that when you use Gnoga, you don't need any to create any JS.

-- 
Jeff Carter
"He had no conception of the instrument. He
was blowing into it."
Take the Money and Run
135

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
                   ` (3 preceding siblings ...)
  2024-09-12 18:48 ` Dmitry A. Kazakov
@ 2024-09-13 13:15 ` Stéphane Rivière
  2024-09-13 14:33 ` Björn Persson
  2024-09-13 17:36 ` Nioclás Pól Caileán de Ghloucester
  6 siblings, 0 replies; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-13 13:15 UTC (permalink / raw)


Marius,

As a professional web hoster, I strongly advise you to forget Apache and 
use only Nginx, both as a proxy (in your case) and as a web server 
(generic case). Not only does Apache have security problems, but its 
performance is pitiful compared to Nginx.

If you have several sites, the ideal solution is to enter everything in 
https/port 443 on the nginx proxy (which will be able to manage X509/TLS 
https certificates) and exit on as many ports 8080, 8081, 8082, etc. as 
you have websites.

All the best from here.

-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
                   ` (4 preceding siblings ...)
  2024-09-13 13:15 ` Stéphane Rivière
@ 2024-09-13 14:33 ` Björn Persson
  2024-09-13 22:09   ` Lawrence D'Oliveiro
  2024-09-13 17:36 ` Nioclás Pól Caileán de Ghloucester
  6 siblings, 1 reply; 27+ messages in thread
From: Björn Persson @ 2024-09-13 14:33 UTC (permalink / raw)


Marius Alves wrote:
> Researching how to build an HTTP server (serving a website) on a local 
> machine (MacOS) using AWS (Ada Web Server) and deploy it on a web 
> hosting provider (e.g. 1dollar-webhosting.com).

I don't know about 1dollar, but a typical web hosting provider will
only let you upload static files (HTML, pictures et cetera), limited
snippets of web server configuration, and certain kinds of programs
that run under their web server's control. PHP is common. Some might
run Perl programs with mod_perl, or Python programs using WSGI.

Maybe some web hosts support CGI or FastCGI. Those interfaces can be
implemented in Ada. I think you'll have limited use for AWS in that
case, as the HTTP parsing is handled by the web server.

I think it would be hard to find a web host that lets you run arbitrary
network-facing daemons. To run your own web server you want a VPS (or a
physical server in a collocation facility, but if your security needs
don't rule out a web host, then a VPS is also fine).

> The host is already running an HTTP server program (probably Apache). 
> Must it be turned off? How?

A typical web host won't let you turn off their web server. They serve
many customers' content from the same Apache instance, so turning that
off would break all those websites.

> In general, can the executable be launched on a VPS (Virtual Private 
> Server)?

Sure. In a VPS you have the whole operating system to yourself (maybe
except for the kernel if the VPS provider uses OpenVZ). You install and
run whatever programs you want, just like on your own physical computer.
Maybe you'll be able to get a VPS with MacOS, if that's your preference.

In a VPS it's also your responsibility to install updates regularly,
and upgrade to a new major OS version from time to time. If you fail to
keep up, then criminals will take over your VPS and use it as a relay
when attacking others. Make sure that you'll be notified automatically
when there are updates to install.

> If the host runs on Linux then cross-building (from MacOS to Linux) 
> required, right? GNAT does that, right?

GCC – and thus GNAT – can be built as a cross-compiler. Perhaps you
can find one that someone has built and packaged for MacOS. Otherwise
you'll need to build your own from the GCC source code, configuring it
to be a cross-compiler. (That's theoretical knowledge. I have no
practical experience with cross-compilation).

> Or, must the program be built in the host? (Thus requiring GNAT be there.)

No, but in my opinion it's much easier that way. Either build on the
computer you'll run on, or on another computer of the same processor
architecture, running the same version of the same operating system.
That way you don't need to worry about getting the wrong version of
some library or build tool.

> Will dynamic linking work? I'm guessing not, so, static; but then, will 
> GNAT integrate the right libraries for Linux in the executable?

Cross-compilation should be able to work with shared libraries.
Regardless of whether the libraries are shared or static, libraries for
the target machine must be available on the build host. I guess you
would either install packaged libraries on the target machine, and copy
those to the build host, or else cross-compile the libraries too. You
need to configure search paths carefully so that both the compiler and
the linker find the cross-libraries instead of the native ones. This is
one of the complications you avoid by building natively.

> Which port?

Normally port 443, because of course you'll use HTTPS, won't you?
Optionally you can also have an HTTP server on port 80 that responds to
every request with a redirection to HTTPS.

If you choose to put AWS behind a reverse proxy like DrPi suggested,
then the reverse proxy listens on port 443 on your public IP address,
and you tell AWS to listen on some other port and only on the localhost
address, ::1 or 127.0.0.1.

Björn Persson

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
                   ` (5 preceding siblings ...)
  2024-09-13 14:33 ` Björn Persson
@ 2024-09-13 17:36 ` Nioclás Pól Caileán de Ghloucester
  6 siblings, 0 replies; 27+ messages in thread
From: Nioclás Pól Caileán de Ghloucester @ 2024-09-13 17:36 UTC (permalink / raw)


[-- Attachment #1: Type: text/plain, Size: 1312 bytes --]

Aonix used Apache. WWW.PTC.com is not saying that it uses AWS. IBM is 
using AkamaiGHost. OC Systems Inc (nice company) is using Apache. DDC-I, 
Inc. is using nginx. Ada Core is using nginx-rc. WWW.BKsv.com uses 
cloudflare. Green Hills Software and Irvine Compiler Corporation are using 
Apache. Not good advertisements.

(RR Software, Inc. and Ada-Auth.org use RRS Ada HTTP Server.)

"Marius Alves" wrote yesterday:
"Anyone done that? [. . .]

Thanks.
_____

Some specific questions on my mind follow.

[. . .]

Are those the right questions?

Thanks, thanks, thanks, thanks, thanks, thanks and thanks."

I emailed in July 2010:
"Dear Marius Amado-Alves,

This is serious. I do not ever remember receiving a reply from you to the 
email which I had sent for you in March 2008. Perhaps you had replied and 
I somehow do not notice. [. . .] So, if you had replied, please advise me 
of this. If you had not replied, then please answer: Do you object to 
being identified in a paper documenting much of the supposed research 
unsuitable for space and SystemC® fraud which I discovered in Pisa, on 
account of how unhelpful you were? Do you wish to propose how to phrase a 
mention of how you behaved in the paper?"

I ask "Will answers be given?" more fourteen years afterwards.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-13 14:33 ` Björn Persson
@ 2024-09-13 22:09   ` Lawrence D'Oliveiro
  2024-09-14  7:01     ` Stéphane Rivière
  0 siblings, 1 reply; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-13 22:09 UTC (permalink / raw)


On Fri, 13 Sep 2024 16:33:15 +0200, Björn Persson wrote:

> Maybe some web hosts support CGI or FastCGI.

Don’t do that.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-12 22:35     ` Lawrence D'Oliveiro
  2024-09-13  6:46       ` J-P. Rosen
@ 2024-09-14  6:38       ` Randy Brukardt
  1 sibling, 0 replies; 27+ messages in thread
From: Randy Brukardt @ 2024-09-14  6:38 UTC (permalink / raw)


"Lawrence D'Oliveiro" <ldo@nz.invalid> wrote in message 
news:vbvqb7$esm6$11@dont-email.me...
> On Thu, 12 Sep 2024 19:06:08 +0200, J-P. Rosen wrote:
>
>> But security breaches mainly use known bugs in Apache... If you write
>> your own server with AWS, the attacker knows nothing about the software
>> that answers!
>
> That's called "security through obscurity". Not recommended.

That's the wrong way to look at it. An Ada program is better thought of as 
"security by simplicity and correctness", because you are running an Ada 
that only does a few things (and which can be throughly tested, checked with 
static analysis, and so on) rather than a general program that does a 
zillion things (with many combinations that can't be tested).

The only place "obscurity" comes into it is that no one else is running the 
exact same program as you. So attacks that depend on any sort of knowledge 
of the program cannot succeed.

In any case, there is no such thing as "secure", there are only levels, and 
for the sorts of non-critical stuff that we're doing, an Ada program is 
certainly secure enough. I wouldn't try to run a storefront on it (although 
that would be more because you'd have a hard time convincing your bank that 
it is OK than any real problems), or anything that needs high-level 
security.

                  Randy.


^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-13 22:09   ` Lawrence D'Oliveiro
@ 2024-09-14  7:01     ` Stéphane Rivière
  2024-09-14  7:26       ` Lawrence D'Oliveiro
  0 siblings, 1 reply; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-14  7:01 UTC (permalink / raw)


Le 14/09/2024 à 00:09, Lawrence D'Oliveiro a écrit :
> On Fri, 13 Sep 2024 16:33:15 +0200, Björn Persson wrote:
> 
>> Maybe some web hosts support CGI or FastCGI.
> 
> Don’t do that.

Could you elaborate why you recommend to not use FastCGI ?

Thanks by advance.


PS

We use FastCGI with Nginx to host tons of Wordpress web sites via 
PHP_FPM. FastCGI allows us to implement an extremely high-performance 
FastCGI cache. Caching is essential for slow and interpreted PHP 
applications and/or high-traffic applications, whatever the language used.

-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14  7:01     ` Stéphane Rivière
@ 2024-09-14  7:26       ` Lawrence D'Oliveiro
  2024-09-14  8:51         ` Stéphane Rivière
  0 siblings, 1 reply; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-14  7:26 UTC (permalink / raw)


On Sat, 14 Sep 2024 09:01:32 +0200, Stéphane Rivière wrote:

> We use FastCGI with Nginx to host tons of Wordpress web sites via
> PHP_FPM. FastCGI allows us to implement an extremely high-performance
> FastCGI cache. Caching is essential for slow and interpreted PHP
> applications and/or high-traffic applications, whatever the language
> used.

I would use the server-side proxy approach.

I see that FastCGI is basically an alternative to this, using a special 
protocol to communicate with the proxy, instead of just regular HTTP. But 
when I discovered that the “official website” (fastcgi.com) disappeared 
off the Web some years ago, I decided that the whole concept was becoming 
obsolescent and so best avoided.

Also, it appears FastCGI doesn’t support WebSockets. Whereas server-side 
proxying does. Another point in favour of the latter.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14  7:26       ` Lawrence D'Oliveiro
@ 2024-09-14  8:51         ` Stéphane Rivière
  2024-09-14  9:41           ` Lawrence D'Oliveiro
  0 siblings, 1 reply; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-14  8:51 UTC (permalink / raw)


OK. Got it.

Actually, it depends on the problem to be solved. In the case I 
mentioned (PHP websites), FastCGI is a must and the FastCGI cache a 
performance grall.

FastCGI can be useful, even in Ada, if the site has to serve large 
quantities of static text and static images, that will make good use of 
a FastCGI cache.

But for dynamic sites (without static datas) written without PHP, I 
agree that the WebSockets protocol is indeed ideal.

WebSockets is a http1 only protocol. What doesn't matter. In most 
dynamic sites, such as business software, http2 or http3 are useless.

-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14  8:51         ` Stéphane Rivière
@ 2024-09-14  9:41           ` Lawrence D'Oliveiro
  2024-09-14 10:29             ` Stéphane Rivière
  0 siblings, 1 reply; 27+ messages in thread
From: Lawrence D'Oliveiro @ 2024-09-14  9:41 UTC (permalink / raw)


On Sat, 14 Sep 2024 10:51:50 +0200, Stéphane Rivière wrote:

> In the case I mentioned (PHP websites), FastCGI is a must and the
> FastCGI cache a performance grall.

OK, PHP doesn’t do WebSockets anyway, so that’s probably OK.

> But for dynamic sites (without static datas) written without PHP, I
> agree that the WebSockets protocol is indeed ideal.

WebSockets is essential for certain kinds of interactivity.

> WebSockets is a http1 only protocol.

Apparently not
<https://www.ietf.org/archive/id/draft-ietf-httpbis-h3-websockets-02.html>.

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14  9:41           ` Lawrence D'Oliveiro
@ 2024-09-14 10:29             ` Stéphane Rivière
  2024-09-14 12:02               ` Kevin Chadwick
  0 siblings, 1 reply; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-14 10:29 UTC (permalink / raw)



> OK, PHP doesn’t do WebSockets anyway, so that’s probably OK.

It's just mandatory if you need maximum performance with PHP.

I deeply dislike PHP but it's a huge part of our business. Yes, it's a 
bit schisophrenic.


>> But for dynamic sites (without static datas) written without PHP, I
>> agree that the WebSockets protocol is indeed ideal.
> 
> WebSockets is essential for certain kinds of interactivity.

for shure !



> Apparently not
> <https://www.ietf.org/archive/id/draft-ietf-httpbis-h3-websockets-02.html>.

You're teaching me something ! Thank you. So WebSockets /was/, untill 
recently, a http1 only protocol. I'm probably influenced by our recent 
work with Gnoga (https://v22.soweb.io).

-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14 10:29             ` Stéphane Rivière
@ 2024-09-14 12:02               ` Kevin Chadwick
  2024-09-14 13:00                 ` Stéphane Rivière
  0 siblings, 1 reply; 27+ messages in thread
From: Kevin Chadwick @ 2024-09-14 12:02 UTC (permalink / raw)


 
>work with Gnoga (https://v22.soweb.io).

Runs on Android/IOS. Does that require an internet web server?

-- 
Regards, Kc

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14 12:02               ` Kevin Chadwick
@ 2024-09-14 13:00                 ` Stéphane Rivière
  2024-09-14 14:34                   ` Jeffrey R.Carter
  0 siblings, 1 reply; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-14 13:00 UTC (permalink / raw)



> Runs on Android/IOS. 

Yes v22.Gui/Gnoga is responsive. Tested with 5" smartphones as old as 
Nexus 5 (with a browser more recent than the stock one to handle 
websockets). Also tested on 43” 4K ;)

On some iOS devices, the menu bar is slightly offset. I didn't look too 
hard. It's a Safari problem. It works fine with Firefox and Chrome.

>Does that require an internet web server?

Not necessarily. v22.Gui/Gnoga supports itself X509 TLS https 
certificates (tested). However, for various reasons (such as the 
possibility of having several web applications on the same instance and 
on the same 80/443 input port), in production, I've always chosen to 
have a Nginx proxy on the front end, which is also more flexible and 
handle automatic switching from http/80 to https/443.

-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14 13:00                 ` Stéphane Rivière
@ 2024-09-14 14:34                   ` Jeffrey R.Carter
  2024-09-14 16:11                     ` Stéphane Rivière
  0 siblings, 1 reply; 27+ messages in thread
From: Jeffrey R.Carter @ 2024-09-14 14:34 UTC (permalink / raw)


On 2024-09-14 15:00, Stéphane Rivière wrote:
> 
>> Runs on Android/IOS. 
> 
> Yes v22.Gui/Gnoga is responsive. Tested with 5" smartphones as old as Nexus 5 
> (with a browser more recent than the stock one to handle websockets). Also 
> tested on 43” 4K ;)

Interesting. How do you compile for Android/IOS?

Incidentally, the screenshot you have for the Tic-Tac-Toe demo seems to be Othello.

-- 
Jeff Carter
"Damn it, Jim, I'm an actor, not a doctor."
124

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14 14:34                   ` Jeffrey R.Carter
@ 2024-09-14 16:11                     ` Stéphane Rivière
  2024-09-14 18:04                       ` Jeffrey R.Carter
  0 siblings, 1 reply; 27+ messages in thread
From: Stéphane Rivière @ 2024-09-14 16:11 UTC (permalink / raw)


Hi Jeffrey,

> Interesting. How do you compile for Android/IOS?

There's some confusion, I'm having trouble expressing myself. v22.Gui is 
a framework on top of Gnoga, with specific CSS, making it possible to 
obtain a responsive and therefore Android/IOS compatible application, 
through the smartphone's web browser.

The Ada application with the v22 framework/library is of course 
installed on any server/pc.


> Incidentally, the screenshot you have for the Tic-Tac-Toe demo seems to 
> be Othello.

Thanks for reporting this error. I'll correct ASAP.


-- 
Stéphane Rivière
Ile d'Oléron - France

^ permalink raw reply	[flat|nested] 27+ messages in thread

* Re: Ada/GNAT/AWS-friendly web hosting
  2024-09-14 16:11                     ` Stéphane Rivière
@ 2024-09-14 18:04                       ` Jeffrey R.Carter
  0 siblings, 0 replies; 27+ messages in thread
From: Jeffrey R.Carter @ 2024-09-14 18:04 UTC (permalink / raw)


On 2024-09-14 18:11, Stéphane Rivière wrote:
> 
> There's some confusion, I'm having trouble expressing myself. v22.Gui is a 
> framework on top of Gnoga, with specific CSS, making it possible to obtain a 
> responsive and therefore Android/IOS compatible application, through the 
> smartphone's web browser.

I misunderstood. Of course a Gnoga web application can be connected to from any 
platform with a browser.

-- 
Jeff Carter
"Damn it, Jim, I'm an actor, not a doctor."
124

^ permalink raw reply	[flat|nested] 27+ messages in thread

end of thread, other threads:[~2024-09-14 18:04 UTC | newest]

Thread overview: 27+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-09-12 14:25 Ada/GNAT/AWS-friendly web hosting Marius Alves
2024-09-12 14:48 ` J-P. Rosen
2024-09-12 14:54 ` DrPi
2024-09-12 17:06   ` J-P. Rosen
2024-09-12 17:16     ` Kevin Chadwick
2024-09-12 22:35     ` Lawrence D'Oliveiro
2024-09-13  6:46       ` J-P. Rosen
2024-09-14  6:38       ` Randy Brukardt
2024-09-12 22:40   ` Lawrence D'Oliveiro
2024-09-12 16:22 ` Jeffrey R.Carter
2024-09-12 22:29   ` Lawrence D'Oliveiro
2024-09-13  9:03     ` Jeffrey R.Carter
2024-09-12 18:48 ` Dmitry A. Kazakov
2024-09-13 13:15 ` Stéphane Rivière
2024-09-13 14:33 ` Björn Persson
2024-09-13 22:09   ` Lawrence D'Oliveiro
2024-09-14  7:01     ` Stéphane Rivière
2024-09-14  7:26       ` Lawrence D'Oliveiro
2024-09-14  8:51         ` Stéphane Rivière
2024-09-14  9:41           ` Lawrence D'Oliveiro
2024-09-14 10:29             ` Stéphane Rivière
2024-09-14 12:02               ` Kevin Chadwick
2024-09-14 13:00                 ` Stéphane Rivière
2024-09-14 14:34                   ` Jeffrey R.Carter
2024-09-14 16:11                     ` Stéphane Rivière
2024-09-14 18:04                       ` Jeffrey R.Carter
2024-09-13 17:36 ` Nioclás Pól Caileán de Ghloucester

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox