Chapter 7. Scaling Up
Now, you’re ready for production. This chapter covers the wide variety of integration and finalization choices for OAE in production.
There are a handful of things that must be set before opening OAE up for people to use. The admin password must be changed, outgoing email configured, start and stop scripts established, and logs put under rotation. OAE provides RESTful web services for most functions, so you can use curl as a command-line administrative interface.
Set Up Curl
Curl is a simple command line tool for accessing URLs. It can handle http, https, ftp as well as many other common transfer protocols. Both curl and the library libcurl are freely available open source software. Precompiled binaries for some 60 platforms are available at http://curl.haxx.se/download.html, but chances are it is already on your system. Anything in the 7 family will be just fine. If you have a curl version 6 on your machine, consider donating it to the American Computing Museum:
curl 7.16.4 (i386-apple-darwin9.0) libcurl/7.16.4 OpenSSL/0.9.7l zlib/1.2.3
A couple of particularly useful parameters are:
OAE requires that every http request include the referring page that originated the request. Requiring a referrer reduces OAE’s exposure to simple cross-site request forgery attacks. You’ll notice though that referrer data can easily be passed in. You’ll also notice that one stray misspelling can take unstoppable root in a software system.
The binary ...