Invisible Website Hit Counter Project Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

As described in the project proposal, the main idea for our project is to design and implement a Servlet that is capable of counting the number of hits on a registered website. The web site manager may also view other statistical information such as: username, password, login time, login duration, and logout time.

The scope of this report is to create a single website for a pre-defined set of users. The overall deliverable is a web page that registered users can log into to view the contents. This progress report covers a literate review on used technologies as well as some high level design of our client-server application. There is one change made within to-do-list; instead of implementing the Servlet first, our group decided to provide the site with an authentication method. The process of developing and coding of password protected web site is discussed in this report. A Gantt chart that represents the progress of this research is shown at the end of our progress report.

Used Technology:

Web Server:

A web server, in general is a computer or virtual machine that provides the clients with content of a web page. The protocol used is mainly HTTP (Hypertext transfer Protocol) which acts the server while any browser accessing through the Internet will be called the client. The early servers were only able to provide information by implementing static HTML pages, but now the service is dynamic and interactive between both server and client through database queries and executable scripts [1]. Designing web servers requires a great deal of planning in advance and understanding of the overall system requirements. Internet based servers need to run all the time while providing reliable service. Based on the design patterns and clients load consideration, various components can be chosen for a reliable web server. Primary objective of the designer is to make sure that hardware and software components are suitable for the service and they can perform the necessary tasks with the least cost to the provider. [2]


For our project we have chosen a desktop which will act as the web server and three laptops accessing the site through internet, acting as clients. The overall design of this project is shown in figure x.

Figure 1 - Overall Hardware Design


Based in the Netcraft survey in January 2010 [3], the table below shows the top web server software providers, the number of web sites they have hosted, and the overall percentage of hosted sites.



Sites (millions)










Igor Sysoev








For the scope of this project, two product will be considered and compared side by side in order to identify the most suitable and practical software. The two products, explained in more detailed in this section, are Apache and IIS.


This open source HTTP server was first introduced in 1995. Apache is one the most command HTTP servers since it is able to support almost all the major operating systems. An open community is in charge of developing and maintaining the apache software that can be used for both static and dynamic web pages over the World Wide Web. This software allows its user to program the server side as well as providing various authentication schemes to allow secure content access. Apache can be locally installed on a computer where it will be easier for the developer to test and debug the written codes.


The Microsoft IIS which stands for Internet Information Services was introduced in 1995-6 as part of the NT operating system. IIS is the only HTTP server that is not open-source [1]. One of the disadvantages of this server type is the fact that it is limited to Microsoft Windows users only. IIS is based on modules that can be installed or removed from the package in order to provide the best performance. Some of those modules are: HTTP, security, content, compression, logging and diagnostics, and caching. Security options recently added includes request filtering. More security options can be provided by third parties like "Web App Firewalls".

Even though both web servers are popular and fit the requirements for this project, Apache web server is more suitable because of few advantages. As it was discussed, Apache is free and can be implemented on major operating systems like UNIX and Microsoft windows. Apache is also compatible with Java programming and provides an easy to use authentication scheme which will be used to register users' accounts.


As web applications are widely used in the Internet and many businesses and organizations are depending on them to provide services to their users, web applications security is an issue that have to be addressed in order to keep them in service and functioning according to their intended goals. According to computer network security statistics, web application attacks represent 70 percent of overall security attacks. There are many techniques used for web applications security, such as authentication, authorization, and access control. Password authentication is the de facto authentication technique for web applications .In a web client-server application that is designed to serve a group of users requires user to be authenticated by user id and password. Users who have valid accounts only will be able to login to the web page and retrieve information. Authorization on other hand is the technique that checks the resources that allowed to be accessed by a specific user.

The basic of web authentication is that whenever the user attempt to access a certain website, the web browser sends a request to access the webpage to the web server which in turn replies with authentication request. Web browser receives the request and displays the username/password dialog to the user. The user provides the username and password associated with his/her account. The web browser sends whatever the user types the web server to be authenticated. If the user's information valid, the web server will returns the access controlled web page to the web browser to be viewed by the user.[4] The protocol that takes care of the communication back and forth between the web browser and the web server is called Hypertext Terminal. HTTP is a stateless client-server application which requires the user to provide login information when attempting to access a web page. Although some web browsers stores users login information for future request.

Web Authentication Configuration

The first step in implementing web authentication in Apatche is to create a password file by utilizing htpasswd utility. Then, create user id and passwords that will be stored in the password file. Finally, inform the web server of the existence of the password file to be checked whenever the server receives login information entered by the user. Also, if different group of users required having access to different resources, a group files can be created inside the password file. Group files will be checked first when server checks users login information.

Servlet Technology:

In the text, Making User of JSP, the author makes a strong case of using servlets to expand the functionality of web applications. Servlets are discussed by first providing a short background on servlet technology in comparison to competing technologies. Additionally, the servlet architecture and life cycle is presented, and then demonstrated with a hit counter servlet example.

A servlet is a Java class that offers extended functionality of a server. It is implemented as a Java program, typically run on web server, that offers dynamic content to clients. In a web server environment a servlet is used to bridge communications between the browser client and the server. When a client sends a request, via HTTP, it will invoke a servlet on the server, which processes and then returns the requested HTML content to the client. This design allows dynamic processing to occur internally on the server side, and remain invisible to the client. The servlet technology is highly desirable in web server environments because it offers developer's robust functionality, high efficiency, and an easily scalable design when compared to other technologies.

Before Java servlet technology was introduced the Common Gateway Interface (CGI) was the singular server-side scripting technology. CGI programs, typically written in C, C++, or Perl accomplished the communication during the client-server request-response cycle, but faced several disadvantages. For each client request made a new CGI script needs to be created to process the request, and then torn back down. This becomes very costly for the operating system to create a large number of separate processes in memory to handle incoming requests. At a certain point the server would be unable to accept new requests if the number of simultaneous process had reached the global limit. Thus, CGI technology could prove to be a very costly and inefficient solution to modern web server design.

Servlet technology is similar to CGI in that it is a server side script, but avoids CGI's drawbacks because it is implemented with the powerful and flexible Java API. With a servlet a separate process is not require for every client request. Instead, a Java Virtual Machine (JVM) will remain running in the web server background, and create a lightweight thread to service incoming requests. The servlet is executed in the JVM either when a client request is received, or when the web server is started; depending on the design. This allows for greater efficiency since a servlet stays active once it is initialized, and continually process requests without continually setting up or breaking down. Furthermore, disk access is reduced since a servlet will remain actively running offering greater persistence. Servlets are robust since they have full access to the Java API, which includes strong exception handling and garbage collection. Additionally, servlets are portable and easily scalable because they are contained in a JVM. It allows servlets to remain platform independent, and easily moved to different web servers.

Competing server-side script technologies are Active Server Pages (ASP) and Java Server Pages (JSP). ASP is Microsoft's proprietary scripting technology, which allows snippets of embedded code to be inserted into a HTML pages. The embedded code links to Windows COM components, which perform the heavy processing. Thus, small portions of dynamic content are executed when the code is executed on the server. ASP is native in Microsoft's web server container, Microsoft Internet Information Services (IIS), but may face compatibility and performance issues when run on non-windows platforms. Similarly, JSP is the open-standard alternative to ASP, and is developed by Sun Microsystems. JSP uses embedded code in HTML pages to provide dynamic web content, but actually invokes a servlet when executed. So JSP is often considered a close companion to servlets.

The servlet architecture is realized by two Java packages: javax.servlet and javax.servlet.http. The javax.servlet package is a generic class package extended by all servlets, while the java.servlet.http package to implement web-specific serlvets that provide HTTP content. The architecture is defined by three primary methods: init(), service(), and destroy().

The init() method is responsible for the instantiation and initialzation phases of the server life cycle. When a client request is reveived, the service() method is called to begin the service() phase. This is normally the longest phase of the servlet lifc cycle, and where processing occurs. The destroy phase consists of calling destroy() which closes the servlet and removes it from memory. This typically occurs when the service is ended or the web server is shut down.

A common application for a servlet in a web server environment is in a website hit counter. This function is particularly useful to web developers interested in observing the popularity or usage of their site by tracking the number of visits made to the webpage. A servlet is ideal for this application since it can be invoked when the client makes a call for the HTML page. The servlet is only loaded in memory once, and remains running. A counter increments each time the HTML page is requested, and then can either by saved to file on disk or output on the page. Either way the count variable can be reliably tracked. This leaves room for additional functionality such as tracking other environmental variables or the frequency of hits thay may be of interest to web designers.

The servlet technology offers designers robust functionality, efficiency, and scalability, which is inherited from the powerful Java API. Overall, servlets are a viable solution in web server environments, and are ideal for multi-platform designs. It was made clear in the paper that servlets can be integrated into client-server models to expand the functionality of web applications.

Apache 2 Web Page Authentication Configuration

- Open up a terminal

- Use the following command to change privileges to 'root'

#sudo -i

[sudo] password for Ali: //enter your ubuntu password


- Install apache2 server

root# apt-get install apache2

// FYI the index.html file will be located under /var/www/ directory

- Configure web access authentication using .htaccess file:

1- Allow .htaccess file to override previous directives

# cd /etc/apache2/sites-available/

# pico default //use 'pico' to edit the defult file

<Directory /var/www/>

Options Indexes FollowSymLinks MultiViews

AllowOverride None // change to AllowOverride all

Order allow,deny

allow from all

// To save use 'ctrl+o' then Enter

// To exit the file editor use 'ctrl+x'

2- Reload apache2 using the following command:

sudo /etc/init.d/apache2 restart

// To check the status of apache server use

sudo /etc/init.d/apache2 status

3- Create .htaccess file under /var/www/

cd /var/www/

pico .htaccess

//add the following lines

AuthUserFile /var/www/.htpasswd

AuthName "Authorization Required"

AuthType Basic

require valid-user

// also add the following lines

<Files "index.html">

Require valid-user


// To save use 'ctrl+o' then Enter

// To exit the file editor use 'ctrl+x'

4- Create /var/www/.htpasswd file that contains users and their passwords, using the following command:

htpasswd -c /var/www/.htpasswd project2

// it will ask you to provide a password for the project2 account

/* you can create as many users as you want using the same command, but without -c in the command, otherwise it will override the project2 account you just created */

For example:

htpasswd /var/www/.htpasswd Ali

htpasswd /var/www/.htpasswd Eric

htpasswd /var/www/.htpasswd Haitham

5- Finally, add the following lines in the end of /etc/apache2/apache2.conf file:

cd /etc/apache2/

pico apache2.conf

// add

<Directory /your/path>

AllowOverride All


// To save use 'ctrl+o' then Enter

// To exit the file editor use 'ctrl+x'

6- The final step

// restart apache2 using the following command

sudo /etc/init.d/apache2 restart