Web Server CentOS 5.4

Web server CentOS 5.4 Linux web server CentOS 5.4 Web Server web server

1. Linux web server CentOS (V.5.4)

virtual server server virtual server V-center server virtual virtual ( image iso )

1. Create virtual machine ( server )

1.1 VMware VSphere Client connect VCenter Server Host manage Virtual machine

1.2 virtual machine new virtual machine

1.3 Typical next

1.4 server next

1.5 storage

1.6

1.7 (Network card) -Vlan

1.8 virtual disk size

1.9 finish virtual machine

1.10. virtual machine Summary Edit Setting

1.11 momery size service web server

1.12 cpu service web server

1.13 power on server

1.14 tab console boot

** 1.15 menu connect/disconnect cd/dvd device CentOS 5.4 ( iso )

1.16

1.17 reboot virtual machine detect

2. CentOS 5.4 - server

Linux CentOS 5.4 enter graphic mode

- virtual server enter graphic mode

2.1 skip process

2.2

2.3 Keyboard US OK

2.4 ? Yes

2.5 Partition Linux CentOS

Remove all partitions on selected drives and create default layout. Partition Linux CentOS Remove linux partitions on selected drives and create default layout. Partition Linux CentOS Use free space on selected drives and create default layout. Partition Linux CentOS Create custom layout. Linux CentOS Which drive(s) do you want to use for this installation? Linux Remove linux partitions on selected drives and create default layout. OK

2.6 ? Yes

2.7 Network Configuration Edit OK

2.8 web server gateway DNS ( server dns server )

2.9 Time Zone Selection Asia/Bangkok

2.10 root account

2.11 Package Server-GUI Customize Now ok

2.12 ( web server) - Desktop Environment -> Gnome Environment

-Applications -> Editors, Graphic Internet

-development -> Development tool, Java development

-server -> ftp server, Mysql server, Configuration tool webserver

- Mysql Optional package - mysql-server

-mysql-devel

- php-mysql

package

- Base system -> Administrative tool, Base, system tool, X window System

2.13 format - package

2.14 reboot package program

2.15 Welcome

2.16 disable firewall

2.17 disable SELinux

2.18 Kdump Forward

2.19 enable network time protocol

2.20 Create User Forward user Continue

2.21 Sound Card Forward

2.22 Additional CDs Finish OK

2.23 reboot login

2.24 login username root password ( 2.8)

2.25 internet program firefox web browser.

internet network configuration * Linux web server CentOS 5.4

3. run script php

3.1 extension php php

Access web server putty SSL config server

# yum install php-common php-cli php-devel php-mysql php-gd php-imap php-mbstring php-mhash php-pear php-xml php-xmlrpc php-mcrypt

3.2 update php version php default version version 5.1 version 5.3.21 update php # wget -q -O - www.atomicorp.com/installers/atomic | sh Yes -> enable Atomic Repository #yum update php -> update php # php v -> version php # service httpd restart -> restart service httpd web server

3.3 MySQL Boot # chkconfig mysqld on # service mysqld start

3.4 MySQL MySQL User : root MySQL # mysqladmin -u root password password@1 * password@1 MySQL 3.5 Apache Boot # chkconfig httpd on # service httpd start 3.6 httpd.conf - httpd.conf server set default page index.htm index.php winscp /etc/httpd/conf httpd.conf 391 save

restart service httpd.conf # service httpd start 3.7 script php - info.php source code

- up info.php server upload winscp - path /var/www/html

- info.php run version / extenstion

3.8 webmin Web interface website

webmin Control Panel Config Linux Server port 10000 www.webmin.com

webmin /tmp server Putty /tmp server # cd /tmp webmin # rpm Uvh webmin-1.620-1.noarch.rpm

web min port 10000 web browser http://203.158.4.124:10000

3.9 phpMyAdmin interface

phpMyAdmin version http://www.phpmyadmin.net/home_page/downloads.php

- zip file - download folder phpMyAdmin

- up folder phpMyAdmin upload winscp path /var/www/html

- phpMyAdmin http://203.158.4.124/phpmyAdmin ( case sensitive)

Web Server

1. ftp account user ftp web hosting

1.1 manage web min browser http://203.158.4.124:10000

1.2 System -> Users and Groups -> Create a new user

1.3 point directory /var/www/html

* home directory url webhosting + directory http://ccsweb.sut.ac.th/service

2. service vsftp + T Anonymous upload file

vsftp s Anonymous upload file /etc/vsftpd/vsftpd.conf ( vsftp.conf winscp )

# Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO # # Uncomment this to allow local users to log in. #local_enable=YES # # Uncomment this to enable any form of FTP write command. #write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) #local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES

# Activate logging of uploads/downloads. xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # You may override where the log file goes if you like. The default is shown # below. #xferlog_file=/var/log/vsftpd.log # # If you want, you can have your log file in standard ftpd xferlog format. # Note that the default log file location is /var/log/xferlog in this case. #xferlog_std_format=YES # # You may change the default value for timing out an idle session. idle_session_timeout=600 # # You may change the default value for timing out a data connection. data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # You may fully customise the login banner string: ftpd_banner=Welcome to blah FTP service. # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). chroot_list_enable=YES # (default follows) chroot_list_file=/etc/vsftpd/chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd whith two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES anon_upload_enable=NO anon_mkdir_write_enable=NO anon_other_write_enable=NO chroot_local_user=YES local_enable=YES write_enable=YES local_umask=022 #max_per_ip= #ftp_username=

vsftpd.conf save restart service # service vsftpd restart

3. firewall port 22

webmin networking -> linux firewall firewall

apply configuration activate on boot yes

4. login FTP 1. index.htm file sample ftp 2. service FTP ftp:// ccsweb.sut.ac.th 3. username / password 4. Upload index file 5. upload

* browser http://ccsweb.sut.ac.th/service

5.

5.1 enable disk quota manage webmin system -> disk and menu file system root file system

mount option -> Used Quota User and Group.

mount root Disk Quota ( 1-2 harddisk)

5.2 Disk Quota user system ->disk quota-> users

user Quota disk quota update

* soft kilobyte limit unlimited 100 Mb Hard kilobyte limit Unlimited 100 Mb

disk quota 1. blocks 1 block 1 kilo bytes 2. inodes 1 inode

1. soft (grace) 2. hard

user service soft 100 MB hard 100 MB 100 Mb ftp upload file

6.T database s database database 6.1 User permission Server->MySQL Database server->user permission

6.2 user anonymous

63.3 mysql Create new user

* username- password account ftp *host localhost create.

account permission

6.4 permission Database Permission -> create new database permission

Permission cms website s -select table data

-Insert table data -Update table data -Delete table data -Create tables -Alter Tables -lock tables

6.5 s

6.6 phpMyAdmin phpMyAdmin mysql http://ccsweb.sut.ac.th/phpMyAdmin

tab database database servicedb s database database information_schema database website cms database

7. virtual host default web server / folder /var/www/html http://ccsweb.sut.ac.th/service url virtual host http://service.sut.ac.th DNS Server ( Alias Cname web server) DNS Server putty winscp login web server httpd.conf (/etc/httpd/conf/http.conf) virtual host 0 section 3

### Section 3: Virtual Hosts # # VirtualHost: If you want to maintain multiple domains/hostnames on your # machine you can setup VirtualHost containers for them. Most configurations # use only name-based virtual hosts so the server doesn't need to worry about # IP addresses. This is indicated by the asterisks in the directives below. # # Please see the documentation at # # for further details before you try to setup virtual hosts. # # You may use the command line option '-S' to verify your virtual host # configuration.

# # Use name-based virtual hosting. # #NameVirtualHost *:80 NameVirtualHost 203.158.4.124:80 # # NOTE: NameVirtualHost cannot be used without a port specifier # (e.g. :80) if mod_ssl is being used, due to the nature of the # SSL protocol. # # # Directives to allow use of AWStats as a CGI #

# # This is to permit URL access to scripts/files in AWStats directory.

# # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for requests without a known # server name. # # # ServerAdmin webmaster@dummy-host.example.com # DocumentRoot /www/docs/dummy-host.example.com # ServerName dummy-host.example.com # ErrorLog logs/dummy-host.example.com-error_log # CustomLog logs/dummy-host.example.com-access_log common #

DocumentRoot /var/www/html/service ServerName service.sut.ac.th ErrorLog logs/error_log CustomLog logs/access_log combined

restart service httpd apache #service httpd restart

url virtual host Web browser virtual host

monitoring

1. apache service httpd - #service httpd status -> httpd #service httpd stop -> service httpd ( service ) #service httpd start -> service httpd #service httpd restart -> restart service httpd

2. Mysql service mysqld #service mysqld status -> mysqld #service mysqld stop -> service mysqld ( service ) #service mysqld start -> service mysqld #service mysqld restart -> restart service mysqld

3 connection Mysql webmin connection Login webmin Web hosting IP http://x.x.x.x:10000 login

- server -> Mysql Database Server

- Mysql connection

database web hosting connection ( restart service ) database script spam

database 2012db table record database 2012db

4 process-cpu-memory # top -> process cpu- memory

top - 09:13:20 up 187 days, 8:36,1 user, load average: 0.43, 0.66, 0.61 09:13:20: server up 187 days : uptime ( boot OS ) 1 user: user login shell ( login + ssh terminal ) load average: 0.43, 0.66, 0.61: "" 1 , 5 15

2: process Tasks: 180 total, 1 running, 179 sleeping, 0 stopped, 0 zombie Tasks: 180 total : process 1 running : process CPU " " 179 sleeping: process / CPU 0 stopped : process "" 0 zombie: process clear process hardware (

3: CPU cpu core cpu Cpu(s): 27.9%us, 7.2%sy, 0.2%ni, 57.4%id, 6.5%wa, 0.1%hi, 0.8%si, 0.0%st

Cpu(s) user :: CPU sy => system :: kernel kernel hardware ni => nice :: (priority) process priority cpu id => idle :: cpu wa => iowait :: '' hardware harddisk ram hi=> hardware irq (or) % CPU time spent servicing/handling hardware

interrupts

si=> software irq (or) % CPU time spent servicing/handling software

interrupts

st=> steal time - - % CPU time in involuntary wait by virtual cpu while

hypervisor is servicing another processor

4-5: Mem: 8310380k total, 4970936k used, 3339444k free, 217448k buffers Swap: 6225904k total, 52816k used, 6173088k free, 3001860k cached

Mem: 8310380k total: RAM OS () 4970936k used: "" 3339444k free: () 217448k buffers: buffer / harddisk CPU Swap: 6225904k total: swap space harddisk --- windows pagefile 52816k used: swap space () ( iowait ) swap space

6173088k free: swap space 3001860k cached: file system memory cache linux ram ram ( )

free + cached cache process

process () CPU process ()

PID : process id USER : user process PR : priority process nice NI : nice process () VIRT : virtual image ( process library) RES / SHR : private ( app) / shared (ram ) S : process %CPU : CPU ( core ) cpu 4 core + process 4 thread thread cpu 400 %MEM : ram % TIME+ : "" CPU process ( process ) COMMAND : process

5 hard disk #df k #df h ->

6 . permission site permission Permission folder 755 files 644

Permission 755 Owner (files- folder) s read-write-execute file-folder Group Owner s read-execute folder other () s read-execute folder Permission 644 Owner (files- folder) s read-write Group Owner s read folder -execute other () s read folder -execute

*permission 777 file upload

permission ftp upload login file folder permission

7. record table script phpMyAdmin

database

database

record

table truncate ( backup ) s table s table

monitoring back up backup - source code - back up 8. google webmaster tool google webmaster tool search engine Google www.google.com/webmasters/tools login gmail account

8.1 add website login page google add website

8.2 verify site add website google verify site google download generate ( google2723012dd79a4255.html) download ftp root directory website verify

verify list dashboard

8.3 sitemap.xml Sitemap.xml website index page page sitemap google sitemap sitemap http://www.xml-sitemaps.com free website sitemap 500 page

url

start

upload sitemap.xml server FTP ( root directory ) google webmastertool add sitemap

Download sitemap

google

current status - crawl error DNS

server - search queries google internet

keyword search search

- sitemap indexfile tool ranking tool feature hack , Phishing, google