-
Web Server CentOS 5.4
Web server CentOS 5.4 Linux web server CentOS 5.4 Web Server web
server
1. Linux web server CentOS (V.5.4)
virtual server server virtual server V-center server virtual
virtual ( image iso )
1. Create virtual machine ( server )
1.1 VMware VSphere Client connect VCenter Server Host manage
Virtual machine
-
1.2 virtual machine new virtual machine
1.3 Typical next
-
1.4 server next
1.5 storage
-
1.6
1.7 (Network card) -Vlan
-
1.8 virtual disk size
1.9 finish virtual machine
-
1.10. virtual machine Summary Edit Setting
1.11 momery size service web server
-
1.12 cpu service web server
1.13 power on server
-
1.14 tab console boot
** 1.15 menu connect/disconnect cd/dvd device CentOS 5.4 ( iso
)
1.16
-
1.17 reboot virtual machine detect
-
2. CentOS 5.4 - server
Linux CentOS 5.4 enter graphic mode
- virtual server enter graphic mode
2.1 skip process
-
2.2
-
2.3 Keyboard US OK
2.4 ? Yes
-
2.5 Partition Linux CentOS
Remove all partitions on selected drives and create default
layout. Partition Linux CentOS Remove linux partitions on selected
drives and create default layout. Partition Linux CentOS Use free
space on selected drives and create default layout. Partition Linux
CentOS Create custom layout. Linux CentOS Which drive(s) do you
want to use for this installation? Linux Remove linux partitions on
selected drives and create default layout. OK
-
2.6 ? Yes
2.7 Network Configuration Edit OK
-
2.8 web server gateway DNS ( server dns server )
2.9 Time Zone Selection Asia/Bangkok
-
2.10 root account
2.11 Package Server-GUI Customize Now ok
-
2.12 ( web server) - Desktop Environment -> Gnome
Environment
-Applications -> Editors, Graphic Internet
-
-development -> Development tool, Java development
-server -> ftp server, Mysql server, Configuration tool
webserver
-
- Mysql Optional package - mysql-server
-mysql-devel
- php-mysql
package
- Base system -> Administrative tool, Base, system tool, X
window System
-
2.13 format - package
-
2.14 reboot package program
2.15 Welcome
-
2.16 disable firewall
2.17 disable SELinux
-
2.18 Kdump Forward
2.19 enable network time protocol
-
2.20 Create User Forward user Continue
2.21 Sound Card Forward
-
2.22 Additional CDs Finish OK
2.23 reboot login
-
2.24 login username root password ( 2.8)
2.25 internet program firefox web browser.
-
internet network configuration * Linux web server CentOS 5.4
-
3. run script php
3.1 extension php php
Access web server putty SSL config server
# yum install php-common php-cli php-devel php-mysql php-gd
php-imap php-mbstring php-mhash php-pear php-xml php-xmlrpc
php-mcrypt
-
3.2 update php version php default version version 5.1 version
5.3.21 update php # wget -q -O -
www.atomicorp.com/installers/atomic | sh Yes -> enable Atomic
Repository #yum update php -> update php # php v -> version
php # service httpd restart -> restart service httpd web
server
3.3 MySQL Boot # chkconfig mysqld on # service mysqld start
-
3.4 MySQL MySQL User : root MySQL # mysqladmin -u root password
password@1 * password@1 MySQL 3.5 Apache Boot # chkconfig httpd on
# service httpd start 3.6 httpd.conf - httpd.conf server set
default page index.htm index.php winscp /etc/httpd/conf httpd.conf
391 save
restart service httpd.conf # service httpd start 3.7 script php
- info.php source code
-
- up info.php server upload winscp - path /var/www/html
- info.php run version / extenstion
3.8 webmin Web interface website
webmin Control Panel Config Linux Server port 10000
www.webmin.com
-
webmin /tmp server Putty /tmp server # cd /tmp webmin # rpm Uvh
webmin-1.620-1.noarch.rpm
-
web min port 10000 web browser http://203.158.4.124:10000
-
3.9 phpMyAdmin interface
phpMyAdmin version
http://www.phpmyadmin.net/home_page/downloads.php
- zip file - download folder phpMyAdmin
- up folder phpMyAdmin upload winscp path /var/www/html
-
- phpMyAdmin http://203.158.4.124/phpmyAdmin ( case
sensitive)
-
Web Server
1. ftp account user ftp web hosting
1.1 manage web min browser http://203.158.4.124:10000
1.2 System -> Users and Groups -> Create a new user
-
1.3 point directory /var/www/html
* home directory url webhosting + directory
http://ccsweb.sut.ac.th/service
2. service vsftp + T Anonymous upload file
-
vsftp s Anonymous upload file /etc/vsftpd/vsftpd.conf (
vsftp.conf winscp )
# Example config file /etc/vsftpd/vsftpd.conf # # The default
compiled in settings are fairly paranoid. This sample file #
loosens things up a bit, to make the ftp daemon more usable. #
Please see vsftpd.conf.5 for all compiled in defaults. # # READ
THIS: This example file is NOT an exhaustive list of vsftpd
options. # Please read the vsftpd.conf.5 manual page to get a full
idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware -
allowed by default if you comment this out). anonymous_enable=NO #
# Uncomment this to allow local users to log in. #local_enable=YES
# # Uncomment this to enable any form of FTP write command.
#write_enable=YES # # Default umask for local users is 077. You may
wish to change this to 022, # if your users expect that (022 is
used by most other ftpd's) #local_umask=022 # # Uncomment this to
allow the anonymous FTP user to upload files. This only # has an
effect if the above global write enable is activated. Also, you
will # obviously need to create a directory writable by the FTP
user. #anon_upload_enable=YES # # Uncomment this if you want the
anonymous FTP user to be able to create # new directories.
#anon_mkdir_write_enable=YES # # Activate directory messages -
messages given to remote users when they # go into a certain
directory. dirmessage_enable=YES
-
# Activate logging of uploads/downloads. xferlog_enable=YES # #
Make sure PORT transfer connections originate from port 20
(ftp-data). connect_from_port_20=YES # # If you want, you can
arrange for uploaded anonymous files to be owned by # a different
user. Note! Using "root" for uploaded files is not # recommended!
#chown_uploads=YES #chown_username=whoever # # You may override
where the log file goes if you like. The default is shown # below.
#xferlog_file=/var/log/vsftpd.log # # If you want, you can have
your log file in standard ftpd xferlog format. # Note that the
default log file location is /var/log/xferlog in this case.
#xferlog_std_format=YES # # You may change the default value for
timing out an idle session. idle_session_timeout=600 # # You may
change the default value for timing out a data connection.
data_connection_timeout=120 # # It is recommended that you define
on your system a unique user which the # ftp server can use as a
totally isolated and unprivileged user. #nopriv_user=ftpsecure # #
Enable this and the server will recognise asynchronous ABOR
requests. Not # recommended for security (the code is non-trivial).
Not enabling it, # however, may confuse older FTP clients.
#async_abor_enable=YES # # By default the server will pretend to
allow ASCII mode but in fact ignore # the request. Turn on the
below options to have the server actually do ASCII # mangling on
files when in ASCII mode. # Beware that on some FTP servers, ASCII
support allows a denial of service # attack (DoS) via the command
"SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and
has always been safe, reporting the size of the # raw file. # ASCII
mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES #ascii_download_enable=YES # You may fully
customise the login banner string: ftpd_banner=Welcome to blah FTP
service. # You may specify a file of disallowed anonymous e-mail
addresses. Apparently # useful for combatting certain DoS attacks.
#deny_email_enable=YES # (default follows)
#banned_email_file=/etc/vsftpd/banned_emails # You may specify an
explicit list of local users to chroot() to their home # directory.
If chroot_local_user is YES, then this list becomes a list of #
users to NOT chroot(). chroot_list_enable=YES # (default follows)
chroot_list_file=/etc/vsftpd/chroot_list # # You may activate the
"-R" option to the builtin ls. This is disabled by # default to
avoid remote users being able to cause excessive I/O on large #
sites. However, some broken FTP clients such as "ncftp" and
"mirror" assume # the presence of the "-R" option, so there is a
strong case for enabling it. #ls_recurse_enable=YES # When "listen"
directive is enabled, vsftpd runs in standalone mode and # listens
on IPv4 sockets. This directive cannot be used in conjunction #
with the listen_ipv6 directive. listen=YES # This directive enables
listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets,
you must run two copies of vsftpd whith two configuration files. #
Make sure, that one of the listen options is commented !!
#listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES
tcp_wrappers=YES anon_upload_enable=NO anon_mkdir_write_enable=NO
anon_other_write_enable=NO chroot_local_user=YES local_enable=YES
write_enable=YES local_umask=022 #max_per_ip= #ftp_username=
-
vsftpd.conf save restart service # service vsftpd restart
3. firewall port 22
webmin networking -> linux firewall firewall
apply configuration activate on boot yes
4. login FTP 1. index.htm file sample ftp 2. service FTP ftp://
ccsweb.sut.ac.th 3. username / password 4. Upload index file 5.
upload
-
* browser http://ccsweb.sut.ac.th/service
5.
5.1 enable disk quota manage webmin system -> disk and menu
file system root file system
-
mount option -> Used Quota User and Group.
mount root Disk Quota ( 1-2 harddisk)
5.2 Disk Quota user system ->disk quota-> users
user Quota disk quota update
* soft kilobyte limit unlimited 100 Mb Hard kilobyte limit
Unlimited 100 Mb
disk quota 1. blocks 1 block 1 kilo bytes 2. inodes 1 inode
-
1. soft (grace) 2. hard
user service soft 100 MB hard 100 MB 100 Mb ftp upload file
6.T database s database database 6.1 User permission
Server->MySQL Database server->user permission
-
6.2 user anonymous
63.3 mysql Create new user
* username- password account ftp *host localhost create.
-
account permission
6.4 permission Database Permission -> create new database
permission
-
Permission cms website s -select table data
-Insert table data -Update table data -Delete table data -Create
tables -Alter Tables -lock tables
6.5 s
-
6.6 phpMyAdmin phpMyAdmin mysql
http://ccsweb.sut.ac.th/phpMyAdmin
tab database database servicedb s database database
information_schema database website cms database
-
7. virtual host default web server / folder /var/www/html
http://ccsweb.sut.ac.th/service url virtual host
http://service.sut.ac.th DNS Server ( Alias Cname web server) DNS
Server putty winscp login web server httpd.conf
(/etc/httpd/conf/http.conf) virtual host 0 section 3
### Section 3: Virtual Hosts # # VirtualHost: If you want to
maintain multiple domains/hostnames on your # machine you can setup
VirtualHost containers for them. Most configurations # use only
name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the
directives below. # # Please see the documentation at # # for
further details before you try to setup virtual hosts. # # You may
use the command line option '-S' to verify your virtual host #
configuration.
# # Use name-based virtual hosting. # #NameVirtualHost *:80
NameVirtualHost 203.158.4.124:80 # # NOTE: NameVirtualHost cannot
be used without a port specifier # (e.g. :80) if mod_ssl is being
used, due to the nature of the # SSL protocol. # # # Directives to
allow use of AWStats as a CGI #
# # This is to permit URL access to scripts/files in AWStats
directory.
# # VirtualHost example: # Almost any Apache directive may go
into a VirtualHost container. # The first VirtualHost section is
used for requests without a known # server name. # # # ServerAdmin
[email protected] # DocumentRoot
/www/docs/dummy-host.example.com # ServerName
dummy-host.example.com # ErrorLog
logs/dummy-host.example.com-error_log # CustomLog
logs/dummy-host.example.com-access_log common #
DocumentRoot /var/www/html/service ServerName service.sut.ac.th
ErrorLog logs/error_log CustomLog logs/access_log combined
-
restart service httpd apache #service httpd restart
url virtual host Web browser virtual host
monitoring
1. apache service httpd - #service httpd status -> httpd
#service httpd stop -> service httpd ( service ) #service httpd
start -> service httpd #service httpd restart -> restart
service httpd
2. Mysql service mysqld #service mysqld status -> mysqld
#service mysqld stop -> service mysqld ( service ) #service
mysqld start -> service mysqld #service mysqld restart ->
restart service mysqld
3 connection Mysql webmin connection Login webmin Web hosting IP
http://x.x.x.x:10000 login
- server -> Mysql Database Server
-
- Mysql connection
database web hosting connection ( restart service ) database
script spam
database 2012db table record database 2012db
-
4 process-cpu-memory # top -> process cpu- memory
top - 09:13:20 up 187 days, 8:36,1 user, load average: 0.43,
0.66, 0.61 09:13:20: server up 187 days : uptime ( boot OS ) 1
user: user login shell ( login + ssh terminal ) load average: 0.43,
0.66, 0.61: "" 1 , 5 15
2: process Tasks: 180 total, 1 running, 179 sleeping, 0 stopped,
0 zombie Tasks: 180 total : process 1 running : process CPU " " 179
sleeping: process / CPU 0 stopped : process "" 0 zombie: process
clear process hardware (
3: CPU cpu core cpu Cpu(s): 27.9%us, 7.2%sy, 0.2%ni, 57.4%id,
6.5%wa, 0.1%hi, 0.8%si, 0.0%st
-
Cpu(s) user :: CPU sy => system :: kernel kernel hardware ni
=> nice :: (priority) process priority cpu id => idle :: cpu
wa => iowait :: '' hardware harddisk ram hi=> hardware irq
(or) % CPU time spent servicing/handling hardware
interrupts
si=> software irq (or) % CPU time spent servicing/handling
software
interrupts
st=> steal time - - % CPU time in involuntary wait by virtual
cpu while
hypervisor is servicing another processor
4-5: Mem: 8310380k total, 4970936k used, 3339444k free, 217448k
buffers Swap: 6225904k total, 52816k used, 6173088k free, 3001860k
cached
Mem: 8310380k total: RAM OS () 4970936k used: "" 3339444k free:
() 217448k buffers: buffer / harddisk CPU Swap: 6225904k total:
swap space harddisk --- windows pagefile 52816k used: swap space ()
( iowait ) swap space
-
6173088k free: swap space 3001860k cached: file system memory
cache linux ram ram ( )
free + cached cache process
process () CPU process ()
PID : process id USER : user process PR : priority process nice
NI : nice process () VIRT : virtual image ( process library) RES /
SHR : private ( app) / shared (ram ) S : process %CPU : CPU ( core
) cpu 4 core + process 4 thread thread cpu 400 %MEM : ram % TIME+ :
"" CPU process ( process ) COMMAND : process
5 hard disk #df k #df h ->
-
6 . permission site permission Permission folder 755 files
644
Permission 755 Owner (files- folder) s read-write-execute
file-folder Group Owner s read-execute folder other () s
read-execute folder Permission 644 Owner (files- folder) s
read-write Group Owner s read folder -execute other () s read
folder -execute
*permission 777 file upload
permission ftp upload login file folder permission
-
7. record table script phpMyAdmin
database
database
record
-
table truncate ( backup ) s table s table
monitoring back up backup - source code - back up 8. google
webmaster tool google webmaster tool search engine Google
www.google.com/webmasters/tools login gmail account
8.1 add website login page google add website
-
8.2 verify site add website google verify site google download
generate ( google2723012dd79a4255.html) download ftp root directory
website verify
verify list dashboard
8.3 sitemap.xml Sitemap.xml website index page page sitemap
google sitemap sitemap http://www.xml-sitemaps.com free website
sitemap 500 page
-
url
start
-
upload sitemap.xml server FTP ( root directory ) google
webmastertool add sitemap
Download sitemap
-
google
current status - crawl error DNS
server - search queries google internet
keyword search search
- sitemap indexfile tool ranking tool feature hack , Phishing,
google